Guidance Software is an unethical company driven by greed. They truly do not care that their products and their training are flawed.
Guidance cares only that its products sell, and for them to sell as widely as possible they need to convince law enforcement agencies that in order to do 'computer forensic investigations' you need to license their products. Has this resulted in wrongful convictions of innocent persons based on Guidance Software's brand of flawed computer forensics? Absolutely, yes. Does Guidance care? Absolutely, not. There needs to be a death penalty for corporations. Regards, Jason Coombs [EMAIL PROTECTED] -----Original Message----- From: "dave kleiman" <[EMAIL PROTECTED]> Date: Sun, 18 Dec 2005 11:23:38 To:<[EMAIL PROTECTED]> Cc:"'Samuel Norris'" <[EMAIL PROTECTED]> Subject: RE: Guidance Software Customer Database Hacked? Samuel, Inline...... Dave, > Does anyone know the if the user database at Guidance software was > truly hacked? > An associate received the same letter that you cite, and called the phone number that was given with the lettter. He got what he called 'grudging confirmation'. As a side note, he was as concerned that they had retained his credit card information for 2 years as he was about their getting hacked. It is pretty much all over the Net. now, including the UK. That is right they , should only keep that data at the customers request. Additionally, under those circumstances, keep it in a separate **ENCRYPTED** database from the customer personal information. As for their notification letter, their headquarters are located in Pasedena, CA. As a CA corp., they are required by CA law to notify all those affected when a security breach occurs - don't let them fool you, they had to contact. I know they had to....my big concern is... It happened in November, they did not discover it until Dec., then they decide to notify "only" by postal mail (as required by CA law). They are a incident response / forensic company, you think they would know and value the importance of getting the word out quickly. Being an investigative kind of guy, if find it interesting from a customer volume standpoint tnat their 'customer base' is only 3,800+. If you buy into their 'best thing since in-door plumbing' marketing, one would think that those numbers would be higher. Remember, a lot of their business is large corporations and Law Enforcement agencies, most of which do business by P.O., I understand it was only their CC customer database that was hacked. > It would be nice to hear something from Guidance. > If they are trying to be > hush hush about it, I think it would cause more > damage than putting the > cards on the table..... > It would be totally out of character, in my opinion, for them to make a public disclosure. They can't even admit that their product has problems. You mean like this... gathered from several message boards...mailing lists etc.. ----------------snip------------------ "I have a case involving a lot of deleted files, I examined the drives using 4.22a and 5.04a. Version 4 shows me dozens of deleted files and directories in the recycle bin, version 5 only shows me a fraction of the files. I called Guidance software and talked to some guy from England who is going to call me back, but he had no clue why one version would show so many more files in the recycle bin than the other.... ...It isn't just pix files, there are a lot of files of all types showing in. 4 that are not showing in 5...." According to EnCase Tech Support, any deleted file listed in V4 may or may not be displayed in the correct place in regard to its location within the file structure. ******* So, if you've testified or reported regarding the location of a deleted file and it's meaning using V4, you might or might not have been telling the truth.****** Essentially, according to Tech support, when using V4 one can not say with any certainty regarding the location of any deleted file shown V4. They said there was a white paper regarding the issue that they would send me. After several emails and phone calls the best I'm able to get out of the EnCase geeks in regard to this issue is that the location of deleted files within the file structure in V4 might be as shown by V4, or, it might be incorrect in where it shows the files located in regard to the file/folder structure. As far as V5, it is more "accurate" in where it shows deleted files located within the file structure but keep in mind that "certain assumptions" are still being made in placing those files. Oh, and there is no "White Paper" regarding this issue as I was told originally." Just wanted to add that we found the same problem with unreported deleted files in Enterprise version 5 . We went back to 4 because of this problem and the instability exhibited in 5. Calls to EnCase said they had not heard of any problems? They seem to be getting a bit too big for their britches and their quality control has gone out the window. I suggest you stick to v.4 for a while. ----------------snip------------------ Regards, Samuel Norris Center for Digital Forensic Research, Inc. Regards, Dave Forensic Focus (http://www.forensicfocus.com) email list addresses: Post message: [EMAIL PROTECTED] Help address: [EMAIL PROTECTED] Unsubscription address: [EMAIL PROTECTED] .
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/