Hurricane Irene – Amazing Social Media Tracking

Jon Rajewski social media

This is one of the best social media websites dedicated to tracking the social media posts about Hurricane Irene. The ESRI map can be described below:

This interactive map allows you to view continuously updated hurricane information. You can track specific hurricanes and see their projected path. You can also access newsfeeds, precipitation, and storm surge information.
The hurricane feeds are supported by the precipitation updated every 15 minutes as well as the storm surge, often the greatest threat to life and property from a hurricane, updated every 20 minutes.

Some other noteworthy resources that I was able to quickly find today are:

Digital Forensic Course Prep – Champlain College

Jon Rajewski computer forensics, curriculum

One of the best parts of being a professor is preparing courses before the semester begins. It’s a time to reflect on the last time you taught the course and make improvements/enhancements in the content. One of the fun projects I did last year was scoped an analysis (and created evidence) surrounding the Wikileaks case. Here was the project scope:

You are tasked with investigating a military computer system that has been alleged to be apart of the recent classified information disclosure to the infamous Wikileaks website. The computer system you’re examining was permitted to have classified information and you can determine if a file was classified by following the below:
·         Confidential files have [CO] in the file name
·         Secret files have [SC] in the file name
Your Scope:
The users accessing this system had no expectation of privacy. Your expected deliverables are:    
1)     Determine if any classified files were sent/saved/distributed to any other digital device
2)     Determine if any user on this computer communicated/researched regarding how to distribute/share/obtain the information on the leaked information described on the Wikileaks website
3)     Provide a recommendation for other data sources / suspects / email accounts /aliases to consider in this investigation

Students had to examine evidence and provide a comprehensive report. The best part was trying to get students to take their analysis to the next level, that is, beyond what was taught in the course. As digital forensic examiners, we will always encounter something new and we need to be ready/prepared to figure things out. I was pleased to see some of the students do this — and even more pleased to hear that some of those Juniors had amazing internships this summer and most of them already have job offers — before they even entered their Senior year.

This term in Operating System Forensics we will be spending a lot of time examining a few digital devices we’ve been building and “crafting” for the past 6 months. It’s key for a digital forensic professor teach both theory and practice and there is no better way, in my opinion than to build custom assessments for each class so students are not only engaged, but excited to learn.

Needless to say, I’m excited to start teaching on Monday 🙂

Champlain College – New Digital Forensic Curriculum

Jon Rajewski computer forensics, curriculum

Last May (2011) I rewrote the undergraduate digital forensic curriculum at Champlain College. I collaborated with the many people to complete this monumental task including but not limited to Mike Wilkinson, Cristian Balan, Ali Rafieymehr, Michelle Miller, Jim Hoag and others who will be named at a future date (we are waiting to release these names).

This Fall is the first incoming class to experience the newly designed material. Current students will also be able to take advantage of the new curriculum as its developed (we plan to have all of the courses ready by Fall 2013).

The new curriculum will include newly designed content which will be updated each semester to stay current/leading edge. One of the most exciting parts of the curriculum are the 10 (that’s right. ten) digital forensic classes. Don’t confuse these digital forensic classes for “networking” or “security” courses either, these are full blown digital forensic focused classes. Below is a list of the new courses:

  1. Cyber Crime – Criminal and Civil Investigations
  2. Introduction to Digital Forensics
  3. Digital Forensic Tool Evaluation
  4. Anti-Forensics and Network Forensics
  5. File System Forensics
  6. Operating System Forensics
  7. Mobile Device Forensics
  8. E-Discovery and Data Analytics
  9. Advanced Practice in Digital Forensics
  10. Capstone (Senior Thesis)
  11. Digital Forensic Internship (optional)
Other courses that are apart of the curriculum that supports the undergraduates education (aside from general education courses):
  1. Introduction to Networking and Security
  2. Introduction to Computer Theory (programming/scripting)
  3. Operating Systems (Not learning how to use Windows, more focused on how OS’s manage Memory/threads etc)
  4. Introduction to Forensic Science
  5. Technical Writing
  6. Law of Searching and Seizing Digital Evidence
  7. Criminal Law
  8. Statistics
  9. Ethics
Students will all have an option to minor or specialize in the following areas (12-18 credits):
  1. Information Assurance
  2. Criminal Justice
  3. Economic Crime Investigation
  4. Computer Science
  5. Digital Forensic Science 4+1 — you can graduate with a masters degree in Digital Forensic Science in 5 years!!!!!
  6. Choose your own – work with your adviser to build your own specialization/minor
And on top of that, students can easily Study Abroad (if they choose to) at one of our two Champlain College Study Abroad campuses in Dublin, Ireland or Montreal, Canada or another site of their choice. Students also have the flexibility of 3 Electives.
We spent a lot of time asking industry leaders and taking suggestions on how to mold out new program into something that really prepares students for the ever competitive digital forensic industry. 

Is China really hacking the United States?

Jon Rajewski computer exploitation

A very nice article was written by Jermey Page of the Wall Street Journal about China and its US website attacks.  Some excerpts from the article that I felt were interesting:
A rare example of an official source contradicting China’a repeated assertions that it doesn’t engage in cyberattacks……

At one point, as a narrator discusses various forms of cyberattack, a cursor is shown moving on a computer screen with a software application that is identified in Chinese characters as a “distributed denial-of-service” attack. Also known as DDOS, such attacks are relatively unsophisticated tools of cyberwarfare that involve bombarding websites with data to disable them.
The next screen says at the top, in Chinese, “Attack system..PLA Electronic Engineering Institute.” PLA stands for People’s Liberation Army.

The “Official source” referenced above can be viewed in this video

I love to use current topics in my classes to help reinforce concepts. In my CyberCrime class last year,  I lectured on Operation Aurora (Google Hack of 2009) and highlighted the report Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation which was prepared for the US-Chain Economic and Security Review Commission authored by Northrop Grumman. If you read the entire report, which I highly recommend, you will find that Northrop was spot on – back in 2009 – about what was reported in the above referenced Page’s August 2011 article.


What is this place?

Jon Rajewski Uncategorized

I decided to create a blog to disseminate my thoughts on topics relating to a few of my passions. Topics discussed here will sometimes relate to the classes I’m teaching or something that I stumbled upon in my daily activities.  I hope you enjoy your stay 🙂