Re: [Vol-dev] New versions & new features
5 Jun
2009
5 Jun
'09
10:06 a.m.
John,
Thanks for the email. I also appreciate your efforts to keep the
forensics wiki updated with respect to plugins.
While I can't say that I know exactly what modules Gleeda was referring
to, I know there have been groups working on modules for both Vista and
Linux. Often times people contact us and say they are working on
something and then don't get back to us for a couple of months. Look back
through the email list and I'm sure you will find some names. You may try
contacting them directly to see how much progress they have made. Once
modules are submitted, they then need to be tested.
As for the Linux module inclusion in PyFlag, that is Michael's decision.
Personally, I felt the modules needed more testing and thus they have not
made it into the current version of Volatility.
The development team has been extremely busy as of late. The "official"
update is constrained mostly by users. There are a couple of outstanding
bugs but people have either not reported if our bug fixes solved their
issues or have been unable to create test cases they are willing to share.
If people want to start seeing faster updates, then they should consider
contributing more. A roadmap is a great idea. I know we have discussed
it numerous times over the last couple of weeks.
Thanks,
AW
On Wed, 3 Jun 2009, McCash John-GKJN37 wrote:
Hey Folks,
I was just reading Gleeda's blog & CEIC presentation,
and was interested to discover that Volatility modules had been written
for Linux and Vista. Now I'm wondering why these modules haven't shown
up anywhere I can see them, including in the public view of the SVN
repository. After digging for a bit, I did see that they (or at least a
modified version of the Linux ones) have apparently been incorporated
into the Pyflag distribution, but that just caused me more confusion. If
they're stable enough to release as part of Pyflag, why aren't they in
the public Volatility repository?
Also, are you expecting to release an 'official' update
anytime soon? The last update available from the main Volatility page is
still 1.3_Beta. Is there some defined list of fixes or features that has
to be ready before an 'official' 1.3 version is released? Or has that
been bypassed, so that current work is really going toward 1.4? Maybe a
roadmap section would make a good addition to the main Volatility page.
I'm sure there are a lot of people who would be interested in what's
going on.
Thanks much (Sorry if I sound like I'm
ranting, you guys really have done some awesome work!)
John
----------------------------------------------------------
Quis custodiet ipsos custodes?... I do!