Subscribe: CyberSpeak's Podcast
Added By: Feedage Forager Feedage Grade B rated
Language: English
bret ovie  bret  computer  cyberspeak  discuss  email  forensic  forensics  interview  new  ovie  show  talk  web  week 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: CyberSpeak's Podcast

CyberSpeak's Podcast

Published: Thu, 16 Mar 2017 00:17:09 +0000

Last Build Date: Tue, 23 Jan 2018 13:22:46 +0000

Copyright: fairuse

HackerNinjaScissors - Lauren Pearce - Journey of a Malware Analyst

Thu, 16 Mar 2017 00:17:09 +0000

HackerNinjaScissors --  With Bret Padres.

Today we talk with Lauren Pearce - a member of the IR team and a malware analyst for Los Alamos National Labs.  Lauren shares with us her journey to become a malware analyst and talks about the importance of flailing and mentorship.

I have a few free tickets to give out, so let me know if you want free tickets to the 2017 Incident Response Forum on April 4th, 2017, at the Mayflower Hotel in Washington DC.  

More info here -> and use Speak100 for $100 off the ticket price.

Crypsis is hiring talented IR consultants!!  Apply on our website:


Media Files:

HackerNinjaScissors - Robert M Lee - Cyber Threat Intel

Sat, 04 Feb 2017 08:52:51 +0000

New show in the Feed!

HackerNinjaScissors --  With Bret Padres.

New CyberSpeak Podcast reboot in the works.  In the mean time check out this new show.

In the inaugural show of HackerNinjaScissors, Bret Padres interviews Robert M Lee.

Robert M. Lee is the CEO and Founder of the critical infrastructure cyber security company Dragos where he has a passion for control system traffic analysis, digital forensics, and threat intelligence research. He is also a non-resident National Cybersecurity Fellow at New America focusing on policy issues relating to the cyber security of critical infrastructure. For his research and focus areas, Robert was named one of Passcode’s Influencers, awarded EnergySec’s Cyber Security Professional of the Year (2015), and inducted into Forbes’ 30 under 30 for Enterprise Technology (2016).

Links mentioned in the show:

- @RobertMLee
- @_LittleBobby

Media Files:

CyberSpeak Aug 31 2015 - SRUM

Sun, 30 Aug 2015 21:43:31 +0000

CyberSpeak is BACK and we hope to publish a monthly podcast (more if I'm lucky).

This episode on CyberSpeak we briefly discuss possible implications to U.S. forensicators with the release of the Ashley Madison database (hopefully not). We also have a great interview with Yogesh Khatri, an assistant professor at Champlain College and a security researcher about the SRUM or System Resourse Usage Monitor forensic artifact. Website of the week: Has your email been Pwned? Check it out here -> Have I Been Pwned

Media Files:

CyberSpeak Feb 18, 2013 - Recon Mission

Mon, 18 Feb 2013 00:13:00 +0000

This episode of CyberSpeak we conduct recon on Mark Spencer and his new Windows registry analysis tool Registry Recon.  Mark is the President of Arsenal Consulting.  This new registry tool could change the way we analyze the Windows registry.  No longer will you be satisfied just looking st the current/active registry.   

Media Files:

January 2013 CyberSpeak - Solid State Hard Drives Interview w/James Wiebe

Sat, 02 Feb 2013 23:48:00 +0000

Happy 2013!  I'm back and going to try to start getting some more shows out for you. This show we talk to James Wiebe, Director of Foensic Business Devleopment at WiebeTech about solid state hard drives, his research and the forensic implications. Email me at cyberspeak at gmail dot com if you have some suggestions for future show topics you want to hear.

Media Files:

CyberSpeak May 7, 2012 - Volume Shadow Copies

Tue, 08 May 2012 00:30:00 +0000

This episode we discuss running AV and malware detection software on your forensic workstation and have an interview with Corey Harrell and discuss analyzing Volume Shadow Copies.  

Media Files:

CyberSpeak - Special New Tool Release

Thu, 01 Dec 2011 11:57:00 +0000

This special episode of CyberSpeak is an interview with Ken Privette with NUIX about their new tool release this morning called Proof Finder.  They are releasing 1,000 copies for $100 each of this new tool. Go get a copy before they are all gone at This special limited edition tool is limited to 10G of data. What does 10G of data look like, Nuix says it is an average of 241,165 Emails or 20333 Documents or 7069 Spreadsheets or 25514 Images. It can ingest all major forensic images (E01, DD, etc)

Listen to the show for more details.  100% of all sales go to charity "Room to Read", an organization that works in collaboration with communities and local governments in developing countries to develop literacy skills and a habit of reading among primary school children, and support girls to complete secondary school with the life skills they’ll need to succeed in school and beyond.

ALERT-Download and install on the computer you want it registered to.  Initial installation will lock it to that computer.

Media Files:

CyberSpeak Sep 26 2011 Registry Decoder

Mon, 26 Sep 2011 00:36:00 +0000

This week on CyberSpeak I interview Andrew Case, one of the developers of Registry Decoder, a National Institute of Justice sponsored application. Find it at

Media Files:

CyberSpeak August 28 2011

Mon, 29 Aug 2011 00:25:50 +0000

This week on CyberSpeak, a quick thanks to everyone for pitching in on the ForensicsWiki - I saw over 100 new entries on everything from Sticky notes, mounting images, jump lists to people's BIOS.  Jim Emailed asking who the mystery voice was in out CyberSpeak Sweepers - Karl over from CyberCon Security Solutions said wrote in to say he just ran across this site today and thought it might be a great resource for the listeners.  It is not focused on Cyber Security but the concepts are the similar to help prepare for trial.  LAW 101: LEGAL GUIDE FOR THE FORENSIC EXPERTShout out to Charles.  Finally, Loren Wrote in and said during the interview, Keith Jones mentioned preparing for court by asking others for their opinions. Are there any ramifications of bringing others into the case like that? 

In the News, Google, The Company with the motto - DO NO EVIL - agreed to forfeit $500 million to the U.S. Government for allowing -- and assisting in many case -- online Canadian pharmacies to place AdWords ads targeting customers in the United States resulting in the unlawful importation of controlled and non-controlled prescription drugs into the United States.  

This weeks interview is with Chris Pogue, Mr. Sniper Forensics!

Thanks to Dan Website of the week is Workflowy 

Media Files:

CyberSpeak August 21, 2011

Sun, 21 Aug 2011 21:25:44 +0000

CYBERSPEAK Notes - Aug 21st, 2011 Administrative I attended a nice Apple Forensic Event this week in Reston VA - Saw a lot of friends and had a good time.  Ryan gave a great presentation on Apple forensics.  Ryan runs the  Paraben's Forensic Innovation Conference  PFIC is fast approaching and you know, it's becoming one of the the must attend conference each year for digital forensic and eDiscovery professionals. This year, there are seven pre-conference bootcamps that are included in your conference registration fee of $399.00. You can attend any single bootcamp and then the rest of the conference tracks and labs for this rate.  This is all being brought to you by our friends over at the Paraben Corporation (Amber Schroader).  You can register by heading over to - We all should go check this site out, sign up for an account and start contributing.  This is the way we can all give back to the community.  Write a How-To or something to give back to the forensic community.  Listener Email - Richardo from Navada Concerned about those performing collateral duty of doing digital forensic examinations.  Frustrated to read article after article in digital forensic publications that cover the deconstruction of a complicated piece of malware. he would rather have articles that rehashed digital forensic basics and covered free automated/low cost tools that help me do my job efficiently and reliably. News- London Police are using Flicker to allow the public to help identify people involved in the looting following riots in London.   INTERVIEW - Welcome back to the show Drew Fahey, VP of Products at Blackbag Technologies.  Web Sites of the Week- - A guide to FaceBook Security KEEP THE EMAILS COMING to[...]

Media Files:

CyberSpeak August 15, 2011

Mon, 15 Aug 2011 00:12:00 +0000

This week on CyberSpeak, Luby and Jared Save the GMail Planet, Detective Garcia uncovers Fraud on Sesame Street.  Congrats to the Secret Service and FBI on a great investigation of a 26 year old Brooklyn man who plead guilty in U.S. District Court in Alexandria, VA for his role in managing a credit card fraud operation that operated throughout the East Coast of the United States. California Prosecutors will not file charges against Gizmodo for its purchase of an iPhone 4 prototype (boo).  Interview this week is Keith Jones, Co-Owner and Senior Partner at Jones Dykstra and Associates Inc., about the do's and don'ts of testifying.  Tech topic, MoonSol's Dumpit released for FREE.  Perfect for imaging RAM on 32 or 64 bit Windows System.  It just does not get any easier than this-Check it out.  Web pick of the week is KEEP THE EMAILS COMING! [...]

