Send us a textThe digital forensics world isn’t slowing down — and neither are we. In this episode, we celebrate Heather’s well-deserved recognition as Cellebrite’s Mentor of the Year 2025. Naturally, there were a few speech mishaps and, somehow, a bear raiding Heather’s bird feeder (yes, actual wildlife). But between the chaos, we get serious about the fast-changing landscape of digital evidence collection.We dig into Amazon’s decision to remove the "do not send voice recordings" setting from Echo devices — meaning all voice requests now head straight to the cloud for AI training. It’s part of a growing industry trend, raising huge privacy red flags. We also unpack a study showing AI search engines misattribute sources at rates over 60%, and discuss how leaning too hard on generative AI risks dulling the critical thinking that digital forensics demands.On the technical front, Christian Peter reveals that some forensic tools alter or delete unified logs during extraction — a serious concern for evidence integrity that can compromise investigations before they even begin. We also walk through a deep dive into Snapchat artifacts, showing how to connect media files to user actions and locations by following database breadcrumbs that automated tools tend to overlook.Through it all, one theme stays clear: while technology keeps racing ahead, the responsibility for getting it right stays firmly with the examiner. As one guest bluntly put it, "We might be the last generation of cognitive thinkers."Tune in for a sharp, insightful, and slightly unpredictable conversation at the intersection of bears, bytes, and the future of digital evidence.Notes:Mobile Forensics Are you nerd enough?https://www.msab.com/events-webinars/webinar-are-you-nerd-enough/New Podcasts!https://osintcocktail.com/https://www.youtube.com/@hexordiaAmazon "Do Not Send Voice Recordings" Privacy Featurehttps://www.usatoday.com/story/tech/2025/03/17/amazon-echo-alexa-reporting-privacy/82503576007/https://www.thesun.co.uk/tech/33907850/amazon-alexa-echo-do-not-send-voice-recordingsAI search engines cite incorrect news sources at an alarming 60% rate, study sayshttps://arstechnica.com/ai/2025/03/ai-search-engines-give-incorrect-answers-at-an-alarming-60-rate-study-says/The Slow Collapse of Critical Thinking in OSINT due to AIhttps://www.dutchosintguy.com/post/the-slow-collapse-of-critical-thinking-in-osint-due-to-aiNISThttps://www.nist.gov/news-events/news/2025/01/updated-guidelines-managing-misuse-risk-dual-use-foundation-modelsDon't lose your logbookhttps://www.linkedin.com/pulse/dont-lose-your-logbook-christian-peter-ebcjeNot All Encryption is created equalhttps://www.s-rminform.com/latest-thinking/cracking-the-vault-exposing-the-weaknesses-of-encrypted-apps
--------
1:13:55
The Iceberg of Digital Evidence: What AI Can't See
Send us a textThe boundary between tool-dependent analysis and true forensic expertise grows increasingly blurred as AI enters the digital forensics landscape. Alexis Brignoni and Heather Charpentier reunite after a month-long hiatus to sound the alarm on a concerning trend: the integration of generative AI into forensic tools without adequate safeguards for verification and validation.Drawing from Stacey Eldridge's firsthand experience, they reveal how AI outputs can be dangerously inconsistent, potentially creating false positives (or missing critical evidence) while providing no reduction in examination time if proper verification procedures are followed. This presents investigators with a troubling choice: trust AI results and save time but risk severe legal and professional consequences, or verify everything and negate the promised efficiency benefits. The hosts warn that as AI becomes ubiquitous in forensic tools, it dramatically expands the attack surface for challenging evidence in court—especially when there's no traceability of AI prompts, responses, or error rates.Beyond the AI discussion, the episode delivers practical insights for investigators, including an in-depth look at the Android gallery trash functionality. When users delete photos, these files remain in a dedicated trash directory for 30 days with their original paths and deletion timestamps fully preserved in the local DB database—a forensic goldmine for cases where suspects attempt to eliminate evidence shortly before investigators arrive. Other highlights include recent updates to the Unfurl tool for URL analysis, Parse SMS for recovering edited and unsent iOS messages, and Josh Hickman's research on Apple CarPlay forensics.Whether you're investigating distracted driving cases, analyzing group calls on iOS, or simply trying to navigate the increasingly complex digital evidence landscape, this episode offers both cautionary wisdom and practical techniques to enhance your forensic capabilities. Join the conversation as we explore what it truly means to be a digital forensic expert in an age of increasing automation.Ready to strengthen your digital investigation skills? Subscribe now for more insights from the front lines of digital forensics.Notes:Magnet Virtual Summit Presentationshttps://www.magnetforensics.com/magnet-virtual-summit-2025-replays/https://www.stark4n6.com/2025/03/magnet-virtual-summit-2025-ctf-android.htmlparse_smsdbhttps://www.linkedin.com/posts/alberthui_ios-16-allows-for-imessagesmsmmsrcs-message-activity-7279586088988413952-xHWlhttps://github.com/h4x0r/parse_sms.db/tree/mainAre you a DF/IR Expert Witness or Just a Useful Pawn?https://www.linkedin.com/posts/dfir-training_a-pawn-moves-where-its-told-a-dfir-expert-activity-7292981112463572992-c3wd/Unfurlhttps://dfir.blog/unfurl-parses-obfuscated-ip-addresses/https://github.com/obsidianforensics/unfurlAI to Summarize Chat Logs and Audio from Seized Mobile Phoneshttps://www.404media.co/cellebrite-is-using-ai-to-summarize-chat-logs-and-audio-from-seized-mobile-phones/Ridin' With Apple CarPlay 2https://thebinaryhick.blog/2025/02/19/ridin-with-apple-carplay-2/Hello Who is on the Line?https://metadataperspective.com/2025/02/05/hello-who-is-on-the-line/
--------
1:06:51
Mind Matters: Navigating DFIR with Balance
Send us a textGet ready for a hands-on look at digital forensics and the challenges professionals tackle every day. We share a story about forensic guessing that highlights the importance of testing assumptions and following the evidence to avoid errors. The discussion emphasizes how staying grounded in facts can prevent investigations from going off track.We also highlight advancements in forensic tools and training. Learn about tools like Belkasoft, the UFADE tool for iOS device extraction, and SQBite for SQLite database analysis. These tools are improving efficiency and accessibility in the field. But it’s not all about the tech. We address the important topic of mental health in digital forensics. We discuss the pressures of the job, strategies for managing stress, and the importance of supporting one another. Personal experiences and practical tips highlight the need to prioritize mental well-being in this demanding field.This episode provides valuable information on tools, investigative approaches, and mental health strategies for forensic professionals. Notes:Belkasoft Windows Forensics Coursehttps://belkasoft.com/windows-forensics-trainingUpdates to UFADEhttps://github.com/prosch88/UFADE/releasesThe Duck Hunter's Bloghttps://digital4n6withdamien.blogspot.com/2025/01/the-duck-hunters-guide-blog-1.htmlhttps://digital4n6withdamien.blogspot.com/2025/01/the-duck-hunters-guide-blog-2.htmlhttps://digital4n6withdamien.blogspot.com/2025/01/the-duck-hunters-guide-blog-3.htmlSQBitehttps://digital4n6withdamien.blogspot.com/2025/01/introducing-sqbite-alpha-python-tool.htmlhttps://github.com/SpyderForensics/SQLite_Forensics/tree/main/SQBiteMental Health in DFIRhttps://thebinaryhick.blog/2019/06/21/mental-health-in-dfir-its-kind-of-a-big-deal/https://www.forensicfocus.com/podcast/the-impact-of-traumatic-material-on-dfir-well-being/https://www.forensicfocus.com/news/dfir-and-mental-health-are-we-doing-enough-to-protect-investigators/https://www.sciencedirect.com/science/article/pii/S2666281721000251https://belkasoft.com/preventing-burnout-in-digital-forensicshttps://www.magnetforensics.com/resources/taking-care-of-mental-health-during-digital-forensics-investigations/https://www.harmlessthepodcast.com/https://www.shiftwellness.org/about-ushttps://www.nyleap.org/What's New with the LEAPPShttps://github.com/abrignoni
--------
1:03:25
New Year, New Discoveries: Diving into Digital Forensics!
Send us a textKick off your new year with some forensic fun as we recount our holiday escapades and dive into the latest in digital forensics! Ever wondered how RAM dumps from Android devices can reveal crucial data? We spotlight MSAB's innovative RAMalyzer tool and their new blog series covering RAM from mobile devices. Discover how the digital forensics community is collaborating to propel the field forward, as we share insights from the DF Pulse 2024 Digital Forensic Practitioner Survey and the delicate dance between competition and cooperation. Standardization is the name of the game, and we're exploring how the field of digital forensics can benefit from it. Updates to Magnet Axiom's date range capabilities showcase the ceaseless evolution of digital forensics tools. Journey with us as we tackle the intricacies of Bluetooth tracker detection, all while considering the dual nature of technology and the significance of using it responsibly.From exploring Richard Davis's work with 13 Cubed to discussing Yogesh Khatri's contribution to analyzing the USN Journal, we shine a light on the vital role of principles in our field. With warm wishes for the new year, we invite you to stay tuned for more episodes brimming with insights and camaraderie.Notes:MSAB RAMalyzer series!https://msab.com/resources/blog/Paraben Forensic Innovation Conferencehttps://link.reachpenguin.com/widget/form/99kVMTgaA0mbpZvYLTjGTip Tuesday: Troubleshooting in PAhttps://www.youtube.com/watch?v=eSNovfdwucw&list=PLwmKlEiYNUYte-pnlbw45YKpPB7K8xCgC&index=1DFPulse: The 2024 digital forensic practitioner surveyhttps://www.sciencedirect.com/science/article/pii/S2666281724001719Magnet Axiom Cyber 8.7: Acquire iCloud backups from ADP-enabled accounts, and more!https://www.magnetforensics.com/blog/magnet-axiom-cyber-8-7-icloud-adp-and-more/Android Will Let You Find Unknown Bluetooth Trackers Instead of Just Warning You About Themhttps://www.engadget.com/mobile/smartphones/android-will-let-you-find-unknown-bluetooth-trackers-instead-of-just-warning-you-about-them-204707655.htmlBe Kind, Rewind... The USN Journalhttps://youtu.be/GDc8TbWiQio?feature=sharedApple Photos phones home on iOS 18 and macOS 15https://lapcatsoftware.com/articles/2024/12/3.htmlSWGDE Considerations for Required Minimization of Digital Evidence Seizureswgde.org/16-f-002/
--------
1:16:29
The Gift of Expertise: Why Forensics Matter in the Courtroom
Send us a textJoin us for a holiday-themed episode of Digital Forensics Now, where we blend expert insights with personal stories from the field of digital forensics.This episode delves into cutting-edge tools and techniques for digital forensics. Explore insights from Arsenal on advanced methods for analyzing swap space and memory files. We also share experiences with the Samsung Secure Health Data Parser, highlighting the challenges of decrypting health databases and the critical role of UFED in overcoming them. Don’t miss an in-depth look at the remarkable features of ArtEX, showcasing its value to examiners. Additionally, we introduce the LEAPPS Artifact Viewer App (LAVA), a groundbreaking tool unveiled at the Cyber Social Hub conference. We discuss the vital role of forensic experts in legal proceedings, from the importance of meticulous validation to the risks of mishandling evidence. Real-world cases and a controversial court rulings that highlight why expert testimony remains essential in interpreting digital artifacts.We close with gratitude to our listeners and warm holiday wishes. Stay tuned on social media for updates on our next live session after the holidays.Notes:Working with 010 Hex-Editor https://www.youtube.com/playlist?list=PLCS2zI95IiNwheFCTaUEytA1GT0mNOOdn Arsenal Releases a New Tool! https://arsenalrecon.com/additional-products Samsung Secure Health Data Parser - A Forensic Tool for Parsing & Analyzing Samsung Secure Health Databases https://github.com/breakpointforensics/Samsung-Secure-Health-Data-Parser-/tree/main ArtEx Artifact Examiner <br>https://www.doubleblak.com/app.php?id=ArtEx2 Why the Manual Preview/Screenshots May Not Hold Up in Court https://www.forbes.com/sites/larsdaniel/2024/11/13/think-that-screenshot-is-proof-heres-why-it-might-not-hold-up-in-court/ https://www.forbes.com/sites/larsdaniel/2024/12/06/smartphone-forensics-and-fake-texts-how-are-courts-responding/ What's New with the LEAPPS!? Google Keep Notes <br>https://charpy4n6.blogspot.com/2024/12/google-keep-notes.html Signup for Updates! leapps.org
A podcast by digital forensics examiners for digital forensics examiners. Hear about the latest news in digital forensics and learn from researcher interviews with field memes sprinkled in.
Netherlands