Federal Bureau of Investigation - Computer Forensic Services:
"The mission of the FBI Cyber Division is to:
- coordinate, supervise and facilitate the FBI's investigation of those federal violations in which the Internet, computer systems, or networks are exploited as the principal instruments or targets of terrorist organizations, foreign government sponsored intelligence operations, or criminal activity and for which the use of such systems is essential to that activity;
- form and maintain public/private alliances in conjunction with enhanced education and training to maximize counterterrorism, counter-intelligence, and law enforcement cyber response capabilities; and
- until such time as a final decision is made regarding the future role and location of the National Infrastructure Protection Center (NIPC), the FBI will direct and coordinate the Center's mission to protect the Nation's critical information infrastructure and other key assets."
Computer Forensic Services
Thứ Ba, 29 tháng 11, 2005
Computer Forensic - Federal Bureau of Investigation - Cyber Investigations
"The FBI plays two very important roles in cyberspace. First, it is the lead law enforcement agency for investigating cyber attacks by foreign adversaries and terrorists. The potential damage to the United States' national security from a cyber-based attack includes devastating interruptions of critical communications, transportation, and other services. Additionally, such attacks could be used to access and steal protected information and plans. The FBI also works to prevent criminals, sexual predators, and others intent on malicious destruction from using the Internet and on-line services to steal from, defraud, and otherwise victimize citizens, businesses, and communities.
Thứ Hai, 28 tháng 11, 2005
Open Space Requirements in a PUD are not a Taking, Even When the Plan is Amended to Designate the Property "Preservation"
In Palm Beach Polo v. Village of Wellington, here's the link, the Village had filed a dec action seeking to enforce the terms of a PUD ordinance (originally adopted by the County, pre-incorporation) and the developer counterclaimed under a takings and Bert Harris theory for placing a portion of the property designated for conservation in the PUD as "Preservation" in the FLUM.
Upshot: Village 2, Polo 0. The trial court found, and the 4th DCA affirmed, that the density (and therefore value) of the 120 acre "Big Blue" portion of the property had been transferred to the rest of the development in the PUD ordinance, and that the terms of the PUD were still valid and enforceable. It held that there was ample evidence that development of this area was not an "existing right" for Bert Harris purposes, that the PUD provisions were not unconstitutionally vague, and that because the property overall had been given use - including development rights from the preservation parcel, the fact that the preservation parcel was now "undevelopable" did not create a taking.
For takings types - the "parcel as a whole" looks backward to prior regulatory actions, like the PUD ordinance here. An unsurprising result, but I'm not sure of another Florida precedent on this point.
Upshot: Village 2, Polo 0. The trial court found, and the 4th DCA affirmed, that the density (and therefore value) of the 120 acre "Big Blue" portion of the property had been transferred to the rest of the development in the PUD ordinance, and that the terms of the PUD were still valid and enforceable. It held that there was ample evidence that development of this area was not an "existing right" for Bert Harris purposes, that the PUD provisions were not unconstitutionally vague, and that because the property overall had been given use - including development rights from the preservation parcel, the fact that the preservation parcel was now "undevelopable" did not create a taking.
For takings types - the "parcel as a whole" looks backward to prior regulatory actions, like the PUD ordinance here. An unsurprising result, but I'm not sure of another Florida precedent on this point.
OK, Local Gov't Attorneys, Repeat After Me: You Can't Lien Homestead Property - Really!
In Pelacanos v. City of Hallendale Beach, here's the opinion, the 4th DCA reminds us that homestead property really is free of liens - even if the homeowner makes a court mad. In that case, homeowners who were subject to code enforcement actions entered a settlement, but kept failing to completely live up to it. The result was various contempt citations and later an order from the court allowing the City to demolish the building and lien it.
The homeowners got the property under contract and asked for a declaration that the property would be sold free of the liens.
The trial court denied them their relief, but the 4th granted it. The City argued that because the homeowners had engaged in "eggregious" conduct in failing to comply with the court orders, the lien was valid (yeah, right). The court found that the property was homestead and therefore protected from the lien for demolition costs, regardless of how frustrated the lower court had been: "While we certainly empathize with the trial court's frustration with the appellants’ noncompliance, it is not our province to judicially create another exception to the plain and unambiguous language of article X, section 4. "
The homeowners got the property under contract and asked for a declaration that the property would be sold free of the liens.
The trial court denied them their relief, but the 4th granted it. The City argued that because the homeowners had engaged in "eggregious" conduct in failing to comply with the court orders, the lien was valid (yeah, right). The court found that the property was homestead and therefore protected from the lien for demolition costs, regardless of how frustrated the lower court had been: "While we certainly empathize with the trial court's frustration with the appellants’ noncompliance, it is not our province to judicially create another exception to the plain and unambiguous language of article X, section 4. "
When Does a Small-Scale Plan Amendment Become Effective?
