[embedded content]
I arrived home the other day after dutifully completing the weeks’ shopping. This isn’t a conversation about the battle of the sexes but suffice it to say, I’m less of the shopper and more of the fill the car up kind of individual. I do pride myself in knowing which coin is required for which stores’ grocery cart and I’m adept at choosing a cart that doesn’t have the wobbly wheel. I think we are all familiar with the shopping experience; the milk is unnecessarily as far from the bread as possible, the deli counter often has a curious selection of meats and cheeses you’ve never tried, and all of us are continually amazed at how cheap it is to buy a store rotisserie chicken versus cooking your own. One constant in our home is the banana. As I eye up the traditional yellow bananas, I am in awe at how quickly they leave the shelves into the baskets of the many shoppers around me. This self-protected fruit comes in a dizzying array of ripeness, and everyone has their preferences. In my case, pretty straight forward.
At home, I often regale my spouse with the tales of my digital forensic exploits. I suspect her quietness and lack of enthusiastic responses are related to her genuine attention to my stories. Though today at the grocery store I had to establish my purchasing plan and I couldn’t rely on her recommendations. I stood in front of the bananas and defaulted to my training that evidently applies well in these situations.
I’m in the digital forensics (DF) of the DFIR, the Incident Response (IR) group approach to this action would be very different. How may our actions differ? The (IR) group may be more concerned about when is the next pallet of bananas going to arrive or how does the store quell the panic when only standard bananas are available because of the organics being sold out? In the meantime, I’m standing only focused on this pallet, or maybe only the bananas I’m holding. My lifetime of eating and cyber training tells me that I am correct, but not limited to many steps in my investigation.
Let us begin. Step one – Identification. These are bananas. Identification complete. Step two – Preservation. In this situation it was quite simple. I safely cradled my bananas intended for purchase by tucking them into the corner of my basket on top of the apples. A professional move. Step three – Analysis. I reviewed the quantity and size to ensure even distribution and ensured someone didn’t switch their purchase for mine. Step four – Documentation. That was the easy part. The sales receipt would show my spouse the purchase time and perhaps not quantity, but at least the total weight. Then close out with Step Five – Presentation. Hey, credit where credit is due for my efforts; my spouse has got to be impressed at what I’ve put together as a solid purchasing experience. Apart from all the dry goods, I conquered the fruits and vegetables.
[embedded content]
For more information about FOR308: Digital Forensics Essentials course click HERE
As the bags were unloaded to their respective place in the kitchen, I was somewhat surprised that there was not more fanfare. No congratulations, no high fives, the silence was oddly like when I share my cyber adventures.
After a few minutes I chimed in to break the silence, as a good forensicator would know when successfully achieving their work goal. “How about those bananas”? The reply was unexpected. “Oh, the family won’t eat those. Too ripe…but I’m sure we can throw them in the freezer for banana bread later.”
I will admit, my ego was bruised for a second, like a banana that had the milk resting on it. I realized then and there, this may be a small setback for the week, but I am looking forward to the banana bread.
The lesson here? The next visit to the grocery store will result in greener bananas. Always keep learning and peel back the layers to gain more knowledge…In the meantime, keep thinking DFIRently.
