As of someone who studies IT security, I'm SUPER into this! My goal is to soon continue my studies by some IT forensics. Its sooo exciting and looks incredibly fun. Hopefully get to work with the cops to bust some bad guys! ^~^ this was really inspiring and would soooo love more!
I am in the same boat. Currently going to start school in cyber security. I'll be taking a computer forensics course and I am excited about that. It would be cool to get a job in the police department busting bad guys. #cybermage
@@NightShooter87 Well, as a quick update. This was when i did my studies. now i work in an IT security company, pretesting websites on a professional level!
Wow YT failed me. I didn't get notify on this comment at all. Anyways, this highly depends on your local area. If you're going to a university then I highly suggest seeing if they simply have digital forensics classes. One thing I would suggest is if you are in an area with a community college. Check that first, and see if there is a 2x2 that will make it easier to get into the digital forensic classes in university. If you're wanting to do this for a living then you should study law. If you simply mess up on your paper work giving you're with something like the FBI. Then that can throw the entire thing you did out the door.
Thanks. BTW I forgot to add the following in the description. Videos: How to recover deleted data by forensic recovery: ruclips.net/video/4DD_Gx4HEx8/видео.html Are the things you delete really gone for good: ruclips.net/video/H4AJ1Qcb2cU/видео.html It's videos on how to get info back on deleted drives. For example, if you delete some pictures on accident. How to get the info back before it's fully gone.
Okay, this is extremely abbreviated. I guess I started the same way like you, in college. We also used Prodiscover. The very first thing that should be taught even before this presentation, is to secure the computer with a write blocker of the hardware variety (like a Tableau bridge) or within the Operating System (ex: the Windows OS registry). This is something that is ALWAYS done in the Computer Forensics profession.
Hi .. If you just plug in the data drive in question directly to the computer, would the hash value of the data not change leading to evidence tampering?
NP. If you have any questions then please let me know. BTW I'm thinking about doing some network engineering videos. If you have any questions on that, then please let me know.
Interesting stuff, I'm starting a computer forensics program in the fall (doing a bridge course now). Which school are you studying at if its okay to ask?
Best bet is magnets, physical destruction or formatting then completely filling the hard drive with data. For magnets, you need to place a fairly strong (large neodymium or electromagnet) directly on the hard drive. Data is stored in the form of magnetically polarized particles, a magnet of that size will immediately erase any and all data to the point at which the hard drive is unusable. To physically destroy it, you will need to shred the hard drive itself and then burn/melt it to prevent it from being pieced back together. To remove data and keep the hard drive usable, you'll need to first clear and *format* the hard drive, then completely fill it up with data, this overwrites anything that's actually left on it. Then you can wipe it again and do what you want with it.
Well this depends. If say the entire device itself is encrypted, then the first thing that would be checked is if there is any known group/company that can break into the device type. Like is there any software that has been proven? If there is currently no known company, then there would be some research done on if there is possible flaws and a message will be sent to the device manufacture (this would be done at the same time of sending a message to a company to break in because a manufacture getting in is far cheaper). Beyond that, there would need to be a look at the restrictions. Like you can try it x amount of times before it breaks. From there you would clone the device and run it through some programs to try to get in. On the side, you would research the owners of the device, and then try to figure out the password from there. During all of this, the cops would push for the person or company in question to give access to the device.
Th3 Tr1ckst3r from my understanding, the one I shown is popular. There is a number of others, but they all do mostly the same thing. However, some have extra features. From my understanding, this is what the fbi uses. it's also what I'm using in my class.
Godzilla san I'm not really sure what you're asking about. If you're asking can cops read a SD card that's been written over too many times. In theory yes. I've never done it myself so I can't say but there's nothing that I know would stop that's because you're just reading. Now with that being said, if you load the SD card with junk information over and over. That in theory should keep any information from getting out. With that being said, it should be noted that there is no hundred percent on anything
Craig Bennett II is there anywhere I could read the theory? You can read an SD card even if it's been written over something like 10 times? With hard drives, once the polarity has changed for the bits on the platter more than once, can you still find data?
Here is a article on the SD question www.tomshardware.com/news/solid-state-flash-translation-layer-NAND-FAST-11-Sanitization,12252.html As far as both storage types. If enough data is there, then you can rebuild what was there. The rebuilt data might not be 100% like the original. Like if you deleted a 4k video and overwritten it a few times. Giving you had enough to build off of it might not be 4k. But it might be 720 or 1080. Maybe lower. Think of it like those puzzles where you find the pattern. The puzzles like 1 2 4 ... 32 256 8,192 .... By using the info around it you can find what is missing. So the first ... will be 8 and the pattern in this case is the current number multiply by the last.