Media Files:

CyberSpeak August 8 2011

Mon, 08 Aug 2011 10:23:56 +0000

Chris Hanesn caught cheating...on his mistress Launch of the CDFS, DFirst starts this week and more.

Media Files:

CyberSpeak July 18, 2011

Mon, 18 Jul 2011 03:54:00 +0000

A quick show with George Starcher discussing his experience with password cracking using Access Data’s DNA and Amazon’s Elastic Compute Cloud.  Check out his video tutorials at  We also discussed his Crowbar tool,,

Web picks of the weeks are and

Media Files:

CyberSpeak-Forensics and the 4th Amendment

Sun, 26 Jun 2011 22:59:00 +0000

This week on CyberSpeak, a listener alerted me to my faux pas with the names on the Casey Anthony case, the two that testified about computer forensics were Sandy and Kevin (not Steve) and of all things, I called the Bresident of Access Data Brian Carrier instead of Brian Karney. Sorry guys!

This weeks interview of Josh Goldfoot, an attorney and author of the recent paper titled ”The Physical Computer and the Fourth Amendment” published in the Berkley Journal of Criminal Law.  This paper discusses how the forth amendment applies to computer forensics and how we may be hurting ourselves by using certain words and explanations.

Web site of the week is a neat little web browsing and twitter application called A+ that give you your feeds on the left and browser on the right. Click on any twitter message the web page they linked to shoes up in your browser window automatically.  Check it out at

Media Files:

CyberSpeak June 20 2011

Sun, 19 Jun 2011 21:42:00 +0000

This week (OK, this quarter) on CyberSpeak, FTK 4 coming out using Postgres database rather than Oracle. During listener email we discuss if special language is needed for search warrants when collecting volatile data, imaging RAM or conducting on scene triage. Imaging SSD drives using the WinFE boot disk solution ( and a shout out to Sandy and Steve for their great testimony in the Casey Anthony trial. Check it out at on Day 24 segment 4-6. In the news, A computer repairman was arrested for allegedly planting spyware on dozens of computers he fixed and remotely taking hundreds of photos of women in their homes partially clothed or naked. If you see the message "You should fix your internal sensor soon. If unsure what to do, try putting your laptop near hot steam for several minutes to clean the sensor." DONT take your laptop into the shower. Check it out at I got fooled into readng an article because of a Miss-leading article about Seals using forensic tools on Osama Bin Ladin's compters. Interview this week is with Mike and Mike about Carbon Black. An absolutly MUST read article "The Physical Computer and the Fourth Amendment" by Josh Goldfoot. Awesome document that is Brilliantly referenced. It is a long read but a MUST read. We will discuss next week. Read up before next podcast (who thought you would get Home Work from CyberSpeak?). Website of the week: Steve Gibson’s password checker – how long would it take to crack your password and the best HTML5 webpage I have seen. Check out this personalized music video staring any address you tell it to. I will be teaching another SANS 408 Forensics-Windows in Depth VLIVE course starting Tuesday August 23rd (Every Tuesday and Thursday Night for 3 hours a night) DONT FORGET TO USE OUR DISCOUNT CODE OF COINS-OC for 10% off. But wait, sign up before this week, before June 22, you can get a 16 gig iPad2. The codes are 0526_iPad2BLK (for a black iPad) or 0526_iPad2WHT (for white) [...]

Media Files:

CyberSpeak April 5, 2011 Watch out, Here Comes the Garbage Collector

Tue, 05 Apr 2011 21:54:00 +0000

Interview with Scott Moulton, leading forensic authority on Solid State Drive Forensics

Media Files:

CyberSpeak Jan 16, 2011 - Prefetch Yourself

Sun, 16 Jan 2011 15:16:00 +0000

FREE 16Gig IPADs for everyone!!! Have I got a deal for you.  Have you experienced a feeling of inadequacy?  Feel like you're not in the "In Crowd"?  When sitting at a Starbucks, on the metro or just lounging around the house, do you feel like you could be so much more productive but something's missing.  Don't despair, SANS is coming to the rescue.  That's right, book your SANS 408, 414, 560 Class or ANY 4-5-or 6 Day course offered via ONDEMAND now through February 2, and receive a FREE 16GB WiFi enabled iPad(TM). I am teaching SANS FOR408: Computer Forensic Essentials vLive! course starts March 1 and meets Tue/Thu evenings  So what do you call yourself?   A computer/Digital Evidence forensic technician A computer/Digital Evidence forensic examiner A computer/Digital Evidence forensic analyst A computer/Digital Evidence forensic expert We need to define these terms. Paraben has released a new version of P2 Commander. Version 1.7 now supports Mac file format as well as vmWare and VirtualPC images. Users will notice an increase in the speed of processing evidence in v1.7. visit Mark Wade is a Digital Forensic Analyst with Harris Corporation (Crucial Security Programs), performing digital forensics for a Federal Law Enforcement agency as a government contractor. permits law enforcement officers, approximately 90 minutes after lawfully arresting a suspect and transporting him to a detention facility, to conduct a warrantless search of the text message folder of a cell phone they take from his person after the arrest. Web site of the week is  - Free Online password manager for groups   [...]

Media Files:

CyberSpeak November 16, 2010

Tue, 16 Nov 2010 04:04:00 +0000

Last show for two weeks. I'm traveling to Bangkok and Singapore.  See you in 2 weeks. Send me Email.

Media Files:

CyberSpeak November 8, 2010

Sun, 07 Nov 2010 18:25:00 +0000

This week we have interview with Kristinn Gudjonsson, developer of Log2TimeLine.  Kristinn gives us an update on what is on the road ahead for Log2TimeLine.  In Listener Email Joe from Northeast Wisconsin Technical College wrote in to say that blanking the password or even cracking the password is possible without the LiveView LE version.  Luby Wrote in to tell how much he enjoyed SANS 508 and learning about SuperTimelines. Luby also explains how open wireless access points can eliminate the threat of Firesheep. We also give Luby a “special ringtone” for his wife’s phone.  In News we talk about an iPhone bug and an vulnerability to PayPal’s app that could cost you money.  In Legal News, 2 cases send criminals to jail. Tech Topics cover Windows LNK files and the Web Site of the Week is a Qwiki 


Media Files:

CyberSpeak November 1, 2010

Sun, 31 Oct 2010 23:19:00 +0000

This week on CyberSpeak we have listener email, an interview with Raphael Bousquet, CTO and Co-Founder of ADF Solutions , Web site of the week is a real productivity app called Rescuetime.  P.S.  Sorry for the slight audio problem, I accidentally turned up my gain knob on my mixer.  George did his usual magic to fix it. One, last thing, Rob lee and SANS provided a 50% discount code for LOCAL LAW ENFORCEMENT ONLY, good on any SANS training class.  Listen to the show for the code....and no, they do verify so ONLY Local LE can use it. 

Media Files:

CyberSpeak October 25, 2010

Sun, 24 Oct 2010 21:37:00 +0000

This week on CyberSpeak, I discuss the leak of another 400,000 classified military documents by Wikileaks. I also discuss listener email where we have comments about Mount Image Pro's Virtual Forensic Computer (VCF) and what it does that FTK Imager and Live View do not do.  This weeks interview is with Sean Morrisey, the Managing Director of Katana Forensics, maker of the iPhone Forensic Software called Katana.  Also discuss Katana's new Hammerhead program to monitor blackberry phones.  Also, this week I briefly discuss the forensic implications of the new Mac Book Airs.  I also talk about Eddie Sheehy's article on DFI News web site titled 5 Ways to Increase Efficiency of Digital Forensics .  I also give out a 50% discount code to SANS training classes. My web pick of the week is Team Viewer.  This is a web site that will help you control computers across the network when you are helping friends or giving presentations.  

Media Files:

CyberSpeak Oct 18, 2010

Sun, 17 Oct 2010 09:30:27 +0000

Hey Gang, we are back.  Thank you for your patience.  Bret and I have both been traveling so much and been so busy but we are back and it feels good.  Now, fire up those email clients and send us emails about what you want to hear about, who you want interviewed and what technology you want to know more about.  We live off YOUR emails so what are you waiting for. 

