Notices by Karsten Johansson (ksaj@infosec.exchange)

@itsfoss Spawning huge numbers of superheros that all think they're better than the other superheros, and tell you at least twice daily what their superpower is that the others don't have (unless they purposely install it themselves of course). :ablobcatpeekbreadfast:

@itsfoss I used to do Forensics gigs (I'm pretty much retired these days), even though I have 11 years to go before it becomes official.

I was lucky (?) enough to be on a defendant's team, and got direct permission to do things most forensics teams cannot do at each stage of the way.

Without getting technical about it, it was abundantly clear the defendant was lying to us, and had actually re-installed their OS 3 times, with each time the evidence magically reappearing. I was also able to prove that there was no back door, and that everything dealing with the evidence was done from the GUI and not command line, and that a "shocking" amount of the activity happened when he was home alone.

Windows keeps track of recently opened files. Slackspace keeps those around a long time. Linux was happy to dig those things up flawlessly.

Given all the work I accomplished in the time allotted, there is no way I could have done it with Encase or any of the other court standards.

And the evidence was accepted, because it was easy to prove that the drive image was pristine and stayed that way throughout the investigation.

I think I should write a whitepaper about what I did on the case, because I've not seen the techniques described anywhere else. It's the only case I handled that particular way.

GNU/Linux made it slobberproof, and perfectly admissible in court. It helps that I found everything the police forensics had reported, and nothing conflicted. The fact that I found so much more than they did was pure gold.

@itsfoss And this is how we killall misbehaved child processes...

@itsfoss Ackshully I use Raspberry Pi OS, even on my desktop.

Mainly 'cos I use Raspberry Pi so much, and I like things to be similar throughout my environment.

And Raspberry Pi OS is a sort of underdog that a damn lot of people use, but never seem to get into these lists.

Incidentally, I also use Xonsh as my regular shell, so I don't really tend to follow the trends very well!

#raspberrypi #rpi #RaspberryPiOS #Linux #Xonsh

@itsfoss Alligator Pizza with Pineapple!
#pineapple #pizza #pineapple #apple #pen #ohcanada

@itsfoss Does the new Network Manager allow for static IP addresses? My ISP doesn't let you configure your own DNS (aka pi-hole) so I can't use dhcp.