In an opinion in Payne v Miami (Payne I) that may not matter much outside Miami, Jacksonville, and the handfull of other "strong mayor" cities in Florida, the 3d DCA determined that the 30-day challenge period after the adoption of a small scale plan amendment did not begin after adoption by the City Commission, but after the 10 day period for the mayor to sign or veto an ordinance under the Miami Charter. Here's the opinion.
The decision hinged on the charter language, which provides that the ordinance does not go into effect until signed by the Mayor or 10 days has passed without signature or veto.
Interesting question: would the same logic apply to the City Commission's consideration of a rezoning in a challenge under 163.3215? Rezonings are administrative under Snyder (they're quasi-judicial and therefore administrative per se), but must be adopted by ordinance pursuant to special requirements of section 166 (cities) and 125 (counties). Most cases have held that the challenge must be filed within 30 days of the local commission's action, even if the "development order" of the rezoning isn't "rendered" for the purpose of a certiorari challenge (by filing the signed action with the clerk to the board) until some time later.
The decision hinged on the charter language, which provides that the ordinance does not go into effect until signed by the Mayor or 10 days has passed without signature or veto.
Interesting question: would the same logic apply to the City Commission's consideration of a rezoning in a challenge under 163.3215? Rezonings are administrative under Snyder (they're quasi-judicial and therefore administrative per se), but must be adopted by ordinance pursuant to special requirements of section 166 (cities) and 125 (counties). Most cases have held that the challenge must be filed within 30 days of the local commission's action, even if the "development order" of the rezoning isn't "rendered" for the purpose of a certiorari challenge (by filing the signed action with the clerk to the board) until some time later.
Standing to Challenge Under s 163.3215 -
In this interesting standing case, also called Payne v. Miami (here's the opinion), the court determined that neighbors and others who used the port of miami (a privately held group of properties, but subject to special policies in the comprehensive plan), had standing to challenge a development order that would have added residential uses to the marine-oriented area.
The trial court held that the neighbors had standing but that other port users did not. The majority held that these users were "aggreived" under the statute because they had business interests that were protected by the plan policies in question.
Moral: as with Renard/Rinker type common law standing, look to the plan policies that are involved to determine whether an interest is created and affected for "aggreived" status.
The trial court held that the neighbors had standing but that other port users did not. The majority held that these users were "aggreived" under the statute because they had business interests that were protected by the plan policies in question.
Moral: as with Renard/Rinker type common law standing, look to the plan policies that are involved to determine whether an interest is created and affected for "aggreived" status.
Computer Forensics Services - Top Cyber Cop
"By CAROLYN SALAZAR
Paramus detectives investigating a money-laundering scheme had confiscated a computer they suspected held crucial evidence. But its hard drive apparently had been wiped clean. At the time, many North Jersey police departments lacked the technical savvy and financial resources to investigate crimes involving computers. So the Paramus detectives did what many investigators facing similar stumbling blocks did: They headed to Upper Saddle River. . . . Before long, Donofrio proved the laptop was used to spit out fraudulent store receipts, leading to theft convictions against several people. The U.S. Secret Service took up the case when the evidence showed it was also being used to counterfeit money. . . . Since then, the office's Computer Crime Unit has grown from one full-time detective to four. It oversees a 14-member task force made up of police officers from local departments. The unit, which investigates such crimes as child pornography, credit card fraud and hacking, has arrested about 100 people . . . ."
NorthJersey.com
Computer Forensics Services - Top Cyber Cop
Paramus detectives investigating a money-laundering scheme had confiscated a computer they suspected held crucial evidence. But its hard drive apparently had been wiped clean. At the time, many North Jersey police departments lacked the technical savvy and financial resources to investigate crimes involving computers. So the Paramus detectives did what many investigators facing similar stumbling blocks did: They headed to Upper Saddle River. . . . Before long, Donofrio proved the laptop was used to spit out fraudulent store receipts, leading to theft convictions against several people. The U.S. Secret Service took up the case when the evidence showed it was also being used to counterfeit money. . . . Since then, the office's Computer Crime Unit has grown from one full-time detective to four. It oversees a 14-member task force made up of police officers from local departments. The unit, which investigates such crimes as child pornography, credit card fraud and hacking, has arrested about 100 people . . . ."
NorthJersey.com
Computer Forensics Services - Top Cyber Cop
Thứ Ba, 22 tháng 11, 2005
Computer Forensics Gaffe | Channel Register
"Hey Greg, don't turn on the PC!