This week, I discuss Access Data's two new products.  Web sites of the week include and  Check them out if you are looking for info on someone. 

Media Files:

CyberSpeak May 24 2010

Sun, 23 May 2010 09:00:00 +0000

This week on CyberSpeak we interview Sam Guttman, President of the Digital Forensics Certification Board, an international vendor neutral computer forensic certification authority.  We also discuss listener email, cell phone spyware, upcoming SANS Forensic Summit, SANS Fire in Baltimore and a listener taught SANS CISSP course.  Don'f forget to user your CyberSpeak DISCOUNT CODE of "COINS-OC" for 10% off any SANS course.

We also start a dialog on the future of expectation of privacy in this world of social networking where everyone is telling everyone where they are, what they are doing, etc. Is this going to change privacy laws.  Also, what are YOU doing about identifying "Cloud" evidence during an investigation.  Web sites of the week: and

Media Files:

CyberSpeak April 19 2010

Mon, 19 Apr 2010 01:26:00 +0000

In this weeks show we have an interview with NICK FERNEAU, developer of Skypx, a free utility that recovers Skype artifacts from RAM images, a discussion about the possibility of a surgical imaging rather than whole disk imaging, British spies have reportedly discovered FEMALE suicide bombers are being fitted with exploding breast implants and Reintoxication.  Web Sites of the week have an email tracking theme with;; and

Media Files:

CyberSpeak April 4, 2010

Sun, 04 Apr 2010 15:46:00 +0000

Listener Email - Thanks to all for the great feedback on the Internet Predator Tracker interview. Also, Timothy, who clearly does not know us because he started his email "Hello GENTLEMEN".  Just kidding, keep the emails coming.News and CommentaryAaron sent us an interesting link to an article from the Times Argus discussing forensics and the backlog.Bret and I discuss a really interesting ruling from the Canadian courts on computer forensics.  This is a long read but some very interesting reading. Check it out here.Exclusive InterviewToday we have an interview with Kristtinn G who works for a company called Skigner in ICELAND and in Kristinn in collaboration with Rob Lee, or friend from SANS and former OSI colleague created a wonderful new tool called Log2Timeline.  You don't want to miss that interview because if you are not using Log2Timeline you are missing the boat in forensic analysis of Windows based systems.  Legal NewsWell, look above about the Canadian Court Ruling on computer forensics.  We think that is enough legal today.Website of the WeekOvie recommends taking a look at the new Microsoft MESH ( to help sync all your files across all operating systems ANDOvie took the no texting while driving Oprah Pledge and challenges YOU ALL to take it too. Check it out here and save a life. Bret recommends this website to test your browser performance.[...]

Media Files:

CyberSpeak March 21, 2010

Mon, 22 Mar 2010 18:36:00 +0000

Ovie's SANS Forensic 408 class is coming up in Nashville, TN on May 3-7. If you're staying at the Marriott be sure you use the CyberSpeak Discount, COINS-OC.

Listener Email
 - Luke sent us a photo showing him listening to the podcast from his Blackberry while on the beach in Miami
 - Aaron, thanks for the email alerting us about the webpage
 - Sorry we broke your CyberSpeak mood in the last show!
 - Paul wrote us to say that while drinking his Shamrock Shake, Ovie scared the crap out of him when he screamed
 - Bobby wrote in to tell us about his new Pro-Lite 2 from Amazon. Let us know how it works out Bobby!

News and Commentary
Snowball the Cat Helps Solve Murder Mystery
A murder suspect was caught based on cat fur picked up while at the victims house.

A Ex-Employee in Texas Remotely Disables Customer Cars
A man fired from a Texas auto dealership used an Internet service to remotely disable cars and set off car horns of more than 100 vehicles.

Exclusive Interview
Today we have an interview with Joe Seanor, a former Senior AOL Investigator.  Joe has developed the Internet Predator Tracker  software.  Joe spent 10 years with the CIA and also 7 years with AOL in investigative roles.  Now he has developed a number of pieces of software to aid investigators in keeping notes on Internet investigations.

Legal News
U.S. v. McAteer, 2010 WL 551412 (D.N.J.)
After obtaining consent, two FBI agents searched a suspect computer for child pornography.  After a "preview scan" failed to turn up any evidence, the suspect gave consent for a manual search.  During trial the defendant moved to suppress CP discovered during the manual search on the grounds that it exceeded the consent.  The court, however, disagreed and found the defendant's consent not so limited.

Website of the Week

Media Files:

CyberSpeak February 28, 2010

Thu, 04 Mar 2010 07:19:00 +0000

- Bret talks about his new toys
- Ovie flees the country, again

News and Commentary
New Britain Youth Bureau Gets Conviction
After a two year long investigation, two individuals have been sentenced to jail time for child molestation.

Via Forensics Released Android Forensics Application
Via Forensics has released a beta version of its open source Android Forensics application.

Exclusive Interview
This week we speak with Christa Miller about the need for law enforcement and digital forensics specialists to manage their online resumes. With so many different social networking sites, it's important that they all appear consistent in voice and purpose.

Tech Topics

FreeBSD Tips on SANS Forensic Blog
Hal Pomeranz has a great post on the SANS forensic blog detailing tips for how to conduct a forensics investigation against a FreeBSD system.

FireFox Internet History Analysis
A new FireFox Internet history analysis program, dubbed FoxAnalysis, has been released.  This software purports to gather all kinds of interesting goodies from FireFox history files.

Website of the Week - Randomly generated passwords (Thanks Ralph)
Read It Later - Keep a list of web pages your want to read from your computer or iPhone
InstaPaper - Allow you to read a webpage later from your computer, Kindle or iPhone
Gazelle - Get cash for your old gadgets

Check out our iPhone App!

Media Files:

CyberSpeak Febuary 21, 2010

Mon, 22 Feb 2010 06:24:58 +0000

- Check out our iPhone App on the Apple App Store.

Listener Email
 - Darrell asks how to build your forensics business
 - Bobby wants to know what computer bag Ovie recommends, check out the Brenthaven Prolite II

News and Commentary

Craig's List Rapist
Former boyfriend posts an ad on Craig's List pretending to be his ex-girlfriend and leads viewers to believe the female is asking to be raped. One individual then broke into her home and raped her in response to the ad.

Online Personal Information Security
Bret and Ovie discuss a number of websites related that give people a little too much information on where you are.

Non-Metadata Clues in Video and Audio Files
Remember to look beyond the metadata when looking at audio and video files. An FBI investigator reviewed 14 video tapes and found evidence that lead to a sexual abuse conviction.

Exclusive Interview

This week we speak with Sean Morrissey of Katana Forensics.  Katana produces forensic imaging software for the iPhone called "Lantern."  The Lantern software is a Mac based tool that purports to provide a "legally defensible forensic methodology for the iPhone."

Website of the Week
CyberSpeak iPhone App
David Kovar's Blog

Media Files:

CyberSpeak February 7, 2010

Sun, 07 Feb 2010 17:24:00 +0000

Listener Email
 - Aaron sends us to tell about using Stitcher feed
 - Paul writes to ask how someone without forensics background should go about starting out. Ovie and Bret give some pointers.
 - Ovie is starting a SANS vLive course on June 8th!

News and Commentary
GPS Forensics Used to Find Body
A fugitive wanted for questioning about a number of murders committed suicide before law enforcement officers were able to find the bodies of the victims.  Using computer forensics, however, the officers were able to recover GPS data and locate the remains.

Exclusive Interview
Todd Shipley, president and CEO of Vere Software speaks to use about looking into the cloud to find forensics data.  He speaks to use about products from his company to assist in capturing this kind of evidence.

Website of the Week
CrowbarPGP  - A new tool by George Starcher to brute force PGP passphrases
DigitalCertainty.Biz - WiFi Investigator to identify the location of WiFi devices

Media Files:

CyberSpeak January 31, 2010

Sun, 31 Jan 2010 17:52:00 +0000

DoD CyberCrime Conference was last week in St Louis MO and was their biggest event ever with over 1100 attendees, 175 presentations and 15 simultaneous tracks. Check out the SANS website ( for the SANS 2010 Orlando coming up March 6-15.

News and Commentary
SanDisk Corp and Verbatim join Kingston in a Crypto No-no
A hole found in the AES-256 encryption on USB flash drives from these three companies allows unauthorized access to the devices without knowing the password.

Creedent Finds 4,500 Drives Sent to Dry Cleaners
UK based company Creedent finds large amounts of devices left in pockets of clothes sent to dry cleaners and left behind in taxis.

Exclusive Interview
Robert Botcheck, founder and owner of Tableau, joins us today.  Tableau, makes some of the most popular and reasonably priced write-blocking devices.  Their newest product is a software imaging program that promises such features as multi-threading and sequential scheduling.  Check out the interview for more information.

Website of the Week
 - The Macintosh Forensics Podcast

Media Files:

CyberSpeak January 24, 2010

Sun, 24 Jan 2010 12:57:00 +0000

This week on CyberSpeak, Bret or Ovie are both regretful that they are not going to the DoD CyberCrime Conference. CyberSpeak is not on STITCHER. Now you can listen to the latest show, on demand from your cell phone. You can also go directly there by going to this link Bret and Ovie briefly discuss Apple's big announcement, everyone is thinking it is the ipad/slate. Bret says he don not know exactly what it is but he is getting one....with his wife's permission. 
Listener Email - Tom sent us an email saying : Hi fellas, and suggest we check out his UK forensic blog called Happy as a Monkey
In the news, Forensic Focus have compiled a directory that details all the academic institutions worldwide that offer computer forensics courses.  We discuss an interesting murder trial in Waco TX that has some great forensics work, nice job to the forensic examiner, Neal Kersh. We also discuss a Twitter Jokester being banned for life from an airport after twittering "Robin Hood airport is closed," he wrote. "You've got a week and a bit to get your shit together, otherwise I'm blowing the airport sky high!!" We also talk about Secretary of State Hillary Clinton's speech last week where she said that her department will introduce several initiatives aimed at fighting Internet censorship. Clinton said: âThose who disrupt the free flow of information in our society pose a threat to our economy, our government and our civil society. Countries or individuals that engage in cyber-attacks should face consequences and international condemnation.â Last, we talk about the latest Microsoft vulnerability that affects all 32 bit versions of Windows 7, Vista, XP, 2000, and Server 2003 and 2008.
Our Web Sites of the week are and

Media Files:

CyberSpeak January 17, 2010

Sun, 17 Jan 2010 18:48:00 +0000

Listener Email

 - PGP released PGP10 with one license for all operating systems
 - Expunging data vs destruction of data
 - Reaction of the industry to push-button tools like Paraben's Porn Detection Stick

News and Commentary

Google Grows a Pair
Last week brought computer security into the spotlight when Google announced it was no longer going to abide by the Chinese censorship rules and might be pulling out of China all together.  This news was closely followed by reports that Google, and many other US companies, had their computer networks compromised by agents of the Chinese government.

Exclusive Interview
Didier Stevens joins us this week to talk about some of his recent forensic tools and research, including the changes to the UserAssist registry keys in Windows 7 and his malicious PDF tools.  He speaks about some of his other tools like his SafeMode restore tool.

Website of the Week
L5 Technology

Media Files:

CyberSpeak January 3, 2010

Sat, 02 Jan 2010 20:02:00 +0000

Thanks for all the Decaf feedback

News and Commentary
Digital Forensic Research Challenge

Results are in from the DFRWS Forensics challenge. This year contestants look at forensics of a Sony Playstation.

GSM Vulnerability Released

At the recent 26th Computer Chaos Conference Chris Paget and Karsten Nohl presented a new crack in the GSM armor. By using an equivalent of rainbow tables they can economically crack GSM encryption.

Exclusive Interview
Ovie interviews CEO of Paraben Forensics, Amber Schroader.  Schroader talks about and what's going on at Paraben and what we have to look forward to!

Website of the Week
iFixIt.Com - Repair manuals, now for FREE!

Anti-Forensics for Mac OSX from BlackHat DC

Media Files:

CyberSpeak December 20, 2009

Sun, 20 Dec 2009 16:25:00 +0000

Listener Email
- Lots of email this week regarding the DECAF product and Interview
- Ovie is not against transparency, just wants responsible disclosure

Exclusive Interview
Michael, one of the creators and developers of DECAF product spills the beans to Ovie.

News and Commentary
There's been a lot of coverage of this, most of it bad. But we've compiled a list of accurate stories for ya:
    - Lots of media coverage, most bad, but a few good sources:
    - Harlan Carvey's Windows IR
    - Forensics Focus
    - Digital Forensic Investigator
    - Praetorian Prefect
        - Reactivating DECAF in two minutes

Collection of Evidence From the Internet
Todd Shipley over at DFI News has a great article about collecting evidence from the Internet.

Scientific Working Group on Digital Evidence (SWGDE)
The folks over at SWGDE have done some great work on creating standards and strenthening the handling of digital evidence.  Check out their recommendations and responses to other industry movments at their website.

Also check out the Forensics Certification board at

Website of the Week
 Ovie: - Best free way to manage your money. Basically an online Quicken
 Bret: - Great resource for forensic news

Check out Friends in Tech's Geek Christmas Story!

Media Files:

CyberSpeak Exclusive Decaf Interview

Thu, 17 Dec 2009 18:04:00 +0000

Full interview of Developer of Decaf

Media Files:

CyberSpeak December 13, 2009

Sun, 13 Dec 2009 14:04:00 +0000

Only 9 shopping days until Christmas!!. In today's show Ovie lets slip details from his latest incident response job, Bret interviews Simson Garfinkel, and lots of great forensics talk. And at the end, Ovie tells you how you can save your marriage! Website of the Week Ovie: - Check out great holiday romance ideas Bret: Check out the Digital Forensics wave on Google Wave, search for "with:public forensics"

Media Files:

CyberSpeak December 6, 2009

Sun, 06 Dec 2009 14:53:00 +0000

Show Notes for December 6th 2009, we have a great show for you today. Today we have an interview with Brian Karney the COO of AccessData.  Brian talks with us about FTK 3.0 and support for Helix.

Ovie makes a stunning confession, listener email, new important changes to Rule 41 of Search and Seizure, Passware Kit 9.5 Decrypts BitLocker Hard Drives, Supports PGP, and Windows 7.

Web Sites of the Week: - great resource for legal cyber information

Media Files:

CyberSpeak November 29, 2009

Tue, 01 Dec 2009 14:08:00 +0000

CYBERSPEAK Notes - November 29, 2009 This week in Listener Email, we talk about an alternative way our friends in DOD can listen to the show - Just call (510) 495-6339 and you will hear the latest podcast over the phone. Twitter as a life line for information during Ft Hood shooting, more on Internet connected jury members and online recon when choosing juries. In the news we discuss Virus planting porn and there is nothing wrong with working with defense. This weeks Interview with Drew Fahey - formerly from e-Fense, maker of Helix, now with BLACKBOX. **************Web Sites of the Week: Ovie: - A great public speaking website Bret: - listen to any song full time Â

Media Files:

CyberSpeak November 14th 2009

Sun, 15 Nov 2009 02:00:00 +0000

Welcome to CyberSpeak, your computer forensics, computer security, and computer crime podcast.  I am Ovie Carroll, and I am Bret Padres, today is November 14st 2009, and we have a great show for you today.  We have a short show for you this week.  Ovie's on vacation but we are trying not to miss another week so we thought we would bring you a shorter show rather than missing a week.

That's right, as we speak I am touring around in the mountains of North Carolina and Tennessee.  me the wife and the dog  

**************Listener Email
Jim - What affect do you see the buzz word "Cloud Computing" having on computer forensics.
Incident Response
Identify Social Networking, chat clients (twitter and others) web based email, file storage space, etc
identify and issue preservation order

The Texas Department of Public Safety plans to reduce its "unacceptable" backlog of computer examinations that are crucial in child pornography investigations, agency Director Steven C. McCraw announced Wednesday.  Currently, 45 examinations are pending at the crime lab, and about half of those involve possible child pornography, according to DPS.
Each examination takes 30 days to several months, depending on the caseâs complexity.

The agency has not set goals on how quickly it hopes to complete examinations because each is different, said Tom Vinger, a DPS spokesman.

Some agencies are actually outsourcing some of their forensic work which i think can be a good thing.


**************Tech Topics  

File Saving saving process.
See Documentation at the following links:

Documentation of Creating File 1

Documentation of Creating File 2

See Chart of File Creation

Watch the movie of how I did it.
**************Web Sites

Media Files:

Cyber Speak November 7, 2009

Sun, 08 Nov 2009 13:47:00 +0000

Today on Cyberspeak we have an interview with Matt Shannon from f-Response about the new, soon to be released Tactical edition of f-Response. Ovieâs on Google Wave - but no one else is. Listeners email, Windows 7 sold over 200% more in first week of sales than Vista. Sofoâs lab says you still need to run anti-virus on Windows 7. Microsoft, in the Microsoft Security Intelligence Report released yesterday, stated that "The infection rate of Windows Vista SP1 was 61.9 percent less than that of Windows XP SP3." Firefox 3.6 Beta (for Mac Win & Lin) is out for those who like living on the edge and for those forensic examiners that like testing new versions to identify .  Forensic Evidence Secures Death Penalty-Gang Members use Social Networking Too.  IC3 reports increase in compromise of user's online banking credentials target commercial bank accounts

The Personal Data Privacy and Security Act was approved by the Senate Judiciary Committee by a vote of 15-5 The bill would required notifications of not just individuals affected by a data breach, but also, in some cases, credit reporting agencies and the U.S. Secret Service (not FBI). It would establish a new Office of Federal Identity Protection within the FTC. Let's get ready to Rumble earns 400 million in IP revenue.

Web Sites of the Week: 

Media Files:

CyberSpeak Nov 1, 2009

Sun, 01 Nov 2009 17:16:00 +0000

Today Ovie and Bret talk about SANS What Works in Incident Detection, SSD Drives, Data Breach Notification Laws, Rob Lee in Computer World, Tips for the Courtroom, Interview of Joseph Mykytyn from Sky Catcher Solutions, and Linux Boot Disk Forensics Research. Web Sites of the Week:

Media Files:

CyberSpeak Oct 25 2009

Sun, 25 Oct 2009 12:35:00 +0000

We're BAAAACCCKKK! After a summer hiatus we are back in the studio again. Catch up on what we have been doing while we were gone, why Bret did this podcast in the nude, how Bret used F-Response to boot a LiveView image across the network, FTK 3.0, some iPhone apps, and web sites of the week. We missed you and glad to be back. Send us email at cyberspeak at gmail dot com. SPECIAL THANKS to George Starcher for doing our audio!!!

Media Files:

Cyber Speak Aug 2009 - The Podcast from the Grave!!

Mon, 07 Sep 2009 19:06:00 +0000

Our live show from SANS What works in Incident Response and Forensics 2009 if here!!!   Lost in a freak Snow Leopard accident involving several rolls of duct tape and a back of Frito's - it has be resurrected!   Audio quality still sketchy but it is here.

So, now you can stop with all of the emails...   Enjoy.


Media Files:

CyberSpeak July 3, 2009

Fri, 03 Jul 2009 15:19:00 +0000


Bret and Ovie discuss SANS What Works in Forensics and Incident Response Summit 2009, Drive Hell, Firefox 3.5, U.S. Supreme Court ruling on lab analysts in court, and new data breach notification laws on the books.

Media Files:

CyberSpeak April 23, 2009-Caffeine Induced

Sun, 26 Apr 2009 06:29:00 +0000

This week on CyberSpeak, Autographed Washington Wizards Basketball for sale to support charity Samaritans Feet,, SANS Forensic Summit Discount CodeCYBERSPEAK10, new EnScripts at 42LLC, Digital Forensic Challenge, discussions about the 2009 Cyber Security Act, Philly RCFL gets ASCLAD, Ft Smith Police Dept overwhelmed with Child Porn cases, Ikena's new video forensics software, and web picks are: Notes... Hey Ovie... Show notes got wasted fixing the feed.. I think they were messing it up somehow... Good news.. Feed Fixed... Bad news... Notes are gone.. :(

Media Files:

CyberSpeak March 22, 2009

Sun, 22 Mar 2009 18:11:00 +0000

Welcome to CyberSpeak, your computer forensics, computer security, and computer crime podcast.  I am Ovie Carroll, and I am Bret Padres, today is March 22, 2009

The Sans Forensic Summit is now on the books and scheduled for July 7-8 2009 in Washington DC and SANS new Sec 408 Computer Forensics Course.  Also check out the Sans Forensic Blog for some GREAT forensic reading.

*****Listener Email*****


Reading keystrokes with a laser....

Mark Menz on MFT Ripper â Send email to
2009 HTCIA Conference â or

*****Tech Topics*****


*****Web Sites******

Media Files:

CyberSpeak March 15, 2009

Sun, 15 Mar 2009 14:34:00 +0000

Show notes for March 15, 2009
Welcome back CyberSpeak, your computer forensics, computer security, and computer crime podcast.  I am Ovie Carroll, and I am Bret Padres, today is March 15, 2009.

The new Windows Forensic Analysis DVD Toolkit, Second Edition (Paperback)
by Harlan Carvey (Author) is available for preorder through Amazon.]Windows

Put it on your calendar - The Sans 2009 Forensic Summit is now on the books and scheduled for July 7-8 2009 in Washington DC.  Ovie will be there speaking about Current Trends and the Future of Forensics.


The Digital Forensics Certification Board (DFCB) founded by the National Institute of Justice through a Cooperative
Agreement at the University of Central Florida's National Center for Forensic Science are accepting applications for Founders certification.
For a limited time, March 2, 2009 through August 30, 2009 experienced members of the digital forensics community can achieve these certifications through the Founders Process. Go to for more information.

The New version of iLook PI is available at

*****Interview ***** 

Interview With Drew Fahey, Chief Technology Officer for e-fense about the new Helix3

*****Web Sites*****

Windows powershell 2.0

Media Files:

CyberSpeak March 1 2009

Mon, 02 Mar 2009 05:36:00 +0000

Welcome back to CyberSpeak. Bret and Ovie are back in the country. This show we have an interview with the developers of Highlighter, a new log analysis tool, Jed Mitten - Senior Consultant and Jason Luttgens - Principal Consultant from Mandiant. Check out this free tool at Also, check out the Mandiant blog for some other tools. In listener email we discuss U3 thumb drives and encryption and schools doing data recovery without a private investigatorÃs license. Helix pro is being released and the Polytechnic University in Brooklyn has discovered a digital fingerprint that will allow you to tie a digital image to a specific made and model of camera. Web picks are and .

Media Files:

CyberSpeak January 4 2009

Wed, 31 Dec 2008 20:00:00 +0000

Show notes for January 4, 2009
Ovie got a new editing setup for Christmas and his new years resolution is to stop posting substandard chopped up podcasts. :)

DoD Cybercrime Conference â January 26-30, 2009

Review of 2008 New Year predictions...?

Listener Email  

A federal agent sent us an email and a nice donation and said thank you both for the great podcast.  Drake wrote in to make a quick correction :)  Windows Steady State (previously branded as shared access) doesn't require a special partition or unpartitioned space, in fact I don't see that it makes any visible changes to the drive partition setup at all.

42 LLC developed some EnScripts that they are offering up to the community for open beta.  If you register an account on our forums you will be able to download the scripts and any updates we publish.


If Santa left you a Samsung digital picture frame, you might want to check it for virus.  The gift giving culprits is the SPF-85H 8-Inch Digital Photo Frames w/1GB Internal Memory, designed to work with Windows-based PCs via a USB connector sold between October and December 2008 for about $150 through Amazon. 

Breathalizer for your PC?

New HP Windows Home Server to backup MAC OSX systems
December 29, 2008 Hewlett-Packard Co. is adapting its latest MediaSmart Windows home servers to back up customers' Mac computers using the OS X's Time Machine auto-backup feature.

Tech Topics  

VoomTech releases their Hard Copy 3.  Can output to 2 drives without slowing down.  The new SHA256 hashing offers greater strength then the MD5 hash.  At 7.5 GB per minute, HardCopy 3 is the hands-down fastest forensic hard drive duplicator anywhere!  And HardCopy 3 still costs less than our over-priced competitors ($1599)

Web Sites  of the Week

Media Files:

Repost Dec 21 Show to fix audio levels

Sat, 27 Dec 2008 15:52:00 +0000

This is a reposting of the Dec 21, 2008 show to fix the audio levels. Many thanks to George Starcher!!! Ovie goofed up the levels.

Media Files:

CyberSpeak November 16, 2008

Sat, 15 Nov 2008 16:06:00 +0000

"Dude, where's my Podcast?!"

