What TRIM, DRAT, and DZAT Really Mean for SSD Forensics
June 2nd, 2025 by Oleg Afonin
If you’re doing forensic work today, odds are you’re imaging SSDs, not just spinning hard drives. And SSDs don’t behave like HDDs – especially when it comes to deleted files. One key reason: the TRIM command. TRIM makes SSDs behave different to magnetic hard drives when it comes to recovering deleted evidence. This article breaks down what TRIM actually does, how SSDs respond, and what forensic experts need to know when handling modern storage.
Password masking: myths and truths
July 7th, 2009 by Vladimir Katalov
In brief, here is the "problem": for years (I think starting from Windows 3.0 released almost 20 years ago), the passwords are being masked as you type them (in most programs what have any kind of password protection, and an operating system itself), i.e. replaced with asterisks or black circles. What for? To prevent the password from being read by someone who stands behind you.
Disaster Recovery and its key objectives
July 6th, 2009 by Olga Koksharova
New statistics* shows disaster recovery (DR) is getting more attention, and more upper level execs become involved with DR issues. Ideally, each company should have an emergency plan in case of power/system failure, loss of access, outside attack, sabotage or else – called DRP (disaster recovery plan) or even DRRP (disaster response and recovery plan). DRP is only a part of risk management practices which ensure emergency preparedness and risk reduction and include such initiatives as regular data backups, stocking recovery software, archiving, etc. – these activities are reflected in PMI and NIST standards.
Encryption and decryption from security law perspective (Part II)
July 3rd, 2009 by Olga Koksharova
In my previous post I suggested several variants of computer security translated by different laws. Now I’d like to get to ciphers…again viewed by law.
Rumored AMD Phenom II X4 TWKR chips accessible?
July 1st, 2009 by Olga Koksharova
Not long ago I wrote about AMD’s TWKR when the first rumors reached the media. Now we have more news on that. And the sad one is that TWKR still cannot be purchased in retail and most probably won’t be, at least not the ones from the sought-after 100 exemplars that exist today.
Password by Toolman
July 1st, 2009 by Olga Koksharova
Do you understand a word? Except for "password"? Translator needed! 🙂
Reasonable, appropriate, adequate…security (Part I)
June 30th, 2009 by Olga Koksharova
Most laws define security obligations as reasonable, appropriate, suitable, necessary, adequate etc. without giving more precise directives to follow. Is it good or bad? And what should be known about these standards?
Thunder Tables – now registered trademark
June 29th, 2009 by Olga Koksharova
Good news over here! We’ve got a nice and shiny registration certificate from the United States Patent and Trademark Office. Now our Thunder Tables have their (R) sign.
Password Recovery Tools Are Legal In Germany
June 24th, 2009 by Katerina Korolkova, Direktur Humas
When we meet our customers at trade fairs in Germany, we are always asked questions about legality of our tools. The reason for this is that German law on so-called “hacking tools” is very strict. At the same time the wording of the respective paragraphs is unclear and ambiguous.
Intel Larrabee, AMD Llano: when?
June 23rd, 2009 by Vladimir Katalov
According to NordicHardware, Sapphire Or Zotac Might Launch Larrabee. No further information on Larrabee yet, though; as we already wrote, the Larrabee lauch date is set to 2010. The only news from Intel so far is about i3, i5, i7 CPU naming system: Lynnfield, Clarksfield, Arrandale, Clarkdale; besides, Intel plans shipments of 32nm ‘Clarkdale’ in Q4.
Squeezing your First Amendment rights
June 23rd, 2009 by Olga Koksharova
In the city of Bozeman (the US) it is…pardon, was “acceptable” to require user credentials to your personal mailboxes and other social networking accounts, when applying for a job. What for? For “a thorough background check”. Have a look at their press release:
