Rod, A few thoughts regarding trends. As offenders become more familiar with the technology and the associated risks, they are exhibiting more concealment behavior. You mentioned the use of encryption. Other forms of concealment occur on networks (e.g., Freenet, onion routing) and mobile phones (e.g., prepaid phones, destroying SIMs in GSM phones). As we become more familiar with embedded systems, forensic examiners are using the information they contain. The Netherlands Forensic Institute is in your area and is at the forefront in this area and have developed several useful tools for processing mobile phones, PDAs, and memory chips. As Gary Palmer and James Holley noted, there is an increasing expectation that the principles of forensic science be applied in the digital realm. In addition to repeatable results and Locard's exchange principle (I can verify that this applies in the digital realm), there is an increasing demand and associated supply for tools that apply particular techniques used in other forensic science disciplines (e.g., temporal, functional, and relational reconstructions). As our analysis techniques and tools advance, our practices will be come as formalized as other specializations such as arson investigation. I would be interested to hear your thoughts on this topic after your interview - I imagine that the discussion will bring up additionaly questions and issues. Eoghan On Mon, 14 Oct 2002, Morris, Rod wrote: > Hello everyone, > > I've been asked to say a few words for an interview concerning "the future > of computer forensics". Amongst other things I thought I'd mention the > challenges posed by (IMHO) an increasing use of encryption amongst users, > developments in forensic tools (such as EnCase Enterprise edition) and an > increasing awareness of the legal issues surrounding computer forensic > investigation. > > This specific interview aside, I'd be very interested to hear other opinions > on where we're going and what others working in this field think the major > technological challenges and developments are likely to be over the next few > years... > > Kind regards, > > Rod > > -- > Rod Morris > KPMG > Forensic Technology > tel +31 (0) 20 656 8884 > fax +31 (0) 20 656 7790 > e-mail Morris.Rodat_private > X.400 c=NL;a=CONCERT;p=KPMG;s=morris;g=rod > > > > ********************************************************************** > De informatie verzonden met dit e-mailbericht (en bijlagen) > is uitsluitend bestemd voor de geadresseerde(n) en zij die > van de geadresseerde(n) toestemming kregen dit bericht te > lezen. Gebruik door anderen dan geadresseerde(n) is > verboden. De informatie in dit e-mailbericht (en bijlagen) > kan vertrouwelijk van aard zijn en kan binnen het bereik > vallen van een geheimhoudingsplicht en een verschonings- > recht. > > Any information transmitted by means of this e-mail (and any > of its attachments) is intended exclusively for the addressee > or addressees and for those authorized by the addressee > or addressees to read this message. Any use by a party > other than the addressee or addressees is prohibited. > The information contained in this e-mail (or any of its > attachments) may be confidential in nature and fall under a > duty of non-disclosure and the attorney-client privilege. > ********************************************************************** > > > ----------------------------------------------------------------- > This list is provided by the SecurityFocus ARIS analyzer service. > For more information on this free incident handling, management > and tracking system please see: http://aris.securityfocus.com > ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sat Oct 19 2002 - 14:11:05 PDT