Today Bret and Ovie talk to Matthew Shannon from F-Response!  We discuss a ruling on 4th Amendment Search with Hashsets. 

Harlan Carvey teaches Knitting.

Websites of the Week
Dots Gloves
Google Video
Opps I Am Late
Google Tenth Birthday

And don't forget to go to and take a look at the videos!!

Media Files:

CyberSpeak Oct 20, 2008

Sat, 25 Oct 2008 11:38:00 +0000

This week Ovie and Bret talk about the SANS What Works in Forensics and Incident Response Summit.  We also cover memory imaging with MDD and Volatility.  Website of the week 

Take Care!

Media Files:

CyberSpeak September 28, 2008

Sun, 28 Sep 2008 19:25:00 +0000

Today, Kevin Mandia is on the show talking about the State of the Incident Response, CyberSpeak Listeners get big discount to SANS Forensic Summit (CODE: Cyberspeak10), Ovie and Bret discuss listener email, PC Magazine's Cybercrime hall of fame hackers, Shawn Henry gets a promotion as the new FBI AD Cyber-Division and legalalities of boarder searches. Web site picks of the week are and

Media Files:

CyberSpeak September 6 2008

Sun, 07 Sep 2008 07:49:00 +0000

This week, Bret and Ovie talk with Jesse Kornblum about...Fun tricks with computer memory.  In listener email we hear about a 2 year old April Fools joke that is still fooling people, we discuss how a Texas law requiring private investigator licenses could be putting geek squad and other innocent people in violation of the law.  Help is on the way as FBI opens a new RCFL in Houston.  In tech topics we discuss an information leakage paper on TrueCrypt.  Keep those emails coming at cyberspeak *at*

Media Files:

CyberSpeak August 3, 2008

Sat, 02 Aug 2008 21:36:00 +0000

Today Ovie and Bret clean out the mail bag! We talk about free forensic tools, the stimulus check, Gadget Track, bypassing the BIOS, imaging RAM and

Video instructing people to never talk to the Police is at

Give us your thoughts about the video....


Media Files:

CyberSpeak July 19, 2008

Sat, 19 Jul 2008 13:03:00 +0000

Bret and Ovie are back! (Yeah, Bret and Ovie - Not Ovie and Bret) :) Today they talk about low cost forensic imaging, hacking the London Tube, American Boat Co v. Unknown Sunken Barget I & II, modify your Macbook Air DVD drive, the Eye-Fi card, Gadget Track, Tripit, and Glassdoor.

The forensic exam report we refer to is here:

Ovie and I are back from travel and hope to have more new shows soon!!


Media Files:

CyberSpeak June 28, 2008

Sun, 29 Jun 2008 16:54:00 +0000

This week we discuss Brets new Kendle, Ovieâs new neat receipts and givce a secret to listen to podcasts twice as fast as before.   The episode focused on forensic news and legal decisions of interest, specifically a APC pirate being convicted, a study that reports 68 percent of all internet-based malware was now being hosted on legitimate sites, Bot-herder Greg King is found guilty on two counts for launching a DDOS against Castel Cops, and Perdue offering Mac Forensics training for 100 law enforcement.  In legal news, we discuss Reasonable expectation of privacy and an allegation a warrant did not have probable cause for a computer search. Web sites of the week included and

Mac Forensic Training at Purdue university, Email Marcus for more info at Study reports 68 percent of all internet-based malware was now being hosted on legitimate sites.,1000000189,39429909,00.htm Barry Gitarts, 25, of Brooklyn, N.Y., was convicted today by a jury in the Eastern District of Virginia of conspiracy to commit criminal copyright infringement Fedora live cd creator

Media Files:

CyberSpeak June 15, 2008

Fri, 20 Jun 2008 03:43:00 +0000

This is a repost to fix bad audio file.

Happy Fathers Day!  This week we discuss Brets new Kendle, Ovieâs new neat receipts and givce a secret to listen to podcasts twice as fast as before.   The episode focused on forensic news and legal decisions of interest, specifically a APC pirate being convicted, a study that reports 68 percent of all internet-based malware was now being hosted on legitimate sites, Bot-herder Greg King is found guilty on two counts for launching a DDOS against Castel Cops, and Perdue offering Mac Forensics training for 100 law enforcement.  In legal news, we discuss Reasonable expectation of privacy and an allegation a warrant did not have probable cause for a computer search. Web sites of the week included and  

Media Files:


Sun, 01 Jun 2008 16:25:00 +0000

Memorial Day Posdcast and interview tih Mark McKinnon from Red Wolf Computer Forensics about his CSC Parser.  It can be downloaded from here . Also check out his blog at

Media Files:

CyberSpeak May 10 2008

Mon, 12 May 2008 10:42:00 +0000

This week, Bret and Ovie interview Al Lewis from Subrosasoft about the Mac Lockpick. We discuss the new Mac lockpick that can be preconfigured to collect volatile data on Windows, Mac and Linux System. This is the first cross platform utility we have seen. Web sites of the week include - use refer a friend code: DSCAM1127098
and Ovie gets an extra month free. Oh, and I forgot Bret's web site but will find it and get it posted soon....I am sure it was a MAC website.

Media Files:

CyberSpeak April 27 2008

Sun, 27 Apr 2008 16:57:00 +0000

This week, Ovie's back from SANS, Bret's on his way back to Kuwait. This week Ovie and Bret answer some great listener email.  Imaging an Apple XRaid, Google getting into the game of image recognition to help identify people exploiting children, Andrew sent in a website with a great collection of file signatures, and Web Sites of the week are Netflix Thief Caught in the Act and and Windows Live Mesh


Media Files:

CyberSpeak April 13, 2008

Sun, 13 Apr 2008 14:42:00 +0000

Bret and Ovie discuss Didier's email and the possibility of web browser prefetching links in an FBI sting operation. Michael helps clarify the OLD phpBB vulnerability, the UK's founding forensic father escapes a jail sentence for fraud and Kerry sent in a list of hundreds of forensic PDF files and makes sure we knew about Quickview Plus (we also suggest Thumbs plus for reviewing large number of graphics). Symantec Corporation released their comprehensive security report on the malware industry and Microsoft turns out to be the Best at patching vulnerabilities the quickest. The full report is available here.  Bret and Ovie discuss Skype and the technical data points of interest when conducting forensics.  Web sites of the week include Teleflip and Twitter as we are now trying to tweetâ.erâtwitter.  Follow Bret and Ovie.

Media Files:

CyberSpeak March 31 2008

Tue, 01 Apr 2008 21:50:00 +0000

Bret and Ovie discuss a listeners question about a sting operation to lure people wanting to look at child porn to click on a fake web link and get busted for âattempted possession of child pornâ?. What do you think? Fair or Unfair? We think it is NOT entrapment but could be too close to the line. Itâs Miller Time after hacking an Apple in 2 minutes and Vista proves more secure than apple in CanSecWest. The government can now wiretap for a week before submitting a request to wiretap suspected terrorist. The King of Spam gets 26 years in jail. A new vulnerability affecting PHPbb sites, 30 months in prison for spoofing telephone numbers and placing phony emergency calls to manipulate police SWAT teams, Websites of the week include Stuff White People Like, and A special tech tip - append â&fmt=6â? (NO QUOTES) to the URL of your You Tube Video for better resolution.

CyberSpeak March 31 2008

Tue, 01 Apr 2008 17:50:00 +0000

Bret and Ovie discuss a listeners question about a sting operation to lure people wanting to look at child porn to click on a fake web link and get busted for âattempted possession of child pornâ?. What do you think? Fair or Unfair? We think it is NOT entrapment but could be too close to the line. Itâs Miller Time after hacking an Apple in 2 minutes and Vista proves more secure than apple in CanSecWest. The government can now wiretap for a week before submitting a request to wiretap suspected terrorist. The King of Spam gets 26 years in jail. A new vulnerability affecting PHPbb sites, 30 months in prison for spoofing telephone numbers and placing phony emergency calls to manipulate police SWAT teams, Websites of the week include Stuff White People Like, and A special tech tip - append â&fmt=6â? (NO QUOTES) to the URL of your You Tube Video for better resolution.

Media Files:

CyberSpeak March 16 2008

Mon, 24 Mar 2008 16:21:00 +0000

This week Ovie talks about Samaritans Feet in South East DC, calendar syncing problems, Plaxo suggested by two listeners. A programming mistake leads to a G-Archiver reveationâand 1700 other peopleâs passwords. Ovie and Bret discuss WiebeTechâs fantastic new forensic combo dock. Web site of the week is Programmers Notepad

Media Files:

CyberSpeak March 8, 2008

Mon, 10 Mar 2008 09:50:00 +0000

Today Bret and Ovie talk with Dr. Simson Garfinkel about the Advanced Forensic Format (AFF). We also cover listener feedback and a Judge raps forensic expert for delaying child-porn cases. LINKS: We apologize for some of the audio quality during the interview with Dr. Garfinkel. Thanks again for listening!!! Spread the word!

Media Files:

Cyberspeak Feb 10, 2008

Sun, 10 Feb 2008 14:43:00 +0000

This week on Cyberspeak, Ovieâs Invisible Shield came in for his blackberry and he loves it. We discuss US v Boucher and the Fifth Amendment protection not to be compelled to disclose passwords. For some great reading on the issue, check out Susan Brennerâs blog post. Department of Defense considers cutting off all non-official Internet access.   We discuss whole disk encryption and new advertised features in True Crypt V5.  We discuss Nuix, a new forensic utility with special application for analysis of emails.  Do you encrypt you forensic images before transport?  Ovieâs Web site pick of the week is and Bretâs is Hackers Diet.

Media Files:

CyberSpeak January 14, 2008

Tue, 15 Jan 2008 15:50:00 +0000

Happy New Year...Today Bret and Ovie talk about 2008 Predictions.  We also talk about Bret breaking his IPhone, Black Hat DC, Mac World 2008, security vulnerabilities in the new Boeing 787, Bill Gates retirement video,, very quick way to wipe a hard drive with badblocks, private investigator story in the news again, search of computer in tax fraud investigation was ruled valid, Alienware 30 inch curved monitor, and Ovie saves the world with invisibleshield.

Media Files:

CyberSpeak November 12 2007

Sun, 11 Nov 2007 21:00:00 +0000

This week we show you how you can donate a laptop to a child in an under privileged country and get 12 months free -Mobile WiFi hotspot access, apple will not take your cash, apple is so secure they are turning off their firewall and the CEO of IronKey talks about the security features of their IronKey thumb drive.  Web pick of the week is Display Fusion.

Media Files:

CyberSpeak 15 October 2007

Sun, 14 Oct 2007 19:10:00 +0000

This week on CyberSpeak we discuss the Techno Forensics Conference Oct 29-31, Guidance Softwareâs policy on replacing dongles, Vista Recycle bin forensics, ways to securely wipe unallocated or free space, and the first class action law suit against Apples for bricking the iPhone.  This weeks tech segment is all about Windows Mail, Vistaâs replacement to Outlook Express.  Bretâs web picks of the week are a great list of security tools, an iPod toilet roll holder and a cool Rube Goldberg Machine.  Ovieâs web site of the week gives you a way to listen to the latest CyberSpeak podcast without an Internet connection.  Just call (214) 283-8997 and you can listen from anywhere.

Media Files:

CyberSpeak 30 September 2007

Tue, 02 Oct 2007 17:39:00 +0000

This week apple deals another blow to their sorry customers, Bret still loves Steve Jobs, Kevin Manson donates a laptop and Jushu Technology, a Chinese company loses their mind and offers a convicted virus writer a job.  A listener sends an email link to an article about Apple feeling bad about ripping off their customers and offers a $7000 rebate for Lisa customers.  Ovie and Bret discuss forensics issues about the Vista Recycle Bin.  Web sites of the week include a link to the Department of Justice Computer Forensic Methodology Flow Chart, a US Sentencing calculator web site and an iPhone hacking web site.

Media Files:

CyberSpeak 23 Sep 2007

Sun, 23 Sep 2007 18:56:00 +0000

We are back!!!  Thanks to all that wrote in concerned about our wellbeing.  Todays show we discuss listener email, ABC News report on how Dateline NBCâs âTo Catch a Predatorâ? is making it difficult for law enforcement to prosecute child predators because they are using illegal techniques to initiate sexual talk with predators.  Iam wants us to start an IRC chat channel, Andre started a Google Computer Crime web page. In the News, Forensics Expert Shows Cell Phone Evidence in Rape Case, Bret is quoted in Federal Computer Weekly article, Ovie and Bret discuss the recent news coverage on police use of stun guns. Didier Stevens released his new version 2.3.0 of his UserAssist tool.  We discuss WiebeTechâs new âHot Plugâ? device that allows investigators to seize and transport a running computer without having to shut it down. Also discuss is WiebeTechâs new RTX 400 and 600 portable storage devices.  Bretâs web sites of the week was an iPhone site, and 35 absolutely essential Mac applications and Ovieâs pick was a web site that analyzes EULAâs.  KEEP THOSE EMAILS COMING TO CyberSpeak at Gmail dot Com.[...]

Media Files:

CyberSpeak 23 Sep 2007

Sun, 23 Sep 2007 14:56:00 +0000

We are back!!!  Thanks to all that wrote in concerned about our wellbeing.  Todays show we discuss listener email, ABC News report on how Dateline NBCâs âTo Catch a Predatorâ? is making it difficult for law enforcement to prosecute child predators because they are using illegal techniques to initiate sexual talk with predators.  Iam wants us to start an IRC chat channel, Andre started a Google Computer Crime web page. In the News, Forensics Expert Shows Cell Phone Evidence in Rape Case, Bret is quoted in Federal Computer Weekly article, Ovie and Bret discuss the recent news coverage on police use of stun guns. Didier Stevens released his new version 2.3.0 of his UserAssist tool.  We discuss WiebeTechâs new âHot Plugâ? device that allows investigators to seize and transport a running computer without having to shut it down. Also discuss is WiebeTechâs new RTX 400 and 600 portable storage devices.  Bretâs web sites of the week was an iPhone site, and 35 absolutely essential Mac applications and Ovieâs pick was a web site that analyzes EULAâs.  KEEP THOSE EMAILS COMING TO CyberSpeak at Gmail dot Com.[...]

CyberSpeak 16 September 2007

Sun, 16 Sep 2007 08:15:00 +0000

The DEFCON SHOW!! Wow... Bet you didn't think it was ever going to happen... Its here... Thanks Geoff for getting this out... I am posting this from my hotel room in Texas.. Thanks again to everyone for hanging in there... Bret

Media Files:

CyberSpeak 29 Jul 2007

Mon, 30 Jul 2007 16:54:00 +0000

Show notes will follow.  We are off to Defcon!!

Media Files:

CyberSpeak July 22, 2007

Sun, 22 Jul 2007 16:33:00 +0000

Today Ovie talks with Didier Stevens about is UserAssist registry parser.  Also, Bret and Ovie talk about the IPHONE!  In addition they talk about Deep Freeze, Vista Forensics, HogFly's blog forensic blog, NAMBLA convention, The Unofficial Apple Webblog,,,, and

Ovie agrees that everyone should own an Iphone and that he sleeps in a black tshirt with jeans. (I love being the one that posts the show notes)

Media Files:

CyberSpeak July 1, 2007

Fri, 13 Jul 2007 18:54:00 +0000's here...the July 1st show!!! 

Technical problems plagued this it is here.

Ovie and Bret talk about lots of stuff.

Media Files:

Cyberspeak June 24, 2007

Mon, 25 Jun 2007 17:34:00 +0000

This weeks show Bret and Ovie discuss the Pentagonâs Confirmation of Hacked Email System , an e-mail scam that includes a Hit-Man Threat, and Microsoftâs new Groove collaboration application.  Ovie test and reports the forensic results of surfing the web with Safariâs Private Browser and answer a question from the episode 72 of the Paul Dot Com show.

Ovies web sites of the week - Instant Domain Search and  

Graffiti and Bretâs pick was

Media Files:

Cyberspeak June 17, 2007

Sun, 17 Jun 2007 14:51:00 +0000

In todayâs show, Ovie and Bret discuss listener email, discuss hard drive write blocks and imaging devices, sleuthkit V2.09 is out, Safari for Windows is but you better patch quickly, In the news, the first spammer sentenced under CAN-SPAM act, VA budgets 20 million for credit protection for its victims, Secret Service agent spins a tale but surveillance video unravels her story, and Japanese police learn a lesson in security.  The Slurper aggregates 6 unsecure WiFi access points  and web sites of the week: Drobo robotic storage, Cheapest Gas, and Vehicle crash test site.[...]