A team of computer forensic investigators has pointed out that a character in a recent episode of hit TV show CSI: Crime Scene Investigation failed to follow a basic rule of looking for evidence: don't switch on the computer. Experts at CY4OR, based in Bury, England, praised CSI for bringing computer forensics to the forefront of public awareness; but they say it does little to reflect the correct and essential procedures that must be put in place when there is suspicion of criminal activity. Experts at CY4OR, based in Bury, England, praised CSI for bringing computer forensics to the forefront of public awareness; but they say it does little to reflect the correct and essential procedures that must be put in place when there is suspicion of criminal activity."
Computer Forensic Services
A team of computer forensic investigators has pointed out that a character in a recent episode of hit TV show CSI: Crime Scene Investigation failed to follow a basic rule of looking for evidence: don't switch on the computer. Experts at CY4OR, based in Bury, England, praised CSI for bringing computer forensics to the forefront of public awareness; but they say it does little to reflect the correct and essential procedures that must be put in place when there is suspicion of criminal activity. Experts at CY4OR, based in Bury, England, praised CSI for bringing computer forensics to the forefront of public awareness; but they say it does little to reflect the correct and essential procedures that must be put in place when there is suspicion of criminal activity."
Computer Forensic Services
Chủ Nhật, 20 tháng 11, 2005
Computer Forensic Service - Data disaster
Recovery in the Lab
"One of the premier government shops for this kind of data recovery is the Defense Computer Forensics Lab.
"We now have a hard-drive repair capability," said Robert Renko, special agent with the Air Force Office of Special Investigations.
OSI is the executive agency for the Computer Forensics Lab supporting the criminal investigative agencies of each military service, which have their own computer crime investigators. "
"One of the premier government shops for this kind of data recovery is the Defense Computer Forensics Lab.
"We now have a hard-drive repair capability," said Robert Renko, special agent with the Air Force Office of Special Investigations.
OSI is the executive agency for the Computer Forensics Lab supporting the criminal investigative agencies of each military service, which have their own computer crime investigators. "
Thứ Sáu, 18 tháng 11, 2005
Computer Forensics Services - IT forensic investigators peer into the minds of criminals | TG Daily
"Westlake Village (CA) - The sheer number and volume of current storage devices can be tough for the average computer user to handle, but what about computer investigators that must look for criminal information? Criminals try to hide information on their 200 GByte harddrives and portable devices like an iPod or cellular phone, but computer forensic investigators can usually recover the data."
TG Daily
TG Daily
Thứ Ba, 15 tháng 11, 2005
Computer Forensic Services - Multinational Corporate Hacking
Corporate Hacking - "The software installs itself as a Windows rootkit. That means it conceals its presence on the PC and could let an outsider commandeer the machine through IRC chat channels. The rootkit is a favorite tool of virus writers, spammers, identity thieves and now, apparently, large multinational record companies. It cannot be removed using the Windows Add/Remove Programs function. If you try to delete it manually, your PC may no longer recognize the disc drive, and you may have to reinstall Windows, just in case you didn't have enough other weekend projects. Macs and standalone disc players are not affected."
Computer Forensic Services Internet Attorney
Computer Forensic Services Internet Attorney
Thứ Hai, 14 tháng 11, 2005
Who's Got Discretion? We Got Discretion! How Much Discretion? Too Much Discretion!
The Florida Supreme Court issued an opinion regarding when a "delegation" of powers goes too far that all land use practioners should be aware of.
In Fla. Dep't of State, Div. of Elections v. Martin, here's the link, the court upheld a First District ruling that "section 101.253(2) is an unconstitutional violation of the separation of powers under article II, section 3 because the Legislature has impermissibly delegated to the executive branch absolute, unfettered discretion to determine whether to grant or deny a candidate’s request to withdraw after the forty-second day before an election."
The statute stated that "The Department of State may in its discretion allow such a candidate to withdraw after the 42nd day before an election upon receipt of a written notice, sworn to under oath, that the candidate will not accept the nomination or office for which he or she qualified." The court held that this did not provided adequate guidelines.
This opinion, along with the Florida Supreme Court's decision in the Schiavo case (yes, it turned on improper delegation as much as or more than privacy), reiterates Florida's strong policy agains the delegation of essentially legislative authority to the executive.
The policy behind this is longstanding:
In Martin, the issue was that the statute clearly stated that the decision was completely discretionary with the Secretary. In Schiavo, the issue was that the statute did not provide standards to guide the governor in when not to grant a stay, or when to lift one.
In the local government context, the seperation of powers does not constrain a Board in its legislative capacity from delegating itself or its agencies administrative powers. (there's a big section on this in my 1996 article in Stetson Law Review). However, nothing in a local government's home rule powers gives local government bodies sitting in their legislative role the delegated authority to "redelegate" their legislative authority to administrative actors. So, ultimately, the same seperation of powers analysis that applies at the state level should apply at the local level; the difference is that at the state level the prohibition against delegation stems from article II, section 3 of the Florida Constitution, and at the local level, it violates the basic premise that local government have no powers that are not granted to them by the Constitution or laws of the state.
