What’s that? You were here earlier but I wasn’t? You’ve been waiting all afternoon and all evening for an update? What if I told you that I tried to write this post eight hours ago but that, as soon as I got the necessary quiet and space to do so, I instantly fell asleep in my room?
Would you forgive me? Would you understand?
Great, thank you, and enough about me … let’s talk about digital investigations, forensic analysis of electronic data, malware prevention, the secure handling of ESI, and the proper care and handling of evidence acquired from mobile devices. C’mon, it’s Vegas, Baby!
The morning began, as all great mornings do, with unlimited coffee and a buffet breakfast in the Exhibit Hall. A surprising number of attendees arrived with both eyes mostly open (if slightly crossed) and made their way about the hall and into the giant ballroom where our day’s featured speaker, Dan Abrams (ABC News), would deliver the Keynote address.
Affably energetic and engaging, Mr. Abrams proved to be the perfect personality for a crowd of legal-techies who had survived a massive information download the day prior and the already-mentioned and mostly unmentionable activities of last night. A veteran of many of our most famous courtroom-based media spectacles (see, e.g., OJ Simpson, Casey Anthony, Robert Blake, Amanda Knox, Jodi Arias), Abrams delivered a charged address which reached topics beyond technology and reminded us that our software and workflows are not ends unto themselves, but tools employed to reach societal goals like justice and security.
While the over-arching subject was, indeed, the interaction of the media and the law, larger topics such as our cultural appetite for the salacious, the shocking and the stupid also came into clear focus. Mr. Abrams did discuss the role of digital forensics and e-discovery in many of these cases. As an example, he reminded us of the under-reported failure of the prosecutor’s office to review Casey Anthony’s Firefox history instead of just Internet Explorer, a failure which resulted in hundreds of missed inquiries relating to the disposal of a body or fool proof methods of suffocation. (Also, apparently, there was an unconscionable failure to search for near-misspellings of words like ‘suffication’.) But, rather than rest on a easy judgment of those erroneous procedures, Abrams went further to raise two much larger questions: first, does the media’s abundance of attention to Ms. Anthony or others in her position prejudice her or does it, rather, intensify scrutiny of the process and actually provide her greater protections than a closed trial? (The fact that Ms. Anthony is free today, when we consider the mountain of evidence produced against her, suggests the latter.) A second, much larger question, followed: if Ms. Anthony had been Mr. Anthony, would the media have followed the trial at all?
Let’s remember, this is a user conference for legal and forensic technology users. In Las Vegas. And this talk was delivered shortly after 9am, the morning after an open bar sponsored by the conference’s hosts.
I suspect that few in attendance, if any, expected to think about gender inequities in the media or the media’s insatiable appetite for stories about relatively well-positioned women committing murder. But, there we were. And it was fascinating. Then, as if this wasn’t shocking enough, Abrams asked if our appetite for the salacious didn’t in fact pose an even greater threat: are we not devoting hours and hours of coverage on a case like Casey Anthony (or wildly speculating about non-cases) while neglecting to discuss important government policy? Rather than discussing and intelligently debating issues such as unconstitutional Presidential recess appointments, isn’t it dangerous that we (and the media) have focused instead on which former Congressman or which Martian Rover shared which inappropriate photo or made which unfortunately stupid gaffe today?
Abrams was a fantastic presenter with just the right amount of righteous indignation to open up the second day of this technology conference with a bang. And, he even graciously stuck around afterwards to speak with attendees and pose for a few photos!
After Abrams’ address, the conference-goers and presenters got back to the business of the week: learning about new digital threats, new precautions, new solutions to persistent problems and sharpening the cutting edge of their investigative toolkit. Hands-on labs were given on Windows 8 file history artifacts, a live fire drill responding to IPv6 hacks, more on mobile e-discovery, and additional focus on cyber-security blind spots. Meanwhile, users seeking certification as Summation Certifed End-Users (SCE) were given a two-session review course to prepared them for the SCE Exam which will be administered tomorrow.
Today’s four lunch-and-learn sessions were as well-attended and engaged by the audience as yesterday’s and covered an equally wide range of subjects: mobile device e-discovery, recovery of overwritten data, e-discovery in criminal law and endpoint security. With panels consisting of attorneys, forensic examiners, and service providers; those who attended had the opportunity to learn, to discuss and to eat. And then, well-fed and ready for more action, attendees returned to a second afternoon’s worth of labs, lectures and simulated malware attacks.
Finally, when all was said and done, we rewarded those still standing with a happy hour in the exhibit hall and with an ADUC favorite: the FTK Beer Lab. I would like to share details of that event with you, but as I mentioned above, I was asleep in my room, trying to write this blog post.
But, as I’m sure you can imagine on your own, if there’s anything that can improve a technology user’s experience with our flagship forensic technology, it’s beer. Beer in Vegas. And, I hear that the accompanying sliders were delicious.
OK, that’s all I have for now, folks. Please join us again tomorrow when we round up the conference, say farewell for now to our friends, and prepare ourselves for our return trips to “the real world”.
Viva Las ADUC!