Removed dead references (#202)

docs/aff4.md

@@ -306,9 +306,9 @@ We do this by setting attributes on the map objects:
 - [Extending the Advanced Forensic Format to accommodate Multiple Data Sources, Logical Evidence, Arbitrary Information and Forensic Workflow](https://simson.net/clips/academic/2009.DFRWS.AFF4.pdf),
   by M. I. Cohen, Simson Garfinkel and Bradley Schatz, DFRWS 2009,
   Montreal, Canada.
-- [Wirespeed: Extending the AFF4 forensic container format for scalable acquisition and live analysis](http://www.dfrws.org/2015/proceedings/DFRWS2015-16.pdf),
+- [Wirespeed: Extending the AFF4 forensic container format for scalable acquisition and live analysis](https://dfrws.org/sites/default/files/session-files/2015_USA_pres-wirespeed_extending_the_aff4_container_format_for_scalable_acquisition_and_live_analysis.pdf),
   by [Bradley L. Schatz](bradley_schatz.md), DFRWS US 2015
 
 ### Tools
 
-* <https://github.com/Velocidex/c-aff4>
+* [c-aff4](https://github.com/Velocidex/c-aff4)

docs/bitpim.md

@@ -4,7 +4,7 @@ tags:
   - Open Source Software
   - Tools
 ---
-BitPim is a free, [open source](https://opensource.org/docs/definition.php), cross-platform
+BitPim is a free, [open source](https://opensource.org/osd/), cross-platform
 program for viewing and editing data on a [CDMA](cdma.md) cell phone.
 Roger Binns was the founder, project manager,
 and lead developer of the project, first releasing it on March 1st,

docs/blogs.md

@@ -123,7 +123,6 @@ like: blogs, fora, tweets, tools and challenges (and test images).
 
 - [Digital Forensics Corporation Blog](https://www.digitalforensics.com)
 - [Digital Forensics Magazine Blogs](https://digitalforensicsmagazine.com/blogs/)
-- [Mobile Forensics Weekly from Teel Tech](https://paper.li/teeltech/1366225992)
 - [This Week in 4n6](https://thisweekin4n6.com/)
 
 ### Blog Lists

docs/bradley_schatz.md

@@ -2,7 +2,7 @@
 tags:
   - People
 ---
-Bradley Schatz is the Director of [Schatz Forensic](https://schatzforensic.com/),
+Bradley Schatz was the Director of Schatz Forensic,
 a computer forensics firm based in Brisbane, Australia. Dr. Schatz received his
 Ph.D. in Computer Forensics at the [Queensland University of Technology (QUT)](http://www.qut.adu.au/)
 in 2007. The primary subject of his doctorate, which was titled "Digital

docs/data_mining.md

@@ -15,6 +15,6 @@ people doing forensic data mining and machine learning.
   hosting many open source machine learning tools and libraries.
 * [Apache Mahout](https://mahout.apache.org//): goal is to "build
   scalable, Apache licensed machine learning libraries" (java). also
-  includes a focus on using [hadoop](http://hadoop.apache.org/).
+  includes a focus on using [hadoop](https://hadoop.apache.org/).
 * The [Journal of Machine Learning](https://jmlr.csail.mit.edu/)
   maintains an [archive of non-trivial machine learning algorithms, toolboxes, and languages](https://jmlr.csail.mit.edu/mloss/).

docs/fat.md

@@ -653,13 +653,8 @@ object.
 
 * [Wikipedia: File Allocation Table](https://en.wikipedia.org/wiki/File_Allocation_Table)
 * [Wikipedia: Design of the FAT file system](https://en.wikipedia.org/wiki/Design_of_the_FAT_file_system)
-* <https://www.ntfs.com/index.html>
-* <https://www.ntfs.com/index.html/ntfs_vs_fat.htm>
-* <http://support.microsoft.com/kb/q154997/#XSLTH3126121123120121120120>
-* <http://www.dewassoc.com/kbase/hard_drives/boot_sector.htm>
-* <http://home.teleport.com/~brainy/fat32.htm>
-* <https://www.ntfs.com/index.html/fat-systems.htm>
-* <http://support.microsoft.com/kb/q140418>
+* [NTFS — New Technology File System for Windows](https://www.ntfs.com/index.html)
+* [exFAT file system specification](https://learn.microsoft.com/en-US/windows/win32/fileio/exfat-specification)
 
 ### Format documentation
 

docs/forensic_corpora.md

@@ -14,14 +14,9 @@ proven invaluable in performing a range of studies such as the
 developing of new forensic techniques and the sanitization practices of
 computer users.
 
-<!-- -->
-
-
 Garfinkel, S. and Shelat, A., [Remembrance of Data Passed: A Study of Disk Sanitization Practices](http://www.simson.net/clips/academic/2003.IEEE.DiskDriveForensics.pdf),
 IEEE Security and Privacy, January/February 2003.
 
-<!-- -->
-
 The Honeynet Project: Challenges.
 In 2001 the Honeynet project distributed a set of disk images and asked
 participants to conduct a forensic analysis of a compromised computer.
@@ -36,8 +31,6 @@ partial disk images.
 * [Challenge 7: Compromised Server](https://www.honeynet.org/challenges/forensic-challenge-7-analysis-of-a-compromised-server/)
 * [Challenge 9: Mobile Malware](https://www.honeynet.org/challenges/forensic-challenge-9-mobile-malware/)
 
-<!-- -->
-
 Honeynet Project Scans of the Month
 The Honeynet Project provided network scans in the majority of its Scan
 of the Month challenges. Some of the challenges provided disk images
@@ -46,18 +39,12 @@ challenges.
 
 <http://wiki.sleuthkit.org/index.php?title=Case_Studies>
 
-<!-- -->
-
 The [Computer Forensic Reference Data Sets](https://cfreds.nist.gov/) project from [NIST](national_institute_of_standards_and_technology.md) hosts a few sample cases that may be useful for examiners to practice with:
 <https://cfreds.nist.gov/Hacking_Case.html>
 
-<!-- -->
-
 Digital Forensics Tool Testing Images can be downloaded from Sourceforge
 <https://dftt.sourceforge.net/>
 
-<!-- -->
-
 Shortinfosec: computer forensics competition
 <https://www.shortinfosec.net/2008/07/competition-computer-forensic.html>
 
@@ -67,23 +54,12 @@ incriminating evidence.
 (Note: Unfortunately, when checked in October, 2011, the disk image
 seemed unavailable.)
 
-<!-- -->
-
 Lance Mueller has created some disk images; they can be downloaded from his blog
 <http://www.forensickb.com/search?q=practical>
 
-<!-- -->
-
 Barry Grundy created some disk images as parts of a Linux-based forensics tutorial
 <https://linuxleo.com/>
 
-<!-- -->
-
-The PyFlag standard test image set
-<https://pyflag.sourceforge.net/Documentation/tutorials/howtos/test_image.html>
-
-<!-- -->
-
 The Digital Forensic Research Workshop's Rodeos and Challenges
 Several of the Rodeos and Challenges from DFRWS released their data and
 scenario writeups. The following had disk images as parts of their
@@ -222,38 +198,28 @@ of meeting recordings.
   training scenario, including disk images, packet captures and
   exercises.
 
-<!-- -->
-
 - The [Canterbury Corpus](https://corpus.canterbury.ac.nz/) is a set of
   files used for testing lossless compression algorithms. The corpus
   consists of 11 natural files, 4 artificial files, 3 large files, and a
   file with the first million digits of pi. You can also find a copyof
   the Calgaruy Corpus at the website, which was the defacto standard for
   testing lossless compression algorithms in the 1990s.
 
-<!-- -->
-
 - The [UMass Trace
   Repository](https://traces.cs.umass.edu/index.php/Main/HomePage)
   provides network, storage, and other traces to the research community
   for analysis. The UMass Trace Repository is supported by grant
   \#CNS-323597 from the National Science Foundation.
 
-<!-- -->
-
 - [Sony has made 60TB of Everquest 2 logs available to
   researchers.](https://arstechnica.com/gaming/2009/02/aaas-60tb-of-behavioral-data-the-everquest-2-server-logs/)
   What's there? "everything."
 
-<!-- -->
-
 - UCI's [Network Data
   Repository](http://networkdata.ics.uci.edu/resources.php) provides
   data sets of a diverse set of networks. Some of the networks are
   related to computers, some aren't.
 
-<!-- -->
-
 - [UT San Antonio Digital
   Corpora](https://digitalcorpora.org//corp/nps/files/filetypes1/)
 

docs/forensic_live_cd_issues.md

@@ -189,4 +189,4 @@ almost the same, except it doesn't write block anything by default).
 
 * [Linux for computer forensic investigators: problems of booting trusted operating system](http://www.computer-forensics-lab.org/pdf/Linux_for_computer_forensic_investigators_2.pdf)
 * [Linux for computer forensic investigators: «pitfalls» of mounting file systems](http://www.computer-forensics-lab.org/pdf/Linux_for_computer_forensic_investigators.pdf)
-* [Testing the forensic soundness of forensic examination environments on bootable media](http://www.dfrws.org/2014/proceedings/DFRWS2014-3.pdf)
+* [Testing the forensic soundness of forensic examination environments on bootable media](https://dfrws.org/presentation/testing-the-forensic-soundness-of-forensic-examination-environments-on-bootable-media/)

docs/full_disk_encryption.md

@@ -36,36 +36,23 @@ available to the public.
 
 Toshiba *Self-Encrypting Drives* ("SED")
 
-- [AES-256](http://sdd.toshiba.com/main.aspx?Path=ServicesSupport/Self-EncryptingDrives)
-  (certification issued by NIST)
-
 ### Supplemental Hardware / External Chassis
 
 Addonics product lines
 <http://www.addonics.com/products/cipher/CPD256U.asp>
 
-<!-- -->
-
 Apricorn product lines
 <http://www.apricorn.com/products.php?cat_id=72>
 
-<!-- -->
-
 DigiSafe
 <http://www.digisafe.com/products/products_DiskCryptMobile.htm>
 
-<!-- -->
-
 Eracom Technology DiskProtect
 <http://www.eracom-tech.com/drive_encryption.0.html>
 
-<!-- -->
-
 iStorage DiskCrypt Mobile
 <http://www.istorage-uk.com/diskcryptmobile.php>
 
-<!-- -->
-
 Network Appliance (Decru)
 <https://www.netapp.com/ftp/decru-fileshredding.pdf>
 
@@ -76,19 +63,13 @@ Network Appliance (Decru)
 beCrypt
 <https://www.becrypt.com/uk/>
 
-<!-- -->
-
 BitArmor by [DataControl](datacontrol.md) FDE tool that protects
 fixed and removable media.
 
-<!-- -->
-
 [BitLocker](bitlocker_disk_encryption.md)
 Part of Windows Vista that uses [AES](aes.md) 128 or 256 bit
 encryption
 
-<!-- -->
-
 [CGD](cgd.md)
 Cryptographic Device Driver. Provides transparent full disk encryption
 for [NetBSD](netbsd.md).
@@ -101,29 +82,21 @@ keys) and [3DES](3des.md) (uses a 64 bit blocksize and accepts
 
 <http://www.netbsd.org/docs/guide/en/chap-cgd.html>
 
-<!-- -->
-
 [Checkpoint Full Disk Encryption](checkpoint_full_disk_encryption.md)
 <https://www.checkpoint.com/quantum/data-loss-prevention/>
 
-<!-- -->
-
 [DiskCryptor](diskcryptor.md)
 Free solution provided under GNU General Public License.
 
 <https://diskcryptor.org/>
 
-<!-- -->
-
 [FreeOTFE](freeotfe.md)
 Transparent on the fly encryption for [MS Windows](windows.md)
 and [Windows Mobile](microsoft_windows_mobile.md) PDAs. Also
 supports mounting [Linux](linux.md)
 dm-crypt and
 [LUKS](linux_unified_key_setup_(luks).md) volumes
 
-<!-- -->
-
 [GBDE](gbde.md)
 GEOM Based Disk Encryption. Provides transparent full
 disk and swap encryption for [FreeBSD](freebsd.md). Supported
@@ -134,8 +107,6 @@ Supports hidden volumes and Pre-Boot Authentification.
 Since data loss can occur on unexpected shutdowns, GELI is recommended
 instead of GBDE.
 
-<!-- -->
-
 [GELI](geli.md)
 Cryptographic GEOM class. Provides transparent full
 disk encryption for [FreeBSD](freebsd.md). Supports various
@@ -144,31 +115,21 @@ ciphers: [AES](aes.md),
 
 Supports hidden volumes and Pre-Boot Authentification.
 
-<!-- -->
-
 [FileVault Disk Encryption](filevault_disk_encryption.md)
 
-<!-- -->
-
 [Jetico BestCrypt](https://www.jetico.com/)
 
-<!-- -->
-
 [loop-AES](https://sourceforge.net/projects/loop-aes/)
 Transparent file system and swap encryption for [Linux](linux.md)
 using the loopback device and [AES](aes.md).
 
-<!-- -->
-
 [Linux Unified Key Setup (LUKS)](linux_unified_key_setup_(luks).md) or dm-crypt
 Transparent file system and swap encryption for [Linux](linux.md)
 using the Linux 2.6 device mapper. Supports various ciphers and
 [Linux Unified Key Setup (LUKS)](linux_unified_key_setup_(luks).md).
 
 <https://www.saout.de/misc/dm-crypt/>
 
-<!-- -->
-
 [PGPDisk](pgpdisk.md)
 Pretty Good Privacy Whole Disk Encryption provides transparent whole
 disk encryption with Pre-Boot authentification for
@@ -184,8 +145,6 @@ keys).
 
 <http://www.pgp.com/products/wholediskencryption/>
 
-<!-- -->
-
 SafeGuard Easy
 Certified according to Common Criteria
 EAL3 and FIPS 140-2
@@ -198,12 +157,8 @@ including the boot disk.
 
 <https://utimaco.com/products>
 
-<!-- -->
-
 [Securstar DriveCrypt](http://www.securstar.com/products_drivecryptpp.php)
 
-<!-- -->
-
 [TrueCrypt](truecrypt.md)
 Transparent full disk encryption for [Linux](linux.md) and
 [Windows](windows.md). Supports [AES](aes.md) (256 bit), [Serpent](serpent.md)
@@ -213,15 +168,11 @@ Supports hidden volumes within TrueCrypt volumes (plausible deniability).
 
 <https://truecrypt.sourceforge.net/>
 
-<!-- -->
-
 [VeraCrypt](https://www.veracrypt.fr/)
 Fork of [TrueCrypt](truecrypt.md) project. Support for for
 [Linux](linux.md), [Windows](windows.md), and
 [MacOS](mac_os_x.md).
 
-<!-- -->
-
 [vnconfig](vnconfig.md)
 The -K option of [OpenBSD](openbsd.md) associates
 and encryption key with the svnd device. Supports saltfiles. Supported

docs/josh_goldfoot.md

@@ -1,6 +1,6 @@
 ---
 tags:
-  - No Category
+  - People
 ---
 <img src="JGoldfoot.jpg" title="JGoldfoot.jpg" width="200"
 alt="JGoldfoot.jpg" /> Josh Goldfoot is Senior Counsel with the Computer
@@ -19,6 +19,3 @@ Department of Justice in 2005, he did appellate and civil litigation,
 and clerked for judge Alex Kozinski on the Ninth Circuit U.S. Court of
 Appeals. He was a Special Assistant United States Attorney in the
 Eastern District of Virginia for six months in 2007 and 2008.
-
-- [The Physical Computer and the Fourth
-  Amendment](http://www.bjcl.org/archives/16_1/3_Goldfoot_draft1.pdf)

docs/mac_times.md

@@ -104,6 +104,5 @@ should be disabled.
 
 ### NTFS
 
-- [Disable the NTFS Last Access Time
-  Stamp](http://www.winguides.com/registry/display.php/50/)
+- [Disable the NTFS Last Access Time Stamp](http://www.winguides.com/registry/display.php/50/)
 - [Microsoft KB 299648: Description of NTFS date and time stamps for files and folders](https://mskb.pkisolutions.com/kb/299648)

docs/malware_analysis.md

@@ -192,7 +192,7 @@ and the entry point of the new image is executed.
 
 #### Uroburos
 
-* [Uroburos - Highly complex espionage software with Russian roots](https://public.gdatasoftware.com/Web/Content/INT/Blog/2014/02_2014/documents/GData_Uroburos_RedPaper_EN_v1.pdf),
+* [Uroburos - Highly complex espionage software with Russian roots](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2014/08/20082353/GData_Uroburos_RedPaper_EN_v1.pdf),
   by G Data SecurityLabs, February 2014
 * [Uroburos: the snake rootkit](http://artemonsecurity.com/uroburos.pdf),
   by deresz, tecamac, March 12, 2014

docs/office_365.md

@@ -133,7 +133,7 @@ is important to know that:
 
 \$UserCredential = Get-Credential \$Session = New-PSSession
 –ConfigurtionName Microsoft.Exchange –ConnectionUri
-<https://outlook.office365.com/powershell-liveid/> -Credential
+`https://outlook.office365.com/powershell-liveid/` -Credential
 \$UserCredential –Authentication Basic –AllowRedirection
 Import-PSSession \$Session Get-Mailbox
 
@@ -160,6 +160,5 @@ Import-PSSession \$Session Get-Mailbox
 
 ## External Links
 
-- [Backup Office 365
-  Mailbox](https://www.systoolsgroup.com/office365-backup/), by the
-  [SysTools](systools.md)
+- [Backup Office 365 Mailbox](https://www.systoolsgroup.com/office365-backup/),
+  by [SysTools](systools.md)