This is interesting, because the standards for "improper delegation of legislative authority to the executive" seem to me to be somewhat more stringent than the traditional tests for an improperly vague ordinance or statute that violates substantive due process. More on that another time.
In Fla. Dep't of State, Div. of Elections v. Martin, here's the link, the court upheld a First District ruling that "section 101.253(2) is an unconstitutional violation of the separation of powers under article II, section 3 because the Legislature has impermissibly delegated to the executive branch absolute, unfettered discretion to determine whether to grant or deny a candidate’s request to withdraw after the forty-second day before an election."
The statute stated that "The Department of State may in its discretion allow such a candidate to withdraw after the 42nd day before an election upon receipt of a written notice, sworn to under oath, that the candidate will not accept the nomination or office for which he or she qualified." The court held that this did not provided adequate guidelines.
This opinion, along with the Florida Supreme Court's decision in the Schiavo case (yes, it turned on improper delegation as much as or more than privacy), reiterates Florida's strong policy agains the delegation of essentially legislative authority to the executive.
The policy behind this is longstanding:
This Court has traditionally applied a “strict separation of powers
doctrine,” State v. Cotton, 769 So. 2d 345, 353 (Fla. 2000), which “encompasses
two fundamental prohibitions.” Chiles v. Children A, B, C, D, E, & F, 589
So. 2d 260, 264 (Fla. 1991). “The first is that no branch may encroach upon the
powers of another. The second is that no branch may delegate to another branch
its constitutionally assigned power.” Id. (citation omitted). In Bush v.
Schiavo, 885 So. 2d 321 (Fla. 2004), cert. denied, 125 S. Ct. 1086 (2005), we
recently addressed this second prohibition and explained:The Legislature is permitted to transfer subordinate functions “to permit administration of legislative policy by an agency with the expertise and
flexibility to deal with complex and fluid conditions.” Microtel, Inc. v.
Fla. Public Serv. Comm’n, 464 So. 2d 1189, 1191 (Fla. 1985). However,
under article II, section 3 of the constitution the Legislature “may not delegate the power to enact a law or the right to exercise unrestricted discretion in applying the law.” Sims v. State, 754 So. 2d 657, 668 (Fla. 2000). This prohibition, known as the nondelegation doctrine, requires that “fundamental and primary policy decisions . . . be made by members of the legislature who are elected to perform those tasks, and [that the] administration of legislative programs must be pursuant to some minimal standards and guidelines ascertainable by reference to the enactment establishing the program.” Askew v. Cross Key Waterways, 372 So. 2d 913, 925 (Fla. 1978); see also Avatar Dev. Corp. v. State; 723 So. 2d 199, 202 (Fla. 1998) (citing Askew with approval).In other words, statutes granting power to the executive branch “must clearly announce adequate standards to guide . . . in the execution of the powers delegated. The statute must so clearly define the power delegated that the [executive] is precluded from acting through whim, showing favoritism, or exercising unbridled discretion.” Lewis v. Bank of Pasco County, 346 So. 2d 53, 55-56 (Fla. 1976). Id. at 332 (alterations in original).
The requirement that the Legislature delineate adequate standards enables courts to perform their constitutional duties. The failure to set forth adequate standards precludes a court from determining whether the executive branch is acting in accord with the Legislature’s intent. See Askew, 372 So. 2d at 918-19 (“When legislation is so lacking in guidelines that neither the agency nor the courts can determine whether the agency is carrying out the intent of the legislature in its conduct, then, in fact, the agency becomes the lawgiver rather than the administrator of the law.”).
In Martin, the issue was that the statute clearly stated that the decision was completely discretionary with the Secretary. In Schiavo, the issue was that the statute did not provide standards to guide the governor in when not to grant a stay, or when to lift one.
In the local government context, the seperation of powers does not constrain a Board in its legislative capacity from delegating itself or its agencies administrative powers. (there's a big section on this in my 1996 article in Stetson Law Review). However, nothing in a local government's home rule powers gives local government bodies sitting in their legislative role the delegated authority to "redelegate" their legislative authority to administrative actors. So, ultimately, the same seperation of powers analysis that applies at the state level should apply at the local level; the difference is that at the state level the prohibition against delegation stems from article II, section 3 of the Florida Constitution, and at the local level, it violates the basic premise that local government have no powers that are not granted to them by the Constitution or laws of the state.
This is interesting, because the standards for "improper delegation of legislative authority to the executive" seem to me to be somewhat more stringent than the traditional tests for an improperly vague ordinance or statute that violates substantive due process. More on that another time.
Thứ Sáu, 11 tháng 11, 2005
Computer Forensic Services - Hacking
Computer Forensic Services - Hacking: "Computer Hacking: Peer-to-Peer networks also have been abused by hackers. Because these systems potentially expose your computer and files to millions of other users on the network, they also expose your computer to worms and viruses. In fact, some worms have been specifically written to spread by popular Peer-to-Peer networks. Also, if Peer-to-Peer software is not properly configured, you may be unknowingly opening up the contents of your entire hard drive for others to see and download your private information."
Computer Forensic Services - Child Exploitation and Obscenity
Computer Forensic Services - Child Exploitation and Obscenity: "Child Exploitation and Obscenity: The receipt or distribution of child pornography and unlawful obscenity over the Internet also is a serious Federal crime. The FBI cautions parents and guardians that, because there is no age restriction for the use of Peer-to-Peer services, pornography of all types is easily accessible by the many young children whose parents mistakenly believe they are only accessing music or movies. In fact, children may be exposed to pornography -- and subsequently lured by sexual predators -- even though they were not searching for pornography, as some network users deliberately mislabel the names of files for this purpose."
Computer Forensic Services Copyright Infringement
Infringement: "Copyright Infringement: It is a violation of Federal law to distribute copyrighted music, movies, software, games, and other works without authorization. There are important national economic consequences associated with such theft. The FBI has asked industry associations and companies that are particularly concerned with intellectual property theft to report to the FBI -- for possible criminal investigation and prosecution -- anyone that they have reason to believe is violating Federal copyright law. "
Computer Forensic Services Copyright Infringement
Computer Forensic Services Copyright Infringement
Federal Bureau of Investigation - Computer Forensic Services
Computer Forensic Services : "To Users of Peer-to-Peer Systems:
The FBI has undertaken a new initiative to educate and warn citizens about certain risks and dangers associated with the use of Peer-to-Peer systems on the Internet. While the FBI supports and encourages the development of new technologies, we also recognize that technology can be misused for illicit and, in some cases, criminal purposes. In an effort to help citizens learn how to protect themselves, this letter is being distributed and is posted on the FBI's web site."
The FBI has undertaken a new initiative to educate and warn citizens about certain risks and dangers associated with the use of Peer-to-Peer systems on the Internet. While the FBI supports and encourages the development of new technologies, we also recognize that technology can be misused for illicit and, in some cases, criminal purposes. In an effort to help citizens learn how to protect themselves, this letter is being distributed and is posted on the FBI's web site."
Criminal Schemes - Computer Forensic Services
Computer Forensic Services - Cyber Investigations: "Criminal schemes included in this initiative include: criminal spam, phishing, spoofed or hijacked accounts, international re-shipping schemes, Cyber-extortion, auction fraud, credit card fraud, Intellectual Property Rights (IPR), Computer Intrusions (hacking), economic espionage (Theft of Trade Secrets), International Money Laundering, Identity Theft, and a growing list of ''traditional crimes'' that continue to migrate on-line."
Computer Forensic Services - Operation Web Snare
Federal Bureau of Investigation - Cyber Investigations: "Operation Web Snare represents a coordinated initiative targeting an expansive array of Cyber Crime schemes victimizing individuals and industry worldwide. This initiative highlights numerous investigations that have been successfully advanced through cooperation and coordination of law enforcement, and a growing list of industry partners.
Cases included in Operation Web Snare exemplify the growing volume and character of Cyber crimes confronting law enforcement, and also underscores the continuing commitment of law enforcement to aggressively pursue Cyber criminals, both domestically and abroad. Focused efforts to pursue Cyber criminals internationally, has led to the development of enhanced proactive capabilities in several countries, and numerous investigative successes highlighted within this initiative. The development of international resources is closely coordinated with the DOJ, the U.S. State Department and a growing list of E-Commerce industry partners."
Cases included in Operation Web Snare exemplify the growing volume and character of Cyber crimes confronting law enforcement, and also underscores the continuing commitment of law enforcement to aggressively pursue Cyber criminals, both domestically and abroad. Focused efforts to pursue Cyber criminals internationally, has led to the development of enhanced proactive capabilities in several countries, and numerous investigative successes highlighted within this initiative. The development of international resources is closely coordinated with the DOJ, the U.S. State Department and a growing list of E-Commerce industry partners."
