Forensic images by private investigators

I sent the following email awhile back:

Ms. Vest,

Does the state of Tennessee currently require a private investigator's
license to conduct computer forensics work as a contracted third party
where the evidence will be used in court. Additionally, if the forensic
analyst is called on to testify as a subject matter expert must the analyst then
meet the PI requirement? Thank you for your time and attention.

Best Regards,

Slade Griffin

I didn't expect to get this answer:

Mr. Griffin:

Ms. Vest forwarded your email to my attention for response.  Licensing
is required for any individual who performs any of the services outlined
in TCA 62-26-202((6)  “Investigations company” means any person who
engages in the business or accepts employment to obtain or furnish
information with reference to:
(A)  Crime or wrongs done or threatened against the United States or any
state or territory of the United States;
(B)  The identity, habits, conduct, business, occupation, honesty,
integrity, credibility, knowledge, trustworthiness, efficiency, loyalty,
activity, movement, whereabouts, affiliations, associations,
transactions, acts, reputations or character of any person;
(C)  The location, disposition or recovery of lost or stolen property;
(D)  The cause or responsibility for fires, libels, losses, accidents,
damages or injuries to persons or to property; or
(E)  The securing of evidence to be used before any court, board,
commission, officer or investigating committee.

The Private Investigators Licensing and Regulatory Act does not have an
exclusion or exemption for computer forensic specialists, or digital
forensic investigations.  The ony exclusions available are specified
under TCA 62-26-223.

Thank you for contacting this office.  Please advise if additional
information is required.


Beth Smith Bell, Administrative Assistant
Private Investigation and Polygraph Commission

If you are not a licensed private investigator, this doesn't look good. On the plus side, I am going to get my license and a Ferrari. 


Twitter gets JACKED

Ed Skoudis gave a talk at Hack in the Box last year where he lamented how sad it was that SQL injection was still going on. I would like to add Cross Site Scripting to that lamentation today. I was logged into Twitter this morning and suddenly started seeing a similar "re-tweet." I jumped on the Google and saw several early write ups saying Twitter was getting pwned. Here is the tweet I got:"onmouseover="document.getElementById('status').value='RT MiguelTarga';$('.status-update-form').submit();"class="modal-overlay"/

"onmouseover", you have got to be kidding me. I booted into a system I didn't care about and ran the cursor over the code; bang I was retweeting. That's slick, no clicking invovled. A successful stored XSS attack on a major site in 2010, awesome. Here's a quick write-up on XSS if you don't know how it works:
 I switched over to to watch the rest of the action since javascript isn't enabled on that site. The Twitter team responded quickly and cleared everything up within a reasonable amount of time. This should help prove that social media does not belong inside your network.


Strange Job Offer Timing

To be clear I am not currently job searching, that I know of, and this is just an observation. Over the past two or three weeks I have gotten about 10 job-related phone calls. These seem to come and go and I often wonder why so many happen at one time from different companies and different "recruiters." Two of the phone messages I got were barely intelligible as the caller was not proficient with English. Two were to work for the Department of Energy and I told the recruiters no thank you. The last was to head to Wilmington Delaware, which I also declined. I realized I didn't know much about Wilmington so I read their web page: and also looked at the wikipedia entry:,_Delaware . The section on crime was a bit scary and the picture of the library was awesome.