Media Files:

Cyberspeak June 10 2007

Tue, 12 Jun 2007 01:42:00 +0000

Listener email, an interview with Paul Ohm, Associate Professor, University of Colorado Law School about his friends of the court brief. New cell phone forensics document released and web sites of the week,, Wii have a problemsecurityanalogies,  and Google Street View

Media Files:

CyberSpeak May 20, 2007

Sun, 20 May 2007 22:36:00 +0000

In todays show Bret talks about selling his Vette on CraigsList. Ovie wins the lottery (ok he didn't). We get some great listener analogies. Ovie and Bret bust the hard drive wiping myth. New Vista attacks, man could get 10 years for lying about background, Cybersleuth named best of 2007, one in 10 web pages have malicious code, visual periodic table, and TouchGraph.

Bret is in London, England and Ovie is somewhere in Malaysia this week...So if your a listener in one of these places, drop us a line!

Media Files:

CyberSpeak May 13, 2007

Sun, 13 May 2007 17:18:00 +0000

Today we have an interview of Russell Yawn,Chief Investigator, Office of Prosecutorial Services for the State of Alabama and panel mamber for the National Computer Forensics Institute. Also, check out Mount image Pro's new Virtual Forensic Computer that gives you the ability to virtually boot EnCase, DD, and Smart images.  Sorry for any hissing sound on Ovie's side, we are exchanging a defective mixer

Media Files:

CyberSpeak April 29, 2007

Sun, 29 Apr 2007 16:51:00 +0000

Man!!!Busy week...Show notes may not make it...But at least the show got posted!!!

Media Files:

CyberSpeak April 22, 2007

Sun, 22 Apr 2007 05:22:00 +0000

Bret and Ovie talk to Jesse Kornblum, Pricipal Computer Forensic Engineer, ManTech International, about Ovie talks about analogies (tastes like butter.)  Listener email.  If you have a question for Kevin Mitnick send it to  Bret and Ovie talk about Vmware differences, Vmware Ace,, get your freedns here, and create timelines with timelines.

Media Files:

CyberSpeak April 15, 2007

Sun, 15 Apr 2007 13:28:00 +0000

Ovie is in the dog house, Bret lets listeners off on the April Fools Joke -- Forensicator Pro --Gotcha!!!  Vonage gets a reprieve and can still recruit customers, federal appeals court rules no reasonable expectation of privacy on personal computer at work.  Be nice to your sister and don't offer her up for sexual favors on craigslist.  Tell it to the Bank says UK Fraud Act which requires victims to stop reporting online fraud to police.  Interview with Jim Christy, Defense Cyber Crime Center Director of Futures Exploration and Bret talked about an investigation solved by tracking down the USB drive.  web site picks: Trace from .  Stop by  MultimediaForensics for full show notes.

Media Files:

CyberSpeak April 1, 2007

Sun, 01 Apr 2007 14:25:00 +0000

Today Bret and Ovie talk with Kevin Smith from LTU Technologies about Image-Seeker.  They also talk about listener email,, TOR not really broken, Bret loves Twitchy,, and GParted-Clonezilla-LiveCD.

Media Files:

CyberSpeak March 25, 2007

Sun, 25 Mar 2007 18:51:00 +0000

Our first Live Show at ShmooCon2007!!!

Lots of interviews on the floor of the show...

Media Files:

CyberSpeak March 18, 2007

Sun, 18 Mar 2007 18:05:00 +0000

Today Bret and Ovie talk with Tony Hogeveen, Sales Director for Deepspar Data Recovery Systems.  Bret and Ovie also talk about the Linksys CIT-400, the Jawbone bluetooth headset (hey what kinda show is this anyway), ShmooCon 2007 meetup, listener email, RFID Powder, DHS launches national center for computer forensics training, Information Week story on Vista being banned, Congressman Ed Markey asks for FTC investigation, Nirsoft USB utility, Max OS X Security Part 1, and a Mac forensics mailing list.

See you all at the Meetup this Friday!

   9 PM on March 23rd @ Chipotle
   2600 Connecticut Ave
   Washington, DC 20008

Media Files:

CyberSpeak March 12, 2007

Sun, 11 Mar 2007 18:29:00 +0000

Ovie flys solo today. On todays show Bret and Ovie interview Trevor Fairchild. Complete show notes as soon as Ovie gets around to it.

Media Files:

CyberSpeak March 4, 2007

Sun, 04 Mar 2007 14:55:00 +0000

Technical problems on my end have prevented us from recording the show this week. We should be back up and running for next weeks show. In the mean time check out our recording of the press conference at Blackhat about the IOActive RFID talk that never was (Warning:  Audio quality of the recording is not good.)

 Ovie and I will see you next week..


Media Files:

CyberSpeak February 25, 2007

Mon, 26 Feb 2007 18:17:00 +0000

Today Ovie and Bret talk with Mark Menz from MyKey Technology Inc.  We also drop in on Jeff Moss as he prepares for Black Hat Federal.

In the interest of getting the show out, show notes are HERE..

Get well soon Mike.

Media Files:

CyberSpeak February 18, 2007

Tue, 20 Feb 2007 02:42:00 +0000

Today, in an extended show, Bret and Ovie talk with Phil Zimmermann, creator of PGP encryption software.  Phil talks about his new Zfone project.  Bret and Ovie also talk about a UK teacher who is fired for showing porn to students, steps of a forensic exam, new Microsoft Word vulnerability, Shaw Carpenter gets 4.3 million for wrongful termination, a man sentenced for stealing data from the American College of Physicians, another laptop missing; this time from St. Marys Hospital emergency care center, Belgian court upheld ruling that prohibits Google from using snippets of headlines, TubeSock, Mac Media Center Project, Ext2 in Windows, Metalosis Maligna, and online presentations.

Media Files:

CyberSpeak February 11, 2007

Sun, 11 Feb 2007 16:19:00 +0000

Today we talk with Scott Moulton from Forensic Strategy Services.  Scott talks about advanced hard drive recovery topics.  In addition, Bret and Ovie talk about detection of full disk encryption with ZeroView, Danny Garcia didn't hack the SuperBowl, MySpace worm creator sentenced to probation, three men who used internet chat room to hatch a plot to rape, decode your printers secret code, paypal security key,,, and

Media Files:

CyberSpeak January 28, 2007

Sun, 28 Jan 2007 12:16:00 +0000

Ovie is back!!  Today Ovie and Bret talk with Jesse Kornblum, Principal Computer Forensics Engineer at ManTech about his Buffalo paper on memory analysis.  Also they talk about listener email, fletc legal division podcasts, stego, the million dollar paranormal challenge, why blurring data can be bad, and see who is stealing your laptop at

Media Files:

CyberSpeak January 17, 2007

Wed, 17 Jan 2007 16:21:00 +0000

Today Bret talks with Chad McMillan, Principal Security Engineer and Mandiant.  Chad talks about his new entropy tool for malware detection.  Bret also talks about listener feedback, ShmooCon, Blackhat Federal, ESETs NOD32, flash drives for laptops, Jim Christy in WIRED Magazine, malware trends, canadian coins with RFID chips, iDefense annouced they will pay 800 for each remotely exploitable flaw in Vista and IE, and Delicious Monster.

Media Files:

CyberSpeak January 7, 2006

Sun, 07 Jan 2007 15:38:00 +0000

Today, Bret talks with Jamie Butler, Principal Software Engineer at Mandiant.  Jamie is the co-author of Rootkits: Subverting the Windows Kernel.  He talks with Bret about the state of rootkit technology.  Bret also talks about a man who stumbles into an online law enforcement training class and ends up with an indictment,, wireless forensics, remote control plane to capture images for Google Earth, DesktopTwo, and a neat code repository website.  Bret also talks about his lovely wife Jill buying him a Canon Rebel XTI and Lego Mindstorms NXT for christmas!Also Congratulations to Ken Pryor for his "Where's Ovie" submission.  He will be receiving a "one of a kind" autographed CyberSpeak mousepad.  Thanks Ken!!I had a REAL OVIE SIGHTING the other day. he coming back soon!?!?!?!We are light on mail this week...send us your ideas, thoughts, praise, scorn, or whatever.   CYBERSPEAK at GMAIL dot COM[...]

Media Files: