The Operating and File Systems course does not have a very long duration. But still there was time for some interaction between the students and with other people in the industry.
First of all, Marius shared a very useful link to an online tutorial series on Youtube – showing in detail everything from installation to working with Windows Server 2012. In our study group we also discussed some of the details shown in the videos, as well as different commands and such. Here is the link to the video series: https://youtu.be/tlI8okaWXVM?list=PLJcaPjxegjBVnEN8c6O8w1mNit4WGeAWN
I also had some discussion with a forensics investigator at the financial crime division at the Norwegian Tax Office. It was about an issue concerning different operating systems, and doing live forensics on them. Apparantly there are a number of issues with doing live forensics on Mac OSX systems, it seems they are getting different outcomes every time they image the same source. I will look closer into this and hopefully return with a solution.
Further on, we have had multiple discussions about operating systems. Mac vs. Windows vs. Linux. And the concensus seems to be that apart from personal preference – each operating system has its own positives and negatives. All depending on what you need it for. My reflection on desktop systems are as following:
Windows: The most used desktop operating system, mostly due to the cunning mind of Mr. Gates. And for that reason, it is also the system that provides the most flexibility. You cannot deny the power of the market leader, most of the software we as forensics analysts are going to use – will be for Windows. Most computers we are going to analyze – are also Windows. You really need to know Windows by heart. As a former Apple-user I of course hate the interface and user experience (UX). So for any end.user wanting a computer for surfing, emails, music and all that cr*p – Windows is not really for you.
Apple OSX: The runner up in operating systems. Due to the iPod and all other iDevices on the market – more and more people choose Apple desktop products. The biggest selling point is that all your computers and devices talk seamlessly, no hassle and very intuitive. This makes for a great end-user product, although from a forensic analyst standpoint – not really all that good for our line of work. A very small amount of systems work natively on OSX, and most of the time they are forensics software dedicated to doing analysis of other Apple products. You can ofcourse use Virtualbox – but then the whole point is really gone. The only good news for computer nerds is that less and less family members will ask for help on their lousy Windows-computers.
Linux: Although Linux does not deserve it, this operating system is deemed only for the nerds. But in the lather years there has been a great uprising in end-user products available, like Ubuntu that mimicks OSX to a great extent. For a forensics analyst Linux is the preffered choice. Most serious (and free) forensics tools offer a Linux-version, making you capable to do almost any task needed. I would on the other hand not recommend it for the “family” demography.