I have in the past recommended the Zonbu project to those out there wanting to support Linux, but aren’t computer gurus.  I now feel that I must publicly give an update related to that recommendation.

First, in their defense, I want to say that my Zonbu mini did in fact break a few months ago. Something to do with the flash card port I think. Although it took a few weeks, I did in fact get a replacement Zonbu mini.

As for the overall business, I was an early adopter also. I am a firm believer that it is in the best interest of everyone for us to move away from the Microsoft dominated world. That was why I bought the Zonbu mini, which I don’t think is even being sold now. I wanted to help support a company that would assist in that goal.

I am guessing from the lack of OS updates recently that not enough people purchased the Zonbu devices to make it profitable enough for the primary designers to work on Zonbu full time.

I think they have the best platform currently out there to launch a true cloud based OS… which is a worthy goal. I have to warn consumers though, that they are not staying in touch with their customers. They seem to still be supporting the OS, but they are completely silent on the current status and direction of the company.  There is a lot of frustration among their paying customers about the lack of knowledge of what is going on.

Due to my own business growth, I have not had time of late to post a lot on this blog. I am going to try to start posting more of my helpful computer posts, though.  I actually started turning down some data recovery and computer repair jobs in Gainesville, because I was just to busy.  After that time of slowing down my own business.. I am finally about caught up.

So, I hope to be back up with my own communication!

Thanks!

After a hard drive crash, I repair the drive. I then extract out the needed data files. Sometimes, these files have to be recovered through data carving. They will get assigned random names like 14583.doc or 184893.jpg. Well, you can imagine these names are not real useful for my clients.

I was recently introduced to a program called Directory Opus. This is a very of Windows Explorer to view files. The awsome thing about it for data recovery is that it shows file metadata. If you don’t know, Microsoft Word documents and other have things like their title and author embedded in the document. Well, with Directory Opus you can see all this data in the file tree. It will also show the EXIF data associated with photos. The user can drill down into zip archives to see what they contain.

It also has a nice dual pane interface to allow files to be moved about onto the new locations the client needs them. It has advanced ways to automate the process for the client that wants to put in some more time learning how to operate the program.

The software comes with a free 30 day trial. That should be plenty of time to get your recovered files straightened out.

Before someone writes in and tells me… I know you can view these same file properties in Windows Explorer…just not in the default view. The view the metadata in Windows Explorer.. just go to the top of the view pane where you see the column titles, right click, and a list of attributes the user can add to the view will show up. Just left click on title, author, or whatever else you would like to add, This way is completely free with no new install… whichever you like. Directory Opus is prettier though

Happy file browsing!

I just completed the Internet Crimes Against Children (ICAC) undercover investigations course. It was a very good class. The class was held in Denver, Colorado. I went up to the town of Boulder a couple of times. The town of Boulder really is beautiful.

As far as the class.. other than to say it is a good course.. this is one I really can’t talk about.

I just completed the Basic Data Recovery and Acquisition (BDRA) course offered by NW3C in Miami, Florida.

The class is a combination of technical training on the FAT file systems and the acquisition of disk images. A third of the class time is devoted to labs that involved in depth looks and experience on the technical areas covered in class. The labs are excellent reinforcers of the technical material.

There are two instructors present at all times in the course. The second instructor is moving through the room and helping students while another is leading the exercises. This is a very efficient method of instruction used.

The course planning for the class is OUTSTANDING. It was the most well planned class for law enforcement that I have ever attended. Every powerpoint slide is clear, concise, and to the point. The graphics used to explain points are visually appealing along with representing the technical point in question. The labs are planned out to every last keystroke. The class is perfectly timed to fit the schedule.

The instructors were knowledgable, approachable, and entertaining. They are clearly teaching computer forensics because it is something they enjoy. They are happy to be passing on their knowledge.

I hope to be able to attend more NW3C courses. Especially, to someone new to computer forensics; the course would be highly valuable. I recommend the training. (FYI… It is law enforcement only.)

I just attended a training by Infosec in Washington, D.C.  The training was specifically on data recovery.

The first two days of the training focused on the physical function/ repair of hard drives.  We learned about how the drive functions internally.  We then began the hands on repair of the drives.  We also learned to evaluate the sounds of a malfunctioning hard drive.

We then moved onto the various software tools that can be used to repair/ read the data that has been salvaged from a crashed drive.  We performed multiple labs with the various pieces of software.   We even did a few RAID repairs.  Not surprisingly to me, or you if you have read my blog.  X-ways Forensics was one of the most highly regarded tools.

The class ended with a sort of seminar on solid state drives.  This provided alot of knowledge on how the drives function internally.  Without going into alot of technical detail, I can tell you what the opinion I came to.  If you are going to use a solid state drive, beware of a failure.  If a solid state drives fails, your data is basically gone.  Data recovery on those drives, at least for now, is going to be very technical and expensive.  if your data is retrievable at all, you better send it to a fleet of electrical engineers to get it back.

The class ended with an exam to be a Certified Data Recovery Professional.  I passed the exam with a 96% !!  I was happy.  All my studying about drives and data recovery has paid off I guess.

The set of students in my class were a mix of military, IT network admins, forensic examiners, and data recovery business owners.   It was an impressive crowd.  I learned alot from them with in and out of class discussions.  Specifically, I learned some great info on the business of running a data recovery shop.

I am very excited to bring all of this information back to the Crystal River, Gainesville, Ocala, and Lake City area of North Florida.

I do have to warn other techs though…. I would think hard about wether to attend the course, unless Infosec reduces the price from the $3,200 to $3,800 dollar mark it is at now.  There really wasn’t much in the way of material that you couldn’t learn yourself with diligent research and study.  Then of course, working on hard drives and playing with software on your own.  The class would be good though if you wanted to skip this study on your own, and just have the material given to you.  The more you know about data recovery walking into the class… the less thrilled you will be with your money being gone.