Information Madness

Wednesday, May 23rd

Last update:11:44:13 PM GMT

Headlines:
You are here: News How does Computer Forensics Work?
 
 

How does Computer Forensics Work?

Pranav
Votes: / 0
PoorBest 

computerforensics
During the early days of computing, the courts considered the evidence from computers to be no different than from any other kinds of evidence. The field of computer forensics is very young still. As computers have become more advanced and sophisticated, the courts have learnt that the computer evidence could be corrupted, altered or destroyed. Investigators have now realized that there is a need to develop particular processes to search the computers for evidence without affecting the information itself.

Normally, detectives have to arrange a warrant to search a suspect’s computer for evidence. The warrant has to include where detectives can search and what kinds of evidence they can seek. A detective just cannot serve a warrant and look wherever he or she likes for anything she may find suspicious.  The judges require the terms of the warrant to be specific.

It becomes important for the detectives to research the suspect thoroughly before requesting the warrant. For example, when a detective secures a warrant to search a suspect’s laptop computer, he or she cannot touch the suspect’s desktop personal computer at all as it is not included in the original warrant.

Some investigations may require only a week while others may take months to complete. It will depend on the expertise of the detectives, the number of computers being searched and the amount of storage that the detectives have to sort through like hard drives, CDs, DVDs and thumb drives. It will also depend on whether the suspect attempted to delete or hide the information. It may also depend to a large extent on the existence of encrypted files that are protected by passwords.

These computer forensics programs make the investigations possible:

  • Disk Imaging Software – It records the contents of a hard drive. With this software, it is possible to copy the information and preserve the way files can be organized.
  • Software Write Tools – They copy hard drives bit by bit and can also reconstruct them.
  • Hashing Tools – They compare original hard disks to copies. They analyze the data and assign it a unique number.
  • File Recovery Programs – They search for and restore deleted data. They locate data that the computer has marked for deletion and has not overwritten.
  • Encryption Decoding Software – They are useful for accessing protected data.


Our valuable member Pranav has been with us since Monday, 31 January 2011.

Show Other Articles Of This Author

Comments (0)

Leave a comment

Make sure you enter the (*) required information where indicated.

Travel

 
Visiting Venice in Winter Visiting Venice in Winter You do not need to be too inspired to visit Venice in any season. The magic of V... More detail

Entertainment

 
Deepika Padukone In Bikini Won't Save Cocktail - O... Deepika Padukone In Bikini Won't Save Cocktail - Official Trailer After the record breaking success of Dabanng, Ready, Singham & the latest&nb... More detail