So does encrypted reformatting between full overwrites of the SD card make much of a difference? Over a long-ish period of time like a year. And does defragging a HDD multiple times across the same amount of time (or in general) make it more difficult? From my understanding continued heavy use of a drive also effects the integrity of deleted data? Thanks for the replies
Question 1: it can, but again there is no 100%. I would suggest physically destroying the SD card or SSD. An electrical shock to a SD should do it. If not, you can use a drill. Question 2: I wouldn't do that. It's easier to just bleach it in 1 sitting. I think I have a video on that. Question 3: It can. But it's better to bleach the data. Basically bleaching does that but loads it with useless data, deletes it, and keeps doing this for so many cycles. What most security places do if they are getting rid of devices like that is they use a drill. That or take it to a shredder if there is a lot of them. As for as encrypting. I wouldn't put a lot of faith in that. While it can help, the problem you will face is slow down and it's possible to crack it. For things like phones, I suggest before selling them you should encrypt them before wiping them. Oh and btw, don't worry about the questions. I'm actually about to start another hacking class in my uni. And I enjoy making hacking videos over all the others. If I get interesting questions on it or people have a hard time understanding it. Then I have no problem making videos to help people out.
As of someone who studies IT security, I'm SUPER into this! My goal is to soon continue my studies by some IT forensics. Its sooo exciting and looks incredibly fun. Hopefully get to work with the cops to bust some bad guys! ^~^ this was really inspiring and would soooo love more!
I am in the same boat. Currently going to start school in cyber security. I'll be taking a computer forensics course and I am excited about that. It would be cool to get a job in the police department busting bad guys. #cybermage
Fun? It's interesting but having to be assessed for mental well being on a regular basis is certainly not fun. Don't think you know what's involved.
@@NightShooter87 Well, as a quick update. This was when i did my studies. now i work in an IT security company, pretesting websites on a professional level!
Hey man I am in high school and trying to find what courses to take to get into digital forensics
Wow YT failed me. I didn't get notify on this comment at all.
Anyways, this highly depends on your local area. If you're going to a university then I highly suggest seeing if they simply have digital forensics classes.
One thing I would suggest is if you are in an area with a community college. Check that first, and see if there is a 2x2 that will make it easier to get into the digital forensic classes in university.
If you're wanting to do this for a living then you should study law. If you simply mess up on your paper work giving you're with something like the FBI. Then that can throw the entire thing you did out the door.
I like this type of content. 🖒
Thanks. BTW I forgot to add the following in the description.
Videos:
How to recover deleted data by forensic recovery: ruclips.net/video/4DD_Gx4HEx8/видео.html
Are the things you delete really gone for good: ruclips.net/video/H4AJ1Qcb2cU/видео.html
It's videos on how to get info back on deleted drives. For example, if you delete some pictures on accident. How to get the info back before it's fully gone.
Okay, this is extremely abbreviated. I guess I started the same way like you, in college. We also used Prodiscover. The very first thing that should be taught even before this presentation, is to secure the computer with a write blocker of the hardware variety (like a Tableau bridge) or within the Operating System (ex: the Windows OS registry). This is something that is ALWAYS done in the Computer Forensics profession.
Cops came over, they got a warrant: 😂😂🤣🤣😆😆
Hi .. If you just plug in the data drive in question directly to the computer, would the hash value of the data not change leading to evidence tampering?
Yes bro, very interested and thankful for the content. Give us more, who cares what the trolls think.
Very cool blue desktop you are using for the background for the video. What are you using to produce it?
Thank you for brief explanation, I was lost in class.
NP. If you have any questions then please let me know.
BTW I'm thinking about doing some network engineering videos. If you have any questions on that, then please let me know.
Running Windows you can type ".jpg" in search and every .jpg will be listed.
?
How do you get the image if their laptop or device is locked?
is it legal for someone who doesn't work at this job to download this program and investigates people?
Ya, anyone can download it. Just use it only on systems you own or have written permission to use it on
Interesting stuff, I'm starting a computer forensics program in the fall (doing a bridge course now). Which school are you studying at if its okay to ask?
Ecu
Cool! I'm going to Utica College, I love the material so far.
This worked for me as well! Thanks for the info.
What if you wanna delete and remove all this from the forensic
If your asking this isn't for you
Best bet is magnets, physical destruction or formatting then completely filling the hard drive with data.
For magnets, you need to place a fairly strong (large neodymium or electromagnet) directly on the hard drive. Data is stored in the form of magnetically polarized particles, a magnet of that size will immediately erase any and all data to the point at which the hard drive is unusable.
To physically destroy it, you will need to shred the hard drive itself and then burn/melt it to prevent it from being pieced back together.
To remove data and keep the hard drive usable, you'll need to first clear and *format* the hard drive, then completely fill it up with data, this overwrites anything that's actually left on it. Then you can wipe it again and do what you want with it.
What happens when you come across an encrypted device?
Well this depends. If say the entire device itself is encrypted, then the first thing that would be checked is if there is any known group/company that can break into the device type. Like is there any software that has been proven? If there is currently no known company, then there would be some research done on if there is possible flaws and a message will be sent to the device manufacture (this would be done at the same time of sending a message to a company to break in because a manufacture getting in is far cheaper).
Beyond that, there would need to be a look at the restrictions. Like you can try it x amount of times before it breaks. From there you would clone the device and run it through some programs to try to get in. On the side, you would research the owners of the device, and then try to figure out the password from there.
During all of this, the cops would push for the person or company in question to give access to the device.
@@TheAIKnowledgeHub A device running standard old ubuntu with luks encryption is pretty safe right? With a 20 Character Passphrase
What software/hardware do police use in a professional investigation? Anything specific?
Th3 Tr1ckst3r from my understanding, the one I shown is popular. There is a number of others, but they all do mostly the same thing. However, some have extra features.
From my understanding, this is what the fbi uses. it's also what I'm using in my class.
Craig Bennett II thanks.
So what happens when you take the platters out and scratch both sides with 40 grit sandpaper LOL let's see somebody recover data from that
What's the situation with overwritten and flash storage? (SSD and SD cards)
Godzilla san I'm not really sure what you're asking about. If you're asking can cops read a SD card that's been written over too many times. In theory yes. I've never done it myself so I can't say but there's nothing that I know would stop that's because you're just reading. Now with that being said, if you load the SD card with junk information over and over. That in theory should keep any information from getting out. With that being said, it should be noted that there is no hundred percent on anything
Craig Bennett II is there anywhere I could read the theory? You can read an SD card even if it's been written over something like 10 times?
With hard drives, once the polarity has changed for the bits on the platter more than once, can you still find data?
Here is a article on the SD question www.tomshardware.com/news/solid-state-flash-translation-layer-NAND-FAST-11-Sanitization,12252.html
As far as both storage types. If enough data is there, then you can rebuild what was there. The rebuilt data might not be 100% like the original. Like if you deleted a 4k video and overwritten it a few times. Giving you had enough to build off of it might not be 4k. But it might be 720 or 1080. Maybe lower.
Think of it like those puzzles where you find the pattern. The puzzles like 1 2 4 ... 32 256 8,192 ....
By using the info around it you can find what is missing. So the first ... will be 8 and the pattern in this case is the current number multiply by the last.
So does encrypted reformatting between full overwrites of the SD card make much of a difference? Over a long-ish period of time like a year.
And does defragging a HDD multiple times across the same amount of time (or in general) make it more difficult? From my understanding continued heavy use of a drive also effects the integrity of deleted data?
Thanks for the replies
Question 1: it can, but again there is no 100%. I would suggest physically destroying the SD card or SSD. An electrical shock to a SD should do it. If not, you can use a drill.
Question 2: I wouldn't do that. It's easier to just bleach it in 1 sitting. I think I have a video on that.
Question 3: It can. But it's better to bleach the data. Basically bleaching does that but loads it with useless data, deletes it, and keeps doing this for so many cycles.
What most security places do if they are getting rid of devices like that is they use a drill. That or take it to a shredder if there is a lot of them.
As for as encrypting. I wouldn't put a lot of faith in that. While it can help, the problem you will face is slow down and it's possible to crack it.
For things like phones, I suggest before selling them you should encrypt them before wiping them.
Oh and btw, don't worry about the questions. I'm actually about to start another hacking class in my uni. And I enjoy making hacking videos over all the others. If I get interesting questions on it or people have a hard time understanding it. Then I have no problem making videos to help people out.
Thanks for the video.
What college did you attend and was it hard?
It was a public university, and it wasn't hard depending on the class
How can Computer Forensics
help us to better protect personal information?
forensics is specifically to uncover protected information, this doesnt help secure information lmao ..
@@selfactualizer2099 according to my professor it does.
Keep this content coming.
Where can I download this
This shit is scary:/
yes!
go deeper
Hello. Have you a contact email? Thank you.