top of page
Search

Digital Corpora's Gov Docs

  • Jun 24, 2019

Digital Corpora, operating under a grant from the National Science Foundation, has posted electronic files here, which can be used to test forensic and electronic discovery techniques.

A thousand separate directories, each with a thousand files, can be downloaded for review. A set of more than 100,000 jpegs is available. The metadata for the files includes search terms; search engines used to find the files; and SHA1 hash values. The files were collected from the United States government. Malware has been deliberately left in the data. The full set includes nearly one million files in a wide variety of formats. One possible drawback is that a very small number of the files (only about 2000) are email files.

Digital Corpora has also posted images made of cell phones, and disk images. PII data has been removed from the disk images. Forensics students can practice with disk images in the EnCase format. These contain information on how data was taken from a fictional businessperson's laptop, and the challenge is to find out if the data was taken by a malicious actor, or intentionally disclosed by the employee.


 
 

Global Relay

  • May 27, 2019

Financial regulations require many businesses to retain archives of business communications.  Global Relay is widely used by financial firms to comply with these requirements.   22 of the 25 biggest banks in the world use Global Relaay. 

When conducting electronic discovery inquire as to whether or not a client uses its services to manage email, instant messages, Bloomberg messages, and social media DMs.  

Its apps for smartphones may allow businesspeople to access message archives on the go. 


 
 

.mig files

  • May 26, 2019

Windows 7 comes with a built-in tool which assists a user to back-up his or her data and settings to another computer. Easy Transfer will save all data on a hard drive to a .mig migration file, that can then be accessed on a new Windows computer. Encryption is available for the file. Unfortunately Easy Transfer is not available on the Windows 10 operating system, which uses PC Mover instead.

The .mig file condenses a PC's data. Be sure to look for such files when conducting a forensic review of a computer. They can be valuable archives of a user's data from a particular point in time.


 
 

Sean O'Shea has more than 20 years of experience in the litigation support field with major law firms in New York and San Francisco.   He is an ACEDS Certified eDiscovery Specialist and a Relativity Certified Administrator.

The views expressed in this blog are those of the owner and do not reflect the views or opinions of the owner’s employer.

If you have a question or comment about this blog, please make a submission using the form to the right. 

Your details were sent successfully!

© 2015 by Sean O'Shea . Proudly created with Wix.com

bottom of page