Followup to my interview with SC Magazine
Yesterday I did an email interview with SCMagazineUS.com reporter Sue Marquette Poremba, and the article was published later in the day here:
It’s not a bad article by any stretch of my imagination, but there were some points that I felt were important, and brought up in the interview, that didn’t make it through the writing and editing process. I can definitely understand this, as SC Magazine isn’t my soapbox to stand on (that’s what this site is for). I posted these points as a comment to the article, but they appear to have been deleted or “lost”. While I think that’s strange, I’ll let it be, and just post my points here (these might make more sense if you’ve read the article):
- What I have written is not an “encryption scanner”. It simply dumps the contents of memory, in order to allow someone to data carve it for whatever they’re looking for, which could include images, passwords, text, or even encryption keys. My tool doesn’t “scan” for anything. It’s also kind of strange to call it “home-grown” in the title, and then refer to McGrew Security as a “research firm”. I suppose you could argue that both are true, though :)
- The problem that I mentioned that the Princeton researchers “got around” was the large footprint in memory of other techniques of imaging RAM, such as using Linux Live CDs, not whatever the article is implying was the problem (recovering data from RAM, I think?)
- One reason I wrote the tool was simply because the Princeton tool has not, as of right now, been released. I felt like it was important for security and forensic researchers and practitioners to be able to experiment and base further research off of a tool like this.
- I should have placed more emphasis on this in my response, but I think one of the most positive uses for this could be for forensic examiners/investigators. The ability to capture the contents of RAM with a minimal impact, when seizing evidence, can be very helpful.
- I have a lot of respect for the work that the Princeton researchers have done, and I think they have done an amazing job of raising awareness of an issue that’s been around for a long time.
These are things from the interview that didn’t make the cut, but I felt that people should know. It would have been nice if they would have kept my comment underneath the story, but this’ll just have to do. Everyone that I care about reads this blog anyways, don’t they ;) !
Hey! I don’t know what you’ve done but it sounds neat. Don’t get the big head; I knew you when we all were just little pups living in Duggar!
Most of my usual readers don’t know the “Melissa” that just posted, but let me assure you that’s one of the most meaningful posts that one of the most important people to drop by the comments section of the blog has posted.
I’ll leave that for my regular readers to ponder. Rest assured that’s a comment that won’t be “lost”.