July 16th, 2009 at 02:55am
Under Computer Law
Computer forensics is a lot like the CSI investigation programs on the television. Using advanced techniques and technologies, a computer forensic scientist will reconstruct a possible crime using the data that one computer systems. This data may include email trails, files, hidden directories and other related clues.
Computer Forensics is the scientific study of computers or computer related data in relation to an investigation by a law enforcement agency for use in a court of law. While this technology may be as old as computers themselves, the advances in technology are constantly revising this science.
While all computer languages are created with ones and zeros, it’s much easier to track what was done when, although by whom continues to be problematic. Forensic science has done well to keep up with the task of tracking and tracing what is done and creation of a timeline in an attempt to reconstruct a possible crime. Although it’s possible to clean and remove data from a hard drive, most people simply think that a delete key really removed the data. In actuality, the delete key simply removed the file location from an index file and the actual data is still safely on the system. It’s up to the data recovery skills of the forensic computer personnel to capture and restore that data without modification.
Computer forensics can be used to track emails, instant messaging and just about any other form of computer related communications. This can be necessary, especially in the world where computers and data travel around the world in seconds. Packet sniffers can literally be placed within a data stream and provide information on what’s running through the network in real time. This is really phenomenal considering the millions upon millions of data packets moving through any individual part of the network.
Computer forensic science is an interesting niche in the law enforcement field that is seldom considered as a career. As it’s relatively new, the field is considered by many to be wide open for anyone with the initiative to learn the skills. Unlike many computer related jobs, a computer forensic specialist will not be outsourced to a country on the other side of the world. The confidentiality of the data is just too sensitive to allow it to travel throughout the world just to save a little cash.
Abigail Franks writes on many subjects having to do with home, and Business. For more information on computer forensics visit the site at
http://www.openbriefcase.com
July 15th, 2009 at 02:54pm
Under Computer Law
Computer Forensics – A Brief Description
Computer Forensics is the function of utilising scientifically proven methods to assemble together and process data found on a digital device, (computer, hard disk drive, mobile phone, memory card etc), and interpret that data for possible use in a court of law or other theatre of investigation. The evidence may assist in the prosecution or a criminal, help in the defence of an accused person, or be of intelligence to an individual who is seeking knowledge for either personal or professional reasons.
The main users of Computer Forensics are law enforcement officers, as a large percentage of crimes in some way utilise digitally stored data. This data could be a phone call made on a mobile phone, (or cell phone), which could place an individual at the scene of a crime, (or of course away from it), accounts for illegal activities such as drug sales, images of paedophilia, human resource issues, hacking, email abuse, unauthorised data duplication, IP theft etc. Corporate organisations are utilising computer forensics more and more now as they often have to investigate incidents such as inappropriate computer use, inappropriate email use, unauthorised data duplication and disloyal employees. Human Resource departments and Internal Security are the biggest users of these specialist corporate services. Private individuals may also use these services. It may be the lover cheating on their partner, or inappropriate internet use by a family member.
Computer Forensics or Cyber Forensics as it is also known, is now taught at many colleges and universities around the world, and is available to both the law enforcement community and private individuals.
What to do if you suspect illegal or inappropriate activity on a computer or digital device:
1. Turn the power off – Pull the plug out if necessary
2. Secure the ‘exhibit’. Don’t allow anyone access to it, security seal it if possible
3. Contact a Computer Forensics Expert
What NOT to do if you suspect illegal or inappropriate activity on a computer or digital device:
1. Call your IT manager, or one of your technical staff
2. Get them to ‘see’ if the user has been looking at ‘dodgy’ websites or if any important files are missing
3. Sack the member of staff
The analogy of the above:
Imaging a body lying in a muddy field. There is a blanket over the body and something petruding from it. By not following procedures, what you will have done is the same as follows:
1. See the body
2. Walk up to the body in the field
3. Take the blanket off the body
4. Move the body to ‘have a look’
5. Put the blanket back over the body – ‘like it was before’
6. Leave the field
What you have just done:
Entered the scene of a crime, left YOUR footprints all over the muddy field, left YOUR fingerprints on the body and blanket, left YOUR DNA all over the place.
You then expect to call the relevant organisation/authority and have them try and find evidence, which has just been tainted by YOU or YOUR STAFF. This is not a good start, and could make the case in question inadmissible.
Remember that this is a very specialised service provided by experts. Use experts to do the job correctly in the first place, then there shouldn’t be a problem.
Simon Steggles
Disklabs Computer Forensics
www.disklabs.com/computer-forensics.asp
www.computer-forensics.co.uk
simon.steggles@disklabs.com