Computer Forensic Services - Cyber Investigations
Computer Forensic Services - Federal Bureau of Investigation - Cyber Investigations: "The mission of the Cyber Division is to: coordinate, supervise and facilitate the FBI's investigation of those federal violations in which the Internet, computer systems, or networks are exploited as the principal instruments or targets of terrorist organizations, foreign government sponsored intelligence operations, or criminal activity and for which the use of such systems is essential to that activity; form and maintain public/private alliances in conjunction with enhanced education and training to maximize counterterrorism, counter-intelligence, and law enforcement cyber response capabilities; and until such time as a final decision is made regarding the future role and location of the National Infrastructure Protection Center (NIPC), the FBI will direct and coordinate the Center's mission to protect the Nation's critical information infrastructure and other key assets. "
Computer Forensic Services - Federal Bureau of Investigation - Cyber Investigations
Computer Forensic Services - "The FBI plays two very important roles in cyberspace. First, it is the lead law enforcement agency for investigating cyber attacks by foreign adversaries and terrorists. The potential damage to the United States' national security from a cyber-based attack includes devastating interruptions of critical communications, transportation, and other services. Additionally, such attacks could be used to access and steal protected information and plans. The FBI also works to prevent criminals, sexual predators, and others intent on malicious destruction from using the Internet and on-line services to steal from, defraud, and otherwise victimize citizens, businesses, and communities. "
Thứ Năm, 3 tháng 11, 2005
Warning About Computer Forensics
Computer Forensics: "Computer Forensics is a complex science, by necessity requiring careful preparation, and procedural discipline. Taking the correct actions, in the right order, and recording evidence properly, are often as important as having underlying knowledge of the issue. It is an area in which it is all too easy to slip up: to make a costly error, or miss a vital step. The rate of technological change is not likely to reduce this risk."
Is there anything that should NOT be done during an investigation?
Computer Forensics World: "Definitely. However, these tend to be related to the nature of the computer system being investigated. Typically though, it is important to avoid changing date/time stamps (of files for example) or changing data itself. The same applies to the overwriting of unallocated space (which can happen on re-boot for example)."
How is a computer forensic investigation approached?
Computer Forensics World: "It's a detailed science. However, very broadly, the main phases are sometimes considered to be: secure the subject system (from tampering during the operation); take a copy of hard drive (if applicable); identify and recovery all files (including those deleted); access/copy hidden, protected and temporary files; study 'special' areas on the drive (eg: residue from previously deleted files); investigate data/settings from installed applications/programs; assess the system as a whole, including its structure; consider general factors relating to the users activity; create detailed report. Throughout the investigation, it is important to stress that a full audit log of your activities should be maintained."
What are the Common Computer Forensic Scenarios?
Computer Forensics World: "Examples include:
- Employee internet abuse (common, but decreasing)
- Unauthorized disclosure of corporate information and data (accidental and intentional)
- Industrial espionage
- Damage assessment (following an incident)
- Criminal fraud and deception cases
- More general criminal cases (many simply store information on computers, intentionally or unwittingly)"
- Employee internet abuse (common, but decreasing)
- Unauthorized disclosure of corporate information and data (accidental and intentional)
- Industrial espionage
- Damage assessment (following an incident)
- Criminal fraud and deception cases
- More general criminal cases (many simply store information on computers, intentionally or unwittingly)"
What is Computer Forensics?
"There are a number of slightly varying definitions around. However, generally, computer forensics is considered to be the use of analytical and investigative techniques to identify, collect, examine and preserve evidence/information which is magnetically stored or encoded. "
Thứ Ba, 1 tháng 11, 2005
Guide to Computer Forensics and Investigations
Kessler - Forensic Science Communications - January 2004: "Guide to Computer Forensics and Investigations
Computer and network forensics is such a multidisciplinary topic that the first hurdle is determining what the primary focus should be. I prefer a book that focuses on technology, providing procedures and guidelines that explain both how and why. Providing the appropriate elementary computer science and data communications background is essential if a book is to provide a good educational foundation for the subject.
Legal aspects are also essential because cyberforensics examiners must be well versed in the laws that guide their work. However, not all computer forensics is the purview of law enforcement, so I come back to preferring the technical focus. Given this bias, the Guide to Computer Forensics and Investigations is the best book that I have found. Although a relatively new field, the number of books on cyberforensics has grown dramatically in the last few years."
Computer and network forensics is such a multidisciplinary topic that the first hurdle is determining what the primary focus should be. I prefer a book that focuses on technology, providing procedures and guidelines that explain both how and why. Providing the appropriate elementary computer science and data communications background is essential if a book is to provide a good educational foundation for the subject.
Legal aspects are also essential because cyberforensics examiners must be well versed in the laws that guide their work. However, not all computer forensics is the purview of law enforcement, so I come back to preferring the technical focus. Given this bias, the Guide to Computer Forensics and Investigations is the best book that I have found. Although a relatively new field, the number of books on cyberforensics has grown dramatically in the last few years."
DNA from a Computer Keyboard
Forensic Science Communications - July 2004: "DNA from a Computer Keyboard
"[S]amples taken from trace evidence (i.e., hair and skin) found in a computer keyboard. The purpose was to determine whether more than one person had used the computer. A commercial kit was used for the extraction and purification of DNA and was found to be effective. Three STR loci were amplified (D18S535, D1S1656, and D10S2325) using polymerase chain reaction. The results indicated the existence of DNA in the samples from more than one person."
