If you're working in computer forensics, knowing where to look for electronic evidence is critical. A computer forensics investigator seeks evidence in all the electronics on the following list:
| Computer: Digital memories don't forget anything. A hard drive is a goldmine for locating every file that was created, saved, downloaded, sent, or deleted to it or from it, including documents, e-mails, images, and financial records. You can find file content intact, as well as a lot of details about when the file was created, accessed, and edited, and you might even be able to find prior versions. In short, a hard drive is the perfect time machine. | Web site that was visited: Any digital device used to access the Internet can be searched for a listing of where on the Web a user has visited — and when. No one surfs anonymously. |
| PDA: A handheld device records a person's life like no other device does. To find out the where, what, with whom, and how much of a person's life, check his PDA. | MySpace, Facebook, or another social network: Full transcripts of private chats and postings in social networks are gaining on e-mail as the primary source of e-evidence. Note: These chatters chat a lot and don't use punctuation or an easily recognizable language. |
| Cellphone or smart phone: As on a PDA, the information you can find on a user's phone can be the e-evidence you need — or it can lead you toward other e-evidence. You can find detailed logs of incoming and outgoing messages and text messages; transcripts of text messages; address books, calendars; and more. | Chat room: Sadly, predators and other criminals hang out in chat rooms all over the world. |
| E-mail: Everything, no matter how incriminating or stupid, is sent and received by e-mail. In fact, nothing is subjected to searches more than e-mail is. It serves as truth serum, and, for exactly that reason, the notorious connection between e-mail and jail is usually ignored. | Any device that has memory: Digital cameras, iPods, flash drives, SIM cards — if it uses memory, it might have evidence. |
| GPS device: Tracking technology has already been used in high-profile court cases. To find a person's whereabouts, check the GPS device. | Network or Internet service provider (ISP): An ISP is a fertile source of digital dirt and details. If bytes pass through it, each network device records it. |
dummies
Source:http://www.dummies.com/how-to/content/where-to-find-electronic-evidence.html
No comments:
Post a Comment