Computer Forensics 5-Year Outlook – Does it Make Sense For You?

The field of computer forensics is growing rapidly and for someone who is looking to get into this industry and make a career of it, there is quite a bit of upward mobility, not just in law enforcement, but in Corporate America as well. Right now there is a shortage of such professionals and it…

The field of computer forensics is growing rapidly and for someone who is looking to get into this industry and make a career of it, there is quite a bit of upward mobility, not just in law enforcement, but in Corporate America as well. Right now there is a shortage of such professionals and it is a growing field. Gaining the knowledge needed to become proficient is not a walk in the park, but well worth the effort.

The Department of Homeland Security is in need of all the computer forensic specialists they can hire. And you'll need knowledge of anti-hacking defense, cyber crime fighting and investigating cyber crime; even international terrorism. Interestingly, enough there are some universities that offer degrees in Computer Forensics, of course first you will need a computer science degree and it helps to have a good background in criminal justice.

Best of all the United States Bureau of Labor Statistics puts an average salary of a computer forensics / information security professional at $ 70,000 per year and that's not too bad, as that is just the average. Currently, the statistics also indicate that this industry sector will be very strong all the way through 2015. And each time the hackers get better, the value of a knowledgeable computer forensic specialist goes up.

Indeed, our nation's military is also concerned that foreign militias will attack our IT infrastructure and it is paramount that we defend it and know where the attacks are coming from. We must protect our information infrastructure and the flow of reliable data. Please consider all this.

Hard Drive Death is Not the End of the World – Computer Forensics 101

Everyone fears losing their data; Governments, Big Corporations, Nonprofits and you and I as well. Imagine losing all your work and the hard drive on your computer. Today, most of the laptops and computers we buy have parts in them made all over the world, many of these parts are built in places that exploit…

Everyone fears losing their data; Governments, Big Corporations, Nonprofits and you and I as well. Imagine losing all your work and the hard drive on your computer. Today, most of the laptops and computers we buy have parts in them made all over the world, many of these parts are built in places that exploit labor and are not as modern as the factories in the United States, and their quality control is not as stellar as you may assume, even if at one time they were ISO 9000 certified.

It is for this reason that hard drive death, not just crashes are much more common than you might think. You can ask any computer forensic specialist or the local computer repair person in your town to confirm this. We just all hope it does not happen to us. Maybe that is why we often back up our files just in case, not a bad idea at all.

But just because your hard drive dies does not necessarily mean that your data is lost, it might be, but there is still a really good chance that it is not lost. You see, this data is still there even if the circuit board on the hard drive has burned up, failed or just will not work. One thing that computer forensic specialists are able to do is to take that hard drive out and remove the chip and circuit board and then put another one on from another hard drive exactly like it.

They say that often this will do the trick and they have success rates up to 45%, so just because you think your hard drive is dead and caput does not mean the data inside died with it. Computer forensics can give it a new heart and retrieve the data that is stored within, please remember this if your hard drive is dead or destroyed.

Computer Forensics Degree – Requirements and Curriculum

As data security and confidentiality has become an increasingly important element of corporate and government communications, the demand for computer forensic scientists is rapidly increasing. In order to enter the field, you should strictly consider enrolling in a program that allows you to earn a bachelor or master computer forensics degree. Careers in digital forensics…

As data security and confidentiality has become an increasingly important element of corporate and government communications, the demand for computer forensic scientists is rapidly increasing. In order to enter the field, you should strictly consider enrolling in a program that allows you to earn a bachelor or master computer forensics degree.

Careers in digital forensics requires a broad set of skills to allow you to analyze computer data and security, including network technologies and traffic. Computer forensics degrees allow you to develop a wide range of knowledge in computer science, criminal justice and engineering, all of which is important for a future career in forensics. In particular, you will develop skills to understand file formats, networking protocols, cryptology, software engineering and data analysis.

Computer forensic degrees are often available as associates or bachelors degrees, as well as through professional, specialist degree training. A number of well known universities such as California State offer degree programs focused on digital forensics. These degrees are structured to enable you to earn become a Certified Information System Security Professional, the highest level of certification for forensics professionals. In addition to in-person training, a number of schools offer online distance training in forensics, including the ITT Technical Institute.

Courses within a computer forensics degree generally focus on the technology and legal aspects of the career, requiring the development of a broad base of knowledge. Students are required to gain expertise in the criminal justice and law enforcement system, as well as a core set of skills in both computer science with a focus on hardware and computer security.

At leading universities course offerings include Forensics and Crime Scene Investigation, Cyber ​​Crime Analysis, Police Investigation Techniques, Essentials of Computer Security, Computer Forensic Analysis and Cryptology and Computer Security. Each of these courses builds upon a foundation in criminal justice and computer science. As one of the fastest growing professions, the requirements for computer forensics training require a working knowledge of a range of technology from networking equipment to wireless protocols.

Importantly, leading computer forensics schools will provide you with an opportunity to gain hands on work experience through internships and work study opportunities within the field. Both private companies as well as government agencies are actively recruiting computer forensics experts to aid in investigations, so demand remains high for new entrants into the field. By learning a well qualified computer forensics degree, you can put yourself in a good position to become a working professional upon graduation. Louis Zhang, Accrcomputerforensics dot com

Managing Information In the Wild – Ten Tips For Lite-ECM

Traditional Enterprise Content Management (ECM) products and solutions have and continue to deliver the ability to manage content, documents, and records within the enterprise to meet today's business regulations. ECM platforms are a corporate necessity and will continue to be the backbone for critical, high-value information management and collaboration capabilities for the foreseeable future. However,…

Traditional Enterprise Content Management (ECM) products and solutions have and continue to deliver the ability to manage content, documents, and records within the enterprise to meet today's business regulations. ECM platforms are a corporate necessity and will continue to be the backbone for critical, high-value information management and collaboration capabilities for the foreseeable future. However, there is a growing challenge in enterprise content creation and management. With the increase in knowledge workers and user friendly content creation tools, electronically stored information (ESI) volume is growing at approximately a hundred percent year over year. With this volume of information, over eighty percent of informational assets exclude outside the ECM repositories, ie are “in the wild”.

With today's dispersed mobile workflow, documents and records are now created and scanned across databases, servers, email applications, laptops, desks and storage systems around the world. The problem is how to find the key critical documents and records in today's informational ocean and pull them into the ECM workflow, while leaving the rest in-place and indexing it. Because, importing all documents and records into the corporation's central ECM repository is no longer possible or feasible due to sheer volume. A solution to the “in the wild” information problem would be to provide ECM functionality and features ranging from information access, information management, records management, metadata capture and management, full text and full content indexing, auto-classification across any device to separate non-critical information from critical information and seamlessly transition it into the ECM repository or indexing and managing information in-place.

To help manage the information growth while maintaining enterprise content management control of high-value documents and records, corporations need visibility into important data outside the ECM repository or “in the wild” information. Gartner coined the term “Lite-ECM” which describes a cooperative information access and management suite that seamlessly integrates and extends today's ECM platform capabilities to provide identification, search, analysis and auto-classification of information outside the ECM repository stored through the organization. Adding in-place indexing and management capability delivers the ability to effectively organize distributed information into a single, easy-to-use information perspective, regardless of where the information resides. But, adding another tool to the toolbox can be challenging, especially on today's constrained IT budgets. What are the key features needed to determine the right Lite-ECM product fit for your corporation? David Morris, Director of Product Marketing at Kazeon, provider of Information Management and eDiscovery technologies, offers insight into the top criteria for choosing a “Lite-ECM” software suite to augment and extend your ECM capabilities and reduce deployment and management headaches.

1. Enterprise-class Scalability & Performance – Most Lite-ECM information platforms were organized with a reactionary (do it once) ideology, which causes significant scalability challenges when attempting to deploy continuous Lite-ECM capabilities to manage today's dynamic information environments. A Lite-ECM suite must be scalable to search across hundreds of terabytes of electronically stored information, as well as scale into the billions documents, and have the performance to process the data to keep pace with today's information growth.

2. Auto-Discovery of data sources – The Lite-ECM suite must have the capability to auto-discover informational sources anywhere on the network, since critical data may reside in the enterprise file storage file server or a laptop in Shanghai. To truly manage all information, auto-discovery is a critical feature of any enterprise level Lite-ECM suite.

3. Holistic and Dynamic Organizational Information Map -Since network topology can change rapidly, having a dynamic and active continuous auto-discovery capability is critical for information indexing, internal investigations, litigation procedures and information capacity planning.

4. Agent-less Information Management- Organizations have sufficient critical data running on servers, laptops and desks today. Having another agent on all devices simply reduces operational health and increases risk, not to mention that the device has to be “known” to install an agent. Agent-less search has a low impact on the IT infrastructure and is more rapid to deploy. With the scalability challenges solved, it is the lowest risk highest reward approach to identifying all data sources on the network. Since users can not disable agent-less search, it provides a rapid and powerful investigation and litigation capability to find potentially relevant information and hold it in-place for review.

5. Robust Search, Analysis, and Classification – Searching, analyzing and classifying information complex challenges; however, a Lite-ECM suite will need all three to truly add value and help separate the relevant from the non-relevant information within an organization. Having a strong analysis and auto-classification capability that can sort large data sets based on metadata, document content, file type, etc. is necessary to accurately and quickly reduce the volume of data to a relevant and manageable set to review and processing.

6. Tagging -Automating the tagging of individual content or grouping content into relevant virtual folders with a robust policy based engine allows administrators to simplify the review and reporting process by delivering a virtualized organizational information overview.

7. Workflow Management- After gaining insight into and classifying critical information, bringing the “in the wild” data into the ECM platform for workflow management and preservation is a key capability. With the ability to automate the move, copy, encrypt, delete actions; an automated policy based methodology accelerates the manual processes for processing of all enterprise data. Furthermore, it allows corporate governance policies and IT policies and procedures to be managed and enforced through the existing platform.

8. Unified Management – With billions of documents and petabytes of storage, corporations can easily be overwhelmed by the volume of data and its presentation. A robust Lite-ECM suite must have a unified management view across the entire network and the ECM platform to simplify operational management. Without a unified management approach, the management task is overly burdensome and not feasible.

9. In-Place Record Hold – Being able to tag and hold potential critical information at the source, ie server or laptop, is a capability that separates the efficient Lite-ECM suites from unusable ones. It is not reasonable to move all potential critical data back to a repository before review, the in-place hold and review and subsequent collection process streamlines and accelerates the process to meet today's claims and reduce infrastructure costs.

10. Enterprise-Wide Critical Information Capture – With 80% of corporation's informational assets outside the control of the ECM platform, a Lite-ECM will need to have the flexibility to identify, access, search, and review information which resides in databases, email archives, servers, email systems and storage systems across the network. With an automated workflow policy engine, capture and movement of critical information to the ECM repository can be completed on a daily, week, or monthly basis. Having an extensible architecture to facilitate search, collection and review across existing and emerging applications and data types is a critical capability.

Deploying a Lite-ECM suite is a complex process, since it impacts IT, Legal, human resources, records management and security teams. To meet stakeholder needs, Mr. Morris advocates convening a cross-functional team to gather requirements, review solutions, and manage deployment of a Lite-ECM suite, as well as to create a sense of ownership and responsibility or the enduring usage of the new suite.

For a Disabled His Tongue Controls His Computer

The round the clock “busy” tongue has been given a completely new and unique job to perform apart from doing chit-chats, differentiating sweet from salty, wiping off the melting cones etc. It has been turned into a computer control pad for a below neck disabled. Although sounds extremely amazing, it has to be believed if…

The round the clock “busy” tongue has been given a completely new and unique job to perform apart from doing chit-chats, differentiating sweet from salty, wiping off the melting cones etc.

It has been turned into a computer control pad for a below neck disabled. Although sounds extremely amazing, it has to be believed if it claimed by Georgia Tech researchers.

The researchers at Georgia Tech have come up successfully to transform the mouth of a disabled into a virtual computer which would be controlled by the tongue. Interestingly, his thirty-two teeth, even if he / she has the complete set or not, will work like a keyboard.

The innovation, though in its early stage, has shown bright results, and seems to have brought an end to all the woes of a disabled. They call it “Tongue Drive System.” As the name implies, the tongue has the lead role to play to serve a disabled.

The simple and guided movements of the tongue will help him to run his wash machines and air-conditioners and other home appliances. Now, using his tongue, he can easily roll on his wheelchair without a human support. And most importantly, he can operate his computers.

This rare scientific device is a much needed booster and a lifeline for a helpless disable. It could make him / her self dependent and competent.Assistant professors Mayasam Ghovanloo, the head of this project, appeared optimistic and said, “You (disables) could have full control over your environment by just being able to move your tongue.”

Moreover, his precious scientific feat has got many advocates too. What they loved most of this device is its versatility and easy to use features. For example, Mike Jones, Shepherd Center, Atlanta said, “This could give you an almost infinite number of switches and options for communications.

Can I Keep Secure With a Free Anonymous Web Proxy?

In this day and age it is really difficult to feel secure and protected with identity theft on the increase our electronic lives means having access to that personal information is more valuable than ever. Learning only a few bits of information about someone like names dates and mothers maiden name along with a password…

In this day and age it is really difficult to feel secure and protected with identity theft on the increase our electronic lives means having access to that personal information is more valuable than ever. Learning only a few bits of information about someone like names dates and mothers maiden name along with a password or two and you have serious power over them. This information is becoming easier to retrieve as we spend more time on the internet giving out such information. Anyone using a free anonymous web proxy is therefore not really all safe or secure.

To illustrate the point an associate of mine has recently stayed in a hotel that belonged to a large chain he had invested in using the wireless network that was available at extra cost. Although there were no complaints in terms of speed and service he found this facility to be incredibly insecure. He had used the free program 'waveshark' which acts as an amazing network sniffer and he could access all sorts of customer information from within the building. He could note down some passwords, tones of personal information including dates of birth, names, addresses and even mothers maiden names. There was very little information being encrypted via SSL but what there was showing was unreadable as expected but for the most part all of the information was available in clear text. This is especially dangerous as many people stick to using the same important memorable password for everything including bank details.

So how much of this information would have been available had he been using an anonymous proxy?
Unfortunately every last word. Every detail would have been there to take as anonymous proxy works only to shield your details from the server you are visiting everyone else can still access all of the information. So when using a wireless network think twice before giving out all your details and always use companies promoting an encrypted method of payment such as SSL.

Anonymous Browsing and the Difficulties of HTTP

HTTP is a basically the methods through which your browser communicates with any website and exchange information but there are many problems within the protocol that restricts anonymity like the fact that it exists on the TCP port 80. Port 80 has become a standard TCP port to use and almost every web server will…

HTTP is a basically the methods through which your browser communicates with any website and exchange information but there are many problems within the protocol that restricts anonymity like the fact that it exists on the TCP port 80.

Port 80 has become a standard TCP port to use and almost every web server will list that port with the exception of security such as SSL but as a general rule Most connection is through the TCP port 80. Firewalls will usually allow all TCP80 communications as a first rule. The protocol itself is text based ASCII to be precise which means that all communication must be readable this means no decryption or decoding. It is quite bad easy to follow a HTTP trace and if you ignore all the GET requests / responses