Over the last few weeks Brett Shavers has been discussing how to publish DFIR research in a better way. I’ve been thinking about this from the academic side for a long time.
This is a reply or further discussion to @Brett_Shavers post Publish your #DFIR Research.
The Linking Organized Crime and Cybercrime conference starts in 3 days! (June 7th and 8th)
Introduction - the problem
Recently I’ve been doing a lot of large disk forensic imaging. I usually use Linux-based systems for forensic imaging. A normal case would be physical imaging of a source to an ext4 formatted destination. I would normally get about 120MB/s imaging speed, depending on the source disk.
Raspberry Pis are great for all sorts of information security related projects. They come with HDMI and USB ports, so it is easy to connect monitors and keyboards. Sometimes, however, you just need a shell.