[Full-disclosure] SANS Stuff
jftucker at gmail.com
Mon Dec 5 20:08:06 GMT 2005
>On 05/12/05, InfoSecBOFH <infosecbofh at gmail.com> wrote:
>>That is hilarious and proves that a.) Mr. Tucker has his head so far
>>up SANS ass...that he can't see how stupid it really is and b.) SANS
>>is truly a waste of time/money.
>I think James just misread my email as unfounded, since I never
>supplied a link to the page, or something.
>Maybe I am just missing it but I can't really see how promoting
>knowledge of the outdated FAT file system will make
>you "Sharp", it's not exactly a cutting edge technology... coupled
>with the requirement to know what a file and a directory is -
>wouldn't attending that make you feel like a right chump.
>Next thing we will have Morning_Wood coming out with an "0day Exploit
>Code" for file creation lol
Staying sharp could mean many things.
Yes, I completely agree that this course does not keep you up to date
with current file system technologies, and it is becoming increasingly
unlikely that one could provide any valuable forensic service with only
a knowledge of FAT.
1. that course is only $200.
2. all filesystem courses introduce simple filesystems first,
3. this is a short course, it's not likely they could get most
candidates further without damaging the retention ratio significantly.
Suggesting that teaching of old filesystems is useless is moronic,
everyone has to start to learn somewhere.
I don't therefore find it "funny" that it's being offered. FYI this is
generally the type of course you would find at a university during an
introductory OS course.
"After taking this class you'll no longer have to rely on your automated
forensic tools, you'll be able to dive down to the byte level. You'll
even be able to find data that your automated tools might miss. -Michael Murr "
- that is hilariously out of date however, and also may be now incorrect due to changes of scale.
Full-Disclosure is hosted and sponsored by Secunia.