BitCurator 0.1.5 released

We’ve released BitCurator 0.1.5, which you can find on the main page and software page of our wiki.

BitCurator 0.1.5 is an upgrade/maintenance release as we prepare to add reporting functionality in the next few weeks. Early reporting functionality will appear in 0.2, currently scheduled for mid-October. The current maintenance release includes updates to bulk extractor, scripting fixes for live data triage in Nautilus, and security patches.

Note that the virtual machine is now packaged as a .tar.gz file. Windows users will need a 3rd party file archiving utility such as 7zip to extract the VM.

Digital Forensics XML and Standardization

Wondering what the future of Digital Forensics XML looks like? You can find recent work by NIST at http://www.nsrl.nist.gov/Downloads.htm (with a draft schema from based on the original spec for fileobjects at http://www.nsrl.nist.gov/DFXML/fileobject.xsd). You can also find ongoing work as part of CyBOX at MITRE at http://cybox.mitre.org/.

BitCurator depends on DFXML output when producing reports on private and personally identifying information, disk and file formats and organization. As part of our commitment to identifying and implementing ways in which DFXML can be used to enhance the description of and provenance records associated with archival born-digital materials, we’ve joined in a discussion with NIST, MITRE, and other interested parties on the future of standards-compliant DFXML.

Institutional Workflows

In December 2011 and January 2012, the core BitCurator project team met with advisory group members to elicit requirements for incorporating digital forensics tools and techniques into existing institutional workflows.

Based on the feedback we gathered, we’ve now drafted the steps for a BitCurator-supported workflow. We welcome additional feedback – please contact us.