Yep. That's been a problem for decades although it's slowly improving
as even the smaller departments realize it and fund serious training.
Meantime, yes, one needs to approach getting involved with those folks
with some degree of caution.
Steve
Special Agent, (ret)
On 3/26/24 12:22 PM, Paul Koning via cctalk wrote:
On Mar 26, 2024, at 2:59 PM, steve shumaker via cctalk<cctalk@classiccmp.org>
wrote:
and, if you inquire in the right places, there is law enforcement focused
forensic analysis software specifically designed to acquire RAID volumes and
rebuild the data.
Steve
Yes, though from the one time I encountered that use case I have my doubts about it. I was asked to help with such a forensic
analysis case, and the person I worked with started by asking me about the "BIOS settings" on our SAN array, and
whether the setting was "left to right" or "right to left". For some reason, that person could not cope with
answers like "we don't have a BIOS" and "neither left-to-right nor right-to-left". Once I hit that road
block I decided not even to bother mentioning that our SAN device included page based virtualization. Never did hear anything
further. :-)
paul
