Full Access to Bertram Lyons, MedEx Forensics
How can you know if video evidence is valid or has been altered? By analyzing a file’s metadata without accessing personal information or video footage, Medex can identify if it has been tampered with and flag it for further investigation.
As videos can be easily manipulated, authenticating them is becoming legally necessary. The digital forensic community should apply more pressure to ensure that files can be evaluated earlier in their lifecycle.
- Bertram started as an assistant supporting the Alan Lomax Archive in New York.
- He was a Media Preservation Specialist for the University of Kansas Libraries.
- The University of Kansas had a Museum Studies Program. This program allowed Bertram to obtain a master’s degree in all the details related to handling historical collections.
- His degree led to the position of Archivist for the Library of Congress.
[09:09] Alan Lomax and the importance of his work
- Alan Lomax was a self-made folklorist who traveled the U.S. with his father.
- His father had access to one of the first portable disk-cutting machines, which allowed recordings outside of a studio onto a disk rather than a cylinder.
- At that time, the world thought that the U.S. didn’t have a musical tradition. John Lomax set about recording songs all over the country.
- The Library of Congress heard what John was doing, so it hired him to open the Archive of American Folk Song in the 1930s.
- Alan went on to do the same work all over the world. By the time he passed away, his archive was immense.
[13:02] Bertram’s position as Partner and Managing Director for Software Engineering at AVP
- When Bertram started with the group, it was known as AVPS(Audio Visual Preservation Solutions). The company later changed its name to AVP.
- The group helps people manage massive digital collections by building sore sets of structured and unstructured digital assets.
- Bertram spent much of his time helping organizations create new infrastructure for petabyte-sized or more collections.
[17:11] How did Bertram’s jobs prepare him to develop and found Medex forensics?
- While he was working at AVP, the FBI contacted the company. The FBI was trying to improve its internal capacity, moving from analog to digital.
- Bertram designed training to teach the examiners how to ensure they’ve read and interpreted every single bit in any digital evidence.
- When Bertram saw how much the FBI cared about what they were doing and the good they were doing in the world, he realized he could also apply his experience to that goal.
[22:28] What is Medex?
- Medex is designed for forensically analyzing digital videos and does not rely on commonly available open-source tools.
- The tool brings a new approach to analyzing digital files that can add information to the table that doesn’t exist today.
- Medex helps law enforcement with ICAC and CSAM investigations.
- The news media uses Medex on video evidence to know if that video is valid.
- Medex works with C2PA to address misinformation.
[35:25] Real-world examples of Medex successfully authenticating videos for legal or investigative purposes
- A police department sought assistance verifying the authenticity of a crucial video related to a case. Medex successfully confirmed that the video originated from the device in question and had not undergone any alterations.
- Soon, there may be a legal requirement to authenticate videos due to their vulnerability to manipulation.
- Recently, Medex provided assistance in a CSAM case that was elevated to a federal level. The company was able to establish a clear connection between the videos and the individual involved.
- In another CSAM case, it appeared that the person had acquired the video and not created it. However, Medex proved that the video was created on the same kind of laptop the person had.
[41:11] Medex Forensics and computer-generated videos
- One of the newer challenges in CCM investigations is computer-generated videos that are almost indistinguishable to the human eye.
- Determining the probability that a video is real or fake is challenging, and success depends on where the file is in its lifecycle.
- Medex can determine if a video is a camera-original video based on the file’s structure.
- While sometimes it can’t be certain if a camera caught the video, Medex can test for the software used to create it.
[48:32] Using Cloud technology to power the Medex forensics tool
- While Medex is a forensic tool, it is also a data platform. The largest cache of media in the world is digital video.
- Medex decided to use Amazon Web Services (AWS) to make the business scalable.
- With Medex in the cloud, data processing is more efficient and accessible worldwide. As a result, the video analysis engine can function non-stop, 24/7.
- Medex Forensics knew it would build an encoding library, which it updates daily. If the company were a desktop-only service, people would fall behind quickly.
[51:31] Medex and Grayshift working together on a presentation series
- Medex customers have many questions about how video is stored and interacted with on iPhone devices, and Grayshift knows a lot about iPhones and iOS.
- Grayshift extracts data and sometimes relies on other tools to analyze that data.
- An examiner must know how things work to talk about them forensically.