Digital Forensics for Legal Professionals
eBook - ePub

Digital Forensics for Legal Professionals

Understanding Digital Evidence from the Warrant to the Courtroom

Larry Daniel,Lars Daniel

Partager le livre
  1. 368 pages
  2. English
  3. ePUB (adapté aux mobiles)
  4. Disponible sur iOS et Android
eBook - ePub

Digital Forensics for Legal Professionals

Understanding Digital Evidence from the Warrant to the Courtroom

Larry Daniel,Lars Daniel

DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations

À propos de ce livre

Digital Forensics for Legal Professionals is a complete non-technical guide for legal professionals and students to understand digital forensics. In the authors' years of experience in working with attorneys as digital forensics experts, common questions arise again and again: "What do I ask for?" "Is the evidence relevant?" "What does this item in the forensic report mean?" "What should I ask the other expert?" "What should I ask you?" "Can you explain that to a jury?" This book answers many of those questions in clear language that is understandable by non-technical people. With many illustrations and diagrams that will be usable in court, it explains technical concepts such as unallocated space, forensic copies, timeline artifacts and metadata in simple terms that make these concepts accessible to both attorneys and juries.

The book also explains how to determine what evidence to ask for, evidence that might be discoverable, and furthermore, it provides an overview of the current state of digital forensics, the right way to select a qualified expert, what to expect from that expert, and how to properly use experts before and during trial. With this book, readers will clearly understand different types of digital evidence and examples of direct and cross examination questions. It includes a reference of definitions of digital forensic terms, relevant case law, and resources.

This book will be a valuable resource for attorneys, judges, paralegals, and digital forensic professionals.

  • Provides examples of direct and cross examination questions for digital evidence
  • Contains a reference of definitions of digital forensic terms, relevant case law, and resources for the attorney

Foire aux questions

Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier l’abonnement ». C’est aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via l’application. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă  la bibliothĂšque et Ă  toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode d’abonnement : avec l’abonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă  12 mois d’abonnement mensuel.
Qu’est-ce que Perlego ?
Nous sommes un service d’abonnement Ă  des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă  toute une bibliothĂšque pour un prix infĂ©rieur Ă  celui d’un seul livre par mois. Avec plus d’un million de livres sur plus de 1 000 sujets, nous avons ce qu’il vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Écouter sur votre prochain livre pour voir si vous pouvez l’écouter. L’outil Écouter lit le texte Ă  haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, l’accĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que Digital Forensics for Legal Professionals est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă  Digital Forensics for Legal Professionals par Larry Daniel,Lars Daniel en format PDF et/ou ePUB ainsi qu’à d’autres livres populaires dans Computer Science et Cyber Security. Nous disposons de plus d’un million d’ouvrages Ă  dĂ©couvrir dans notre catalogue.

Informations

Éditeur
Syngress
Année
2011
ISBN
9781597496445
Sujet
Computer Science
Sous-sujet
Cyber Security
Section 1
What Is Digital Forensics?
Outline
Chapter 1

Digital Evidence Is Everywhere

Publisher Summary

This chapter reviews what digital evidence is, how it is created, some of the places it is stored, and the many ways that people are now connected electronically. In today’s connected world, it is nearly impossible to be completely “off the net” such that your activities do not create some form of electronic record. Digital evidence permeates every aspect of the average person’s life in today’s society. No matter what you are doing, a digital footprint is probably being created that contains some type of digital evidence that can be recovered. Sending an e-mail, writing a document, taking a picture with your digital camera, surfing the web, driving in your car with the global positioning system on—all of these activities create digital evidence. This chapter also talks about digital footprints and how they are created not only by you, but also by others on your behalf. Digital evidence is everywhere, and knowing where it is and how to get access to it is half the battle.
Digital Evidence; Computers; Cell Phones; Digital Footprints; Electronic Storage; Electronic Data
Digital evidence is everywhere and permeates every aspect of the average citizen’s life. No matter what you are doing these days, a digital footprint is probably being created that contains some type of digital evidence that can be recovered. Sending an e-mail, writing a document, taking a picture with your digital camera, surfing the web—all of these activities create digital evidence. This chapter will give an overview of what digital evidence is, how it is created, and where it is stored.

Introduction

Digital evidence permeates every aspect of the average person’s life in today’s society. No matter what you are doing these days, a digital footprint is probably being created that contains some type of digital evidence that can be recovered. Sending an e-mail, writing a document, taking a picture with your digital camera, surfing the web, driving in your car with the GPS on—all of these activities create digital evidence.

1.1 What is digital forensics?

The term forensics can be defined as the application of science to a matter of law. The most accepted definition of digital forensics comes from the definition of computer forensics: computer forensics is the collection, preservation, analysis, and presentation of electronic evidence for use in a legal matter using forensically sound and generally accepted processes, tools, and practices.
Specifically, digital forensics is the application of computer technology to a matter of law where the evidence includes both items that are created by people and items that are created by technology as the result of interaction with a person. For instance, data created by a machine process requires that the machine be programmed to create data, and the machine must also be turned on by a person or even by an automatic process that is ultimately started by a person.
Data created as the result of an action performed by a person or user would result in data being recorded both manually and automatically.
The difference in those two types of data from an evidentiary standpoint is that when a computer or other device records data automatically through some process that is designed to be completed independent of user interaction, it is creating machine data; when data is stored or recorded in response to a user’s actions, it is creating personal data.
Personal data should ultimately be attributable to an individual; however, making that attribution can be difficult due to the presence or absence of individualized user accounts, security to protect those user accounts, and the actual placement of a person at the same location and time when the data is created.

1.2 What is digital evidence?

Digital evidence begins as electronic data, either in the form of a transaction, a document, or some type of media such as an audio or video recording. Transactions include financial transactions created during the process of making a purchase, paying a bill, withdrawing cash, and even writing a check. While writing a check might seem to be an old-fashioned method that is not digital or electronic in nature, the processing of that written check is electronic and is stored at your bank or credit card company. Nearly every kind of transaction today is eventually digitized at some point and becomes digital evidence: doctor visits, construction projects, getting prescriptions filled, registering a child at daycare, and even taking the pet in for a rabies shot.
In today’s connected world, it is nearly impossible to be completely “off the net” such that your activities do not create some form of electronic record.
The explosion of social media sites has created a whole new area of electronic evidence that is both pervasive and persistent. People today are sharing their everyday activities, their thoughts, their personal photos, and even their locations via social media such as Twitter, Facebook, and MySpace. Add to this the explosion of the blogosphere, where individuals act as citizen journalists and self-publish blog posts on the Internet ranging from their political views to their personal family blogs with pictures of their kids and pets.
In order for electronic data to become digital evidence, it must be stored somewhere that is ultimately accessible in some fashion; and it must also be recoverable by a forensic examiner. One of the great challenges today is not whether digital evidence may exist, but where the evidence is stored, getting access to that storage, and finally, recovering and processing that digital evidence for relevance in light of a civil or criminal action.
The potential storage options for electronic evidence are expanding every day, from data stored on cell phones and pad computers to storage in the “cloud” where a third-party service provides hard drive space on the Internet for people and businesses to store data.
More and more everyday computing processes are moving to the Internet where companies offer software as a service. Software as a service means that the customer no longer has to purchase and install software on their computer. Some examples of software as a service range from accounting programs like QuickBooks Online, Salesforce.com, or a sales management application to online games that are entirely played via the Internet with no required software installation on the local computer.

1.3 How digital evidence is created and stored

Whenever someone creates an e-mail, writes a document using Notepad or a word processing program, takes a ride in their car with the global positioning unit (GPS) turned on, or pays a bill online, they create digital evidence. Operating your computer, surfing the Internet, or making a phone call on your cell phone—all of these create digital evidence. Digital cameras, digital video cameras, web cams, and digital audio recorders all create digital evidence.
Those are the more well-known forms of digital evidence. However, it is easy to overlook the many ways in which we create digital evidence, many times without realizing we are doing so. If you play games online with other players, view videos from the Internet, shop at one of the thousands of online stores, create a shipping label through UPS, or even send a greeting card through Hallmark’s online site, you are creating digital evidence. And don’t forget about the copy machine at work. Chances are if it is a fairly new copier, scanner, and fax unit, it has a hard drive in it as well that stores data. That security camera you see yourself on at the local convenience store is making a digital record of your visit, as is the financial institution that processes the credit or debit card you just used to buy that pack of gum.
These days it is just about impossible to get through a day without creating some form of digital footprint. Even if you are completely “off the grid” and don’t use a computer or cell phone, running a red light where there is a traffic enforcement camera can capture your license plate, noting your location, and of course, sending you a ticket in the mail and creating a digital record with all of that information. Figure 1.1 shows some of the many ways digital footprints are created.
image

Figure 1.1 Digital footprints are created all the time, whether you want them to be or not
In the beginning the only storage device available for personal computers was the floppy disk or audio cassette tape. When you wanted to share a file or document with someone, you had to save it to a floppy disk or cassette tape. Then you would mail the diskette or use the old “sneaker net” and jog yourself and the diskette over to the person who needed the file.
Today the storage technology available for the average computer user has evolved into multiple s...

Table des matiĂšres