Posts Tagged ‘Computer Forensics’

Fully Careers About Computer Forensics

Friday, February 19th, 2010

The field of computer forensics is growing exponentially, and every day new jobs opening up this exciting and challenging new field of criminology. The fact is that computers are everywhere in our society and continue to take more complex. This means that a computer forensics work is far from over and dead boring.

Computer Forensics is also one of the most profitable areas of forensic science and has a good opportunity to travel too. If you like computers and computers to solve puzzles and problems, if a job in computer forensics is the job you want.

The search for a school that teaches computer forensics should not be a problem because more and more schools are added to inform the forensic science to include in its curriculum. However, you want to ensure that the school will help you stay on your degree able to find an internship somewhere, it will also serve.

Find what many people have opted for computer-related careers is what we do in the final behind a desk dull repetitive work that found no real satisfaction. However, this is not a problem that is on a career in computer forensics, that new challenges and exciting with each new case leads.

Criminals profit from that computer to commit their crimes are becoming more sophisticated and are constantly working to stay one step ahead of law and technology available. This means not only to solve current computer-related crimes but also to develop new methods and technologies to others in the same area, which included a practice in their work.

Because companies are always in number and the risk of hackers and contractors is also increasing, so have developed their own safety.

The organizations have developed measures for the security of their networks, such as intrusion detection systems (IDS), proxies, firewalls, on the security situation in the network of an organization. So, technically achieve the main goal of computer forensics is the collection, protection and control of data, so that the integrity of evidence collected in order to protect effectively and efficiently in a case. Investigation of computer forensics has some typical problems. In the first area to investigate computer expert, the computer should be the nature of the evidence that they know are looking for effective searching. Computer crimes are a wide range, such as child pornography, identity theft and destruction of data or computer.

Consulting work with businesses and the economy, but work for people too. Many of these investigations related to intellectual property theft, sexual harassment, corporate fraud and misuse of investor funds. They can also be as a private detective hired to track everything from theft embezzlement, adultery.

Elected also more and more people that the computer forensics as a profession will ultimately have to do the same lucrative job as a consultant to private companies will tell, as they do not become victims.

if you need more information about international business or email: info@freemoneyonlinesite.com

For important knowledge in the sphere of free website traffic – read this page. The time has come when concise info is really at your fingertips, use this opportunity.

  • Share/Bookmark

Tags:
Posted in Computer Forensics | No Comments »

The Debate Over “Mobile Forensics” – Really?!

Friday, October 2nd, 2009

This seems to be an ongoing debate that has a simple explanation (in my opinion)…

1. Start with the basic definition of forensics and move forward from there.

SOURCE: http://www.merriam-webster.com/dictionary/forensic
- Function: adjective
- Etymology: Latin forensis public, forensic, from forum forum
- Date: 1659
1: belonging to, used in, or suitable to courts of judicature or to public discussion and debate
2: argumentative, rhetorical
3: relating to or dealing with the application of scientific knowledge to legal problems

2. Let’s move on to define “computer forensics”
SOURCE: US CERT: http://www.us-cert.gov/reading_room/forensics.pdf

We define computer forensics as the discipline that combines elements of law and and computer science to collect and analyze data from computer systems, networks, wireless communications, and storage devices in a way that is admissible as evidence in a court of law.

Remember that there are methodologies used in computer forensics which may be destructive, or not preserve the “original” because of the process used. There are also processes in traditional crime laboratories (DNA, biology, etc.) that also use destructive methodologies, leaving no way for a second examination to take place – even for the defense!

Why do we tend to think that if a tool is marketed as “forensic” – that in fact it is? Don’t we do verification and validation? What happens when we do a logical acquisition of a server? Is it not fact that we are leaving data behind and could be construed as “non-forensic” because it is not a true “bit-by-bit” image?

We all know that cellular telephones are devices that contain data. The only reason there is ANY debate is because companies have developed “forensic” products for these devices. The fact comes down to the examiner’s methodologies used to preserve, analyze, and present the evidence in a legal proceeding.

What we must do as examiners has been roughly outlined in a draft document that I had the honor to be invited to participate in authoring with Sam Brothers, Rick Ayers, and other forensic examiners with the Scientific Working Group on Digital Evidence this past January. The document is titled “Best Practices for Mobile Phone Examinations v1.0” and is available for download, review and your comments at http://swgde.org/documents.html.

There is no debate that cellular telephone data changes all the time. But, we as examiners must recognize that what we are most interested in on cellular telephones is user generated data. We want to see the call logs, text messages, photos, videos, dates and times of activities, etc. This data is written to the phone operating system and is usually retrievable through non-traditional methodologies.

There are also times that we will NOT be able to retrieve the information using “forensic” products, “non-forensic” products (to include flash boxes, bitpim), etc. Do we not oftentimes have “no choice” but to take pictures of the screens we manually navigate to document what the user did? What about if the screen is broken, and there is no way to create a “fraternal clone” 1 as we did back in 2004 when a phone was destroyed and thrown into a canal for a few days? The evidence is there – it is just a matter of documenting HOW you got what you got! At the “tip of the iceberg” is the chip-off technique that is destructive, yet has been used to pull data from phones when all else fails.

The SWGDE document referenced above should help anyone with questions on what is “acceptable” in this field – for now. SWGDE meets again next week to hopefully finalize this document. You still have a chance to submit your comments at their site. Unfortunately, I will not be at this meeting due to a prior teaching engagement. However, my senior examiner will be there, as well as Sam, Rick and others who read these postings.

Finally, another project I gave input on was the often debated certification at www.mfce.us. That’s my 2 cents on the subject…

Danny Garcia
Miami, Florida
http://www.twitter.com/danmiami
http://www.linkedin.com/garciadanny
——————-
Danny Garcia is a full time law enforcement officer since 1992 and is the supervisor of a forensic computer laboratory in Miami, Florida. He is also a contract instructor with Mobile Forensics, Inc.

1 Cindy Murphy coined the term “fraternal clone” and presented the information at the Mobile Forensics World Conference 2009

All materials contained in this document are protected by United States copyright law . You may not alter or remove any trademark, copyright or other notice from copies of the content.

  • Share/Bookmark

Tags: , , , , , , ,
Posted in Computer Forensics, Mobile Forensics | No Comments »