The Positronikal Chronikal

I’m a history buff. I love the history of things. It’s been said that you can’t truly know where you’re going unless you know where you’ve been. The digital forensics world, both traditional and DFIR, is populated today by an amazing wealth of incredible practitioners and knowledge. I’m very proud and humbled to stand together with these people. That said, I thought it might be time to offer a thank you to those earliest pioneers of our craft who blazed the trail the rest of us hope to follow. If you don’t know some of the people on this list, do a little research; find out who they are and why they’re important to all of us. Thank them, too, if you get the chance. Ours is a very high pressure, fast paced life and taking a moment now and then to reflect on those that made our passion possible and thanking them for their efforts is well worth any time it takes. This list isn’t all inclusive and I’ve likely left one or a few off that should be here. Also, not all of them are still with

I last left off describing what led to my ideas regarding a comprehensive digital forensic platform named Carnivore and the live triage tool CarnivoreLE (Live Edition). The first two incarnations of Carnivore were what is now termed Carnivore Portable. That's an external drive partitioned and loaded with tools useful to both livebox and deadbox triage and forensic preview. It tends to follow in Dell's footsteps regarding processing and evidence capture at the scene in a manner easily brought back to the lab for further processing using an integrated systems approach. These first two iterations were miles from the ideal, but were a positive and critical step in the right direction. Both Version 1 and Version 2 have seen extensive use in the field and the feedback has been overwhelmingly favorable. Carnivore Portable now still benefits from the ability to make use of other third party tools loaded onto it before deployment, but the two main tools are CarnivoreLE and CarnivorePM