"[S]amples taken from trace evidence (i.e., hair and skin) found in a computer keyboard. The purpose was to determine whether more than one person had used the computer. A commercial kit was used for the extraction and purification of DNA and was found to be effective. Three STR loci were amplified (D18S535, D1S1656, and D10S2325) using polymerase chain reaction. The results indicated the existence of DNA in the samples from more than one person."
Validity of Computer Forensic Sciences
Scientific Validity of Computer Forensic Evidence: "Validity of Computer Forensic Evidence
Valid and reliable methods to recover data from computers seized as evidence in criminal investigations are becoming fundamental for law enforcement agencies worldwide. These methods must be technologically robust to ensure that all probative information is recovered. They must also be legally defensible to ensure that nothing in the original evidence was altered and that no data was added to or deleted from the original. The forensic discipline of acquiring, preserving, retrieving, and presenting data that has been processed electronically and stored on computer media is computer forensic science."
Valid and reliable methods to recover data from computers seized as evidence in criminal investigations are becoming fundamental for law enforcement agencies worldwide. These methods must be technologically robust to ensure that all probative information is recovered. They must also be legally defensible to ensure that nothing in the original evidence was altered and that no data was added to or deleted from the original. The forensic discipline of acquiring, preserving, retrieving, and presenting data that has been processed electronically and stored on computer media is computer forensic science."
Examining Computer Evidence
Examining Computer Forensic Evidence: "Examining Computer Evidence
Computer evidence represented by physical items such as chips, boards, central processing units, storage media, monitors, and printers can be described easily and correctly as a unique form of physical evidence. The logging, description, storage, and disposition of physical evidence are well understood. Forensic laboratories have detailed plans describing acceptable methods for handling physical evidence. To the extent that computer evidence has a physical component, it does not represent any particular challenge. However, the evidence, while stored in these physical items, is latent and exists only in a metaphysical electronic form."
Computer evidence represented by physical items such as chips, boards, central processing units, storage media, monitors, and printers can be described easily and correctly as a unique form of physical evidence. The logging, description, storage, and disposition of physical evidence are well understood. Forensic laboratories have detailed plans describing acceptable methods for handling physical evidence. To the extent that computer evidence has a physical component, it does not represent any particular challenge. However, the evidence, while stored in these physical items, is latent and exists only in a metaphysical electronic form."
Goals in Recovering and Examining Computer Forensic Evidence
Goals in Recovering and Examining Computer Forensic Evidence: "Common Goals
These dissimilarities aside, both the scientific conclusions of traditional forensic analyses and the information of computer forensic science are distinctive forensic examinations. They share all the legal and good laboratory practice requirements of traditional forensic sciences in general. They both will be presented in court in adversarial and sometimes very probing proceedings. Both must produce valid and reliable results from state-of-the-art procedures that are detailed, documented, and peer-reviewed and from protocols acceptable to the relevant scientific community (ASCLD/LAB 1994)."
These dissimilarities aside, both the scientific conclusions of traditional forensic analyses and the information of computer forensic science are distinctive forensic examinations. They share all the legal and good laboratory practice requirements of traditional forensic sciences in general. They both will be presented in court in adversarial and sometimes very probing proceedings. Both must produce valid and reliable results from state-of-the-art procedures that are detailed, documented, and peer-reviewed and from protocols acceptable to the relevant scientific community (ASCLD/LAB 1994)."
Computer Forensic Results
Recovering and Examining Computer Forensic Evidence: "Forensic Results
Forensic science has historically produced results that have been judged to be both valid and reliable. For example, DNA analysis attempts to develop specific identifying information relative to an individual. To support their conclusions, forensic DNA scientists have gathered extensive statistical data on the DNA profiles from which they base their conclusions. Computer forensic science, by comparison, extracts or produces information. The purpose of the computer examination is to find information related to the case. To support the results of a computer forensic examination, procedures are needed to ensure that only the information exists on the computer storage media, unaltered by the examination process. Unlike forensic DNA analysis or other forensic disciplines, computer forensic science makes no interpretive statement as to the accuracy, reliability, or discriminating power of the actual data or information."
Forensic science has historically produced results that have been judged to be both valid and reliable. For example, DNA analysis attempts to develop specific identifying information relative to an individual. To support their conclusions, forensic DNA scientists have gathered extensive statistical data on the DNA profiles from which they base their conclusions. Computer forensic science, by comparison, extracts or produces information. The purpose of the computer examination is to find information related to the case. To support the results of a computer forensic examination, procedures are needed to ensure that only the information exists on the computer storage media, unaltered by the examination process. Unlike forensic DNA analysis or other forensic disciplines, computer forensic science makes no interpretive statement as to the accuracy, reliability, or discriminating power of the actual data or information."
Recovering and Examining Computer Forensic Evidence by Noblett et al. (Forensic Science Communications, October 2000)
Recovering and Examining Computer Forensic Evidence: "Computer Forensic Science
Computer forensic science was created to address the specific and articulated needs of law enforcement to make the most of this new form of electronic evidence. Computer forensic science is the science of acquiring, preserving, retrieving, and presenting data that has been processed electronically and stored on computer media. As a forensic discipline, nothing since DNA technology has had such a large potential effect on specific types of investigations and prosecutions as computer forensic science."
Computer forensic science was created to address the specific and articulated needs of law enforcement to make the most of this new form of electronic evidence. Computer forensic science is the science of acquiring, preserving, retrieving, and presenting data that has been processed electronically and stored on computer media. As a forensic discipline, nothing since DNA technology has had such a large potential effect on specific types of investigations and prosecutions as computer forensic science."
Image Scan Training (IMSCA)
Image Scan Computer Analysis: "Image Scan Training (IMSCA)
The Federal Bureau of Investigation's (FBI) Computer Analysis Response Team (CART) developed the Image Scan system to help investigators locate the presence of picture files that may contain contraband on a computer. This system allows the investigator to view a variety of graphic formats during a consensual search, and protects valuable digital evidence by booting up a computer using the Linux operating system.
After mounting the hard drive in a "read only" manner, Image Scan prompts the investigator to search for picture files only. During this process, the tool logs every step taken by the investigator, further documenting what occurred during the search process."
The Federal Bureau of Investigation's (FBI) Computer Analysis Response Team (CART) developed the Image Scan system to help investigators locate the presence of picture files that may contain contraband on a computer. This system allows the investigator to view a variety of graphic formats during a consensual search, and protects valuable digital evidence by booting up a computer using the Linux operating system.
After mounting the hard drive in a "read only" manner, Image Scan prompts the investigator to search for picture files only. During this process, the tool logs every step taken by the investigator, further documenting what occurred during the search process."
Regional Computer Forensics Laboratory
"What is an RCFL?
An RCFL is a one-stop, full service forensics laboratory and training center devoted entirely to the examination of digital evidence in support of criminal investigations, such as, but not limited to:
Terrorism
Child pornography
Crimes of violence
The theft or destruction to intellectual property
Internet crimes
Fraud. "
An RCFL is a one-stop, full service forensics laboratory and training center devoted entirely to the examination of digital evidence in support of criminal investigations, such as, but not limited to:
Terrorism
Child pornography
Crimes of violence
The theft or destruction to intellectual property
Internet crimes
Fraud. "
Free Photo Recovery to Katrina Victims
"As Gulf Coast residents begin the cleanup process after the recent hurricanes, there are many possessions that people will go to great lengths to salvage. Among those possessions with the most sentimental value are family photos, stored either in traditional albums, or for digital photos, on computer hard drives, CDs and DVDs. While CDs and DVDs could be easily transported before the storms arrived, many people did not have the option of saving photos that were stored only on hard drives. In order to help them with the rebuilding process, Ontrack Data Recovery, the industry�s leading data recovery company, is teaming up with the Optical Storage Technology Association (OSTA) to provide home users affected by the hurricanes with free recovery of digital photos in the .JPG format through the end of November. "
Free Photo Recovery Information Courtesy of CentralLaw.com
Free Photo Recovery Information Courtesy of CentralLaw.com
Đăng ký:
Bài đăng (Atom)
Bài đăng phổ biến
-
That old W.C. Fields line is ringing in my head, as the wind kicks up and rip tides batter the coast. I have to be honest, with the emerging... -
Now that's a headline I thought I'd never write. Actually, it's a very unfortunate case involving a tourist who died riding a Ba... -
Many of us have hired these guys as experts over the years, and I see the firm is merging and changing its name : South Florida's eight... -
Here's an interesting opinion from Magistrate Judge Torres awarding defendants attorney's fees for opposing a copyright infringemen... -
Hi kids, the heat is on and the bunker denizens are leading the way with their official 3d DCA summer pickle ball league -- judicial gentle... -
Tampa Attorney Casey Ebsary is available to help with Criminal Defense for University of South Florida Students and Faculty. At USF there ...
-
Having been disappointed by several recent 11th Circuit opinions, I am pleased to see here a straightforward application of the "econo...
-
Greenberg Traurig says it's not really necessary; Judge Middlebrooks says it is probably a good idea: In response, Plaintiff argues, in... -
Shuster & Saben Defeats US Bank & Douglas Zahm PA in Foreclosure Appeal In 2011, firm attorney Richard Shuster obtained the dis... -
Federal Rule Violation If you have been charged with USCA0024 FEDERAL RULE VIOLATION you can call a Defense Attorney Tampa at 1-877-793-9290...
