computer-forensics by tuananh1080


More Info
									What is Computer Forensics?

Computers have radically changed the way we live your lives. Everyday
living as become easier and technologically advanced decades ago. It has
changed the way we work and the way we live in our houses. Children to
day are sometimes even more technologically aware than their parents.
Mobiles phones have gotten smaller and laptops have gotten slimmer.

With the launch of the Iphone that used the touch screen technology it
will only be a matter of time when this idea permeates into other devices
and appliances. Unfortunately, technology also makes it easier for
criminals to their dirty job. However, computer forensics makes sure that
technology is put to lawful use.

Everyone keeps up with the times, even   the criminals. The internet is a
public place which makes it vulnerable   for fraud. Criminals often take
advantage of unsuspecting victims. Law   enforcement agencies have
incorporated computer science in their   investigation process to aid them
with computer savvy criminals.

Crime and computers

We have seen a lot of Hollywood movies about hackers stealing from
financial institutions. We have also seen two parties making their deals
through bank transfers with a bunch of computers. Although these are not
possible in real life, there are other ways that criminals can use

Computer forensics is basically applying computer science to assist in
the legal process. It entails the technological and systematic inspection
of the contents of a computer system for evidence. Individuals in this
field are called by different titles such as digital media analyst or
computer forensics investigator. These people scanned a computer
thoroughly to find out if they have used for a civil wrongdoing or
criminal act.

The skills required are more than just normal data collection and using
preservation techniques. Other definitions include the use of special
tools to meet the Court's criteria and not just a thorough examination of
a computer for potential evidence. This definition is similar to Electric
Evidentiary Recovery or e-discovery.

Most of the time computer forensic investigators investigate hard drives,
portable data devices and data storage devices. These devices include USB
Drives, Micro Drives and external Drives.

The first task of the computer forensic investigator is to find sources
of documentary or digital evidence. The next step would be to preserve
the evidence so that it could be analyzed later on. When dealing with
computer systems, important files or data can be quickly lost.

The investigator should take the necessary test because data retrieval
can be time consuming and costly. The investigator would then analyze the
collected data for potential and supportive evidence. The final step
would be presenting the findings. The investigator will render his
opinion based on the examination and make a report.

The process of using computer forensics must comply with the standards of
evidence that are acceptable in court. This field is both technical and
legal. The investigator should also have a complete understanding of the
suspect's level of sophistication. If they don't the suspects are assumed
to be experts.

Investigators then presume that the criminal have installed a
countermeasure to render forensic techniques useless. The computer will
then be shutdown completely to prohibit the machine from making further
modifications to its drives.

Computer technology has changed the way we live, work, and for others -
commit crime. Although the internet may seem like a very convenient place
users should always be wary for seemingly innocent offers.

To top