Monday, October 20, 2008


For a while now, I've been asking others about what they thought about a forensics/IR magazine...a 'zine (print or electronic) dedicated to IR/CF topics. Most of the responses I've received have been mixed...some good, not many disagreements, but also not a great deal of interest in providing content. Okay, okay...maybe that was too much to ask, but I just have to wonder if there's any interest at all.

Usually the first thing folks say is that the subject is too niche...but have you been to the bookstores lately? There are multiple magazines on tattoos and skin art, antique doll name it. If a lot of these subjects/topics aren't "niche", I don't know what topics would be.

Other 'zines that cater to the techie-nerd crowd include Hackin9, Make, (IN)Secure, and Linux Sysadmin Magazine. Even a recent issue of Linux Pro Magazine had a couple of articles aimed at incident response...while not overly technical or "forensic-y", they were useful and an interesting read. Most such articles seem to be aimed at system administrators, with the goal of introducing them to the topic, rather than immediately taking a deep dive into the subject matter.

Content - A 'zine such as this could have all sorts of great content, if some of the emails and blogs I've seen have been any indication. There are folks out there with lots of great ideas. Of course, the "usual suspects" would be included...hardware/software reviews, maybe even book reviews, etc. Sections or articles could be specific to Linux, AS/400, Windows, MacOSX, cellphones/PDAs, etc. The stuff that goes into a 'zine like this could be limitless...challenges, reader emails, ads for conferences and products, new tools or techniques, new versions of software, etc.

Audience - who would this type of media be aimed at? State, local, and federal law enforcement, college (grad/undergrad) students in computer forensics tracks, corporate responders, consultants, even hobbyists. Pretty much anyone who does or is interested in this kind of work, regardless of from which perspective (host- or network-based).

I have no idea what it takes to start something like this from the ground up...and I'm not even going to assume that it's something I can do myself. I would be very interested in contributing...heck, anyway to get CPE points, right?...and trying to get others to contribute, as well. Right now, there is the Digital Investigation Journal, and I would like to be part of attempting to make this a more hands-on journal, and less academic in nature. I have no experience planning something like this, and besides, like most of you, I already have a day job. What I would be interested in doing is perhaps assisting someone who already has the infrastructure available, and working with others to plan out an agenda or content list a year out. One way to go about this might be to email the editor-in-chief of DIJ, expressing an interest in either creating content for the journal, or simply send in your thoughts. Also, I've asked Monika of the Hackin9 staff if this is something that they'd be interested in producing...if you like the idea, and are willing to subscribe or even contribute (dude...CPE points!!!), email her and tell her so!


Dthstker said...

I don't know if I'm allowed to say, but I do know of a LE oriented periodical that has expressed some interest in publishing a weekly/bi-weekly electronic magazine on Digital and Multimedia Evidence. One of their editors contacted me about a month ago, and indicated they had an exploritory group looking into it.

Don L.

Keydet89 said...


Thanks, but LE-only sort of keeps a lot of us out of the mix, even those who wish to contribute.

Dthstker said...

I wasn't too clear with that, my understanding is they want to branch out into a broader Digital Evidence market, addressing Security and IR, as well.

Don L.

Andre said...

Having a magazine dedicated to digital forensics and computer crime sounds like a good idea and certainly is a big step. May be a little bit too big and too small at the same time. It is too big because we can/should do more with what we already have. For example we can make all forensic blogs, forums and forensic resources joined in to a digital forensic ring, interlinked, referenced and may be even peer reviewed. This way people will find much needed information easier and the information itself will be more reliable. (And podcasts of course, how I could forget cyberspeak :-)

The project may be too small because a professional association of digital forensic examiners or similar could be an answer to many issues such as quality of examinations, education, standardisation and ridiculous requirement for PI licences in some countries.

pando said...

A quarterly could work. Your biggest problem will be people submitting worthwhile content and on time.

Phil Rodokanakis said...

The other problem you'd run into is that everyone in this "business" expects to get everything for free...