Why Computer Forensics is a Bad Idea

June 28, 2007 at 14:59 Leave a comment

In CIO there is a really good article on why Computer Foreniscs is, as we say in the security business, hard. And by that we mean really, really hard.

The general problem here is that people assume that foreniscs is a good science with results that can not be (easily) manipulated, because we see the “science” of it in shows like CSI. And, from what I understand, traditional forensics is quite hard to manipulate. It is not possible for an amateur to fake blood splatter, to change traces of DNA, or even to easily manipulate footprints etc. The trouble is that with computer forensics we are dealing in a digital world where changes can be made, easily and without that much prior knowledge.

In fact, there is a wast selection of ready made tools available for the user with even the most basic googling skills and an interrest in the subject. The makers of forensic tools are running a constant battle with the anti-forensic tools, and there will never be a winner. In fact, the race itself makes everyone a loser. Because it is so easy to manipulate computer forensic data, it is arguable that it can be used in a court of law at all. Would we use DNA samples as evidence, if anyone could easily manipulate DNA data? No, we would not. Yes, there is a lot of users who does not have the knowledge to run these tools on their computers; but the problem is that other users might. The most obvious defense would of course be to argue that someone else has used the computer to do nefarious acts. And as a defense it is quite a good one. A good attacker would not leave any traces at all, so how can you disprove that argument?

Basically, we are stuck. Computer forensics are probably useful in certain cases, but the tendency to base investigations on their results, or even to confuse the validity of it with traditional forensics, is dangerous. In fact, we must probably face the fact that computer evidence really only have a very narrow usage, and must be combined with a lot of traditional police work if we are going to have any kind of legal protection as individuals.

Entry filed under: Rants, Security.

One Of The Funniest Star Wars Parodies Ever Perhaps Not The Greatest Movie Ever

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed


RSS My twitter updates

  • An error has occurred; the feed is probably down. Try again later.

Subscribe to my blog using RSS

Categories

RSS Things I recommend reading now

  • An error has occurred; the feed is probably down. Try again later.

Right now:

http://www.google.com/reader/shared/06955654654748484932
June 2007
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  

%d bloggers like this: