DIGITAL INSIGHT EDITION 1
IN THIS EDITION
TECHNOLOGY & DIGITAL FORENSICS:
> Technology & digital forensics > Thoughts for the month
THE PAST, THE PRESENT AND THE FUTURE by Rob Savage
> Where’s my data? Sources of electronic information for investigations & litigation > Big data: volume, variety & velocity > The real CSI: computer forensics > First response course > About CCL
Digital forensics is a constantly evolving field. The tools and techniques currently employed by CCL and other providers are almost unrecognisable to the way in which the industry operated just a decade ago. Digital forensics, perhaps more so than any other area of forensics, is under a constant pressure to evolve, with digital forensic practitioners attempting to hit a constantly moving target. Fingerprints have always been fingerprints and will continue to be fingerprints for the foreseeable future; mobile phones and their capabilities evolve on almost a weekly basis. We now live in an environment where more and more of our dayto-day lives are integrated with technology. Technology is no longer just a means to communicate or to create something, it is becoming the fulcrum upon which our existence revolves, managing both our public and private lives through one or more devices. For the field of digital
01789 261200
|
forensics this is both good and bad news. Users are storing more information digitally, meaning the potential to recover that key piece of evidence has never been greater. However, the huge consumer demand for technology is driving innovation at a blistering pace, making it harder and harder to keep up with the vast array of devices and applications entering the market. Back in 2003 the majority of consumer computing was done on desktop PCs; a beige tower sat beside a beige CRT monitor, often as deep as they were wide. Laptops were fairly common at this time, only being used as described by those with strong thighs and heat-proof trousers. These devices existed as a ‘box of components’, meaning that anybody with a screwdriver could remove and replace any components they wished. There was very little connectivity between devices; the files on your PC remained solely on your PC unless you took the deliberate step to copy them to
WWW.CCLGROUPLTD.COM
|
somewhere else. Mobile phones at this point in time were much more simple. A 2003 mobile phone might have had a primitive camera and a fairly pixelated colour screen, but for the vast majority of consumers it was a device to handle calls and SMS. These were simpler times for digital forensics, with typical analysis involving taking a forensic copy of everything on the device. This was usually straightforward and the component-based design meant that storage media could be physically removed and accessed directly. The consumer demand for smaller, faster, more energy efficient devices has meant that more devices now are ‘integrated’; meaning that storage media is often no longer removable. Consequently, the analysis of more and more devices now involves the use of the device itself, a process requiring greater skill and experience.
Continued on page 3…
INFO@CCLGROUPLTD.COM
1