• Decrypting a password is quick and easy, with the right software.
  • Any digital image can be refined to high definition quality.
  • First responder training lags behind advancements in electronics.
    		•

    Are there any misconceptions or anything else about digital evidence that might be important to the non-­scientist?




    Download 430,06 Kb.
    bet11/17
    Sana21.05.2024
    Hajmi430,06 Kb.
    #248066
    TuriGuide
    1   ...   7   8   9   10   11   12   13   14   ...   17
    Bog'liq
    DigitalEvidence

    Are there any misconceptions or anything else about digital evidence that might be important to the non-­scientist?
    There are a number of common misperceptions about the retrieval and usefulness of digital evidence, including:
    Anything on a hard drive or other electronic media can always be retrieved. This is incorrect as over-­‐written or damaged files, or physical damage to the media can render it unreadable. Highly specialized laboratories with clean rooms may be able to examine hard drive components and reconstruct data, but this process is very laborious and extremely expensive.
    Decrypting a password is quick and easy, with the right software. With the increasing complexity of passwords including capitals, numbers, symbols and password length, there are billions of potential passwords. Decryption can take a great deal of time, up to a year in some cases, using
    system resources and holding up investigations. Gathering passwords from those involved in a case is much more efficient and should be done whenever possible.
    Any digital image can be refined to high definition quality. Images can be very useful for investigations, but a low resolution image is made by capturing fewer bits of data (pixels) than higher resolution photos. Pixels that are not there in the first place cannot be refined.
    Investigators can look at digital evidence at the crime scene or any
    time. Just looking at a file list does not damage the evidence. It is crucial to note that opening, viewing or clicking on files can severely damage forensic information because it can change the last access date of a file or a piece of hardware. This changes the profile and can be considered tampering with evidence or even render it completely inadmissible. Only investigators with the proper tools and training should be viewing and retrieving evidence.

    First responder training lags behind advancements in electronics.
    Without regular updates to their training, responders may not be aware of what new digital devices might be in use and subject to collection. For example, there should be an awareness that thumb drives and SD cards can be easily removed and discarded by a suspect in the course of an encounter with law enforcement.

    Download 430,06 Kb.
    1   ...   7   8   9   10   11   12   13   14   ...   17




    Download 430,06 Kb.
    Bosh sahifa
    Aloqalar
        Bosh sahifa
    Dərs
    Mühazirə
    Qaydalar
    Referat
    Xülasə
    Yazı


    Are there any misconceptions or anything else about digital evidence that might be important to the non-­scientist?

    Download 430,06 Kb.