Hi all -- I've spent some of my time on airplanes reading
the US Dept. of Justice report on Evidence Quality Computer
Data (the link is on the Web site). I won't go into great
detail (I'm >loving< European central heating), but the thing
I found the most interesting is that, despite all the great
discussions about how easy it is to modify log data,
>unless< there's reasonable proof that logs have been
modified, they can be admitted as evidence.
Even better, they're generally held to be reliable evidence
if the business submitting them collects them as part of
normal practice and relies upon their information for its
day-to-day activity.
There's also a great discussion of why purely computer-
generated logs are >not< hearsay.
If I could find the author's e-mail address, I'd be very
happy.
cheers -- tbird
"I was being patient, but it took too long." -
Anya, "Buffy the Vampire Slayer"
Log Analysis: http://www.counterpane.com/log-analysis.html
VPN: http://kubarb.phsx.ukans.edu/~tbird/vpn.html
---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Sat Dec 15 2001 - 03:25:14 PST