Chris Gerling

Yeah I haven’t blogged in a bit.. haha.  I’ll get around to some updates this weekend.

I just got up after sleeping a good bit of the day.  I had to red-eye it and fly all night to get home last night.

If you didn’t know, I was up in Portland, OR this week for e-fense’s E103 Live Forensics & Incident Response course.  I had a hell of a time actually getting there, it seemed the travel gods just wanted me to suffer, so after an unexpected overnight stay in Dallas on Monday, I made it into the class at 2pm pacific on Tuesday.  I didn’t miss much, and the fact that I had recently attended the SANS GCFA course made this more of a refresher course with the bonus of getting some goodies.

I was a bit skeptical before about Helix going commercial, but I see who the target audience was with the move, and honestly it looks like the stuff that will be in Pro (due out in May) is worth the subscription cost.  If I recall correctly, dc3dd is the default imaging tool when utilizing the Windows Live Acquisition part of the CD.

Eric Smith was a great facilitator, and the learning environment was great.  I loved the classroom they had setup, there were very few glitches, and the workstations were configured correctly, so diving right into some hands on was very very easy.

Portland is a pretty cool place.  I lucked out and @Jerod on twitter showed me around town Tuesday night.  McMenamins had great beer, and Papa Haydn’s had the best cake I have ever eaten.

Now to get some more sleep.

I’ll be talking about the knoppix-based forensic live CD called Helix on the next Hak5 episode which we’re shooting this coming weekend.  It’s been out there for quite awhile, and as a security guy I have gotten the opportunity to use it in an incident response role a couple of times.  I believe a 2.0 release is coming in the next couple of months, but no official word yet.

I need some geek roommates so I can delegate some of this network stuff to them .  I’ll eventually get things online, I just stay fairly busy.  Sorry!

In the computer world, credentials have always been a little bit different from most other industries. Lawyers, Engineers, Teachers, Doctors, and similar professions have some sort of structured peer-reviewed and enforced system for distributing and maintaining credentials for the work that they do. It is a way of protecting people from illegitimate practice and giving them an avenue of redress should they experience any problems with a particular individual or entity.

Many professions within the computer industry umbrella do not have such credentialing bodies, especially within computer engineering and computer security. There are degrees, vendor and vendor-neutral certifications, however there is no such thing as the equivalent of a bar exam, or a license to practice. I believe that while this should not be necessary for most situations, however, if one is going to testify in a courtroom as an expert, they should have some sort of credentials to prove what they claim to know that aren’t possible to obtain with a credit card and a couple of hours taking a test online.

Continue reading