FID3 Blog

In my previous blog, I mentioned a new product called FI Data Profiler Portable.  This portable software tool is aimed at reducing the backlog of digital evidence weighing down on Forensics Labs.  The idea is to filter out computer/hard drives that have no potential for containing the evidence pertinent to a case.  The best time to do that is on the scene before confiscating equipment & media, or when a device is being prepared for analysis by a highly trained investigator.  Let’s try to use the time, of these skilled investigators, as wisely as possible.

This tool is designed to be simple for first responders without the benefits of extensive training, yet highly configurable so that advanced investigators can fine tune it to their exact needs.  It utilizes our proven File Investigator file identification engine, to catch 3,410 different types of files with high accuracy.  The result is a statistical analysis of what types of data, and how much of each, is on each computer/hard drive.  All of this is performed while running from a USB thumb drive or CD ROM.

Will you help us test this tool, and tell us what you think?  We want the tool to be a good fit for investigators.  In order to accomplish that, we need to include all of the necessary features and functionality.  Here’s how you can help:

Quick Look Steps (just 2 minutes):

1. Go to http://www.forensicinnovations.com/download/fidpp105.exe with your browser.
2. You may need to click on a browser warning dialog/ribbon to allow the download.
3. Click the “Run” button, and a 937KB file will download.
4. Click the “Run” button on the security warning dialog. (Vista & Windows 7 only)
5. Click the “README.TXT” button for details on this tool. (optional)
6. Click the “OK” button.
7. Ignore the Case Details fields, and click the “Start Analysis” button.
8. Select the “File” > “Save Summary Report” menu option to save the statistics to a text file. 
9. Select the “File” > “Exit” menu option when you are done.

You should see bar charts displaying quantities of files found on your local hard drive.  This will continue for 15 minutes to 3 hours depending on how many files you have and the speed of your computer. Try the different “View” menu settings, to display charts by Platforms, Storage and File Types. The downloaded files will be automatically removed when you exit the application. Please send your comments to Support@ForensicInnovations.com. All feedback is welcome.

Testing Steps:

1. Go to http://www.forensicinnovations.com/download/fidpp105.exe with your browser.
2. You may need to click on a browser warning dialog/ribbon to allow the download.
3. Click the “Save” button, and select a folder to save the 937KB file to.
4. Rename the file’s extension to “.ZIP” and click the “Save” button.
5. UnZip the contents to a test folder, and run FIProfilerPortable.exe.
6. Click the “Run” button on the security warning dialog. (Vista & Windows 7 only)
7. Click the “README.TXT” button for details on this tool.
8. Click the “OK” button.
9. Fill in any Case Details fields that pertain to you.
   1. The Target Path will default to “C:” if you leave it blank.
10. Click the “OK” button to continue to the main window.
11. Select the “File” > “Start Analysis” menu option to start the process.

When you finish testing on one or more computers, we would appreciate any feedback that you can provide:

• How useful is this tool for you?
• What features would make it more useful?
• Did you run into any problems?
• What needs to be improved?

Please send your feedback to Support@ForensicInnovations.com. If you are willing, we would also like to receive saved Data Profiles for the computers that you test. These profiles only contain the information that you enter into the Case Details dialog and the charts that you see on the screen.  Here are the steps for sending the Data Profiles:

1. Select “File” > “SaveAs Analysis”, after each test completes the analysis.
2. Attach the saved .FIS file(s) to an email addressed to Support@ForensicInnovations.com.

We appreciate your time and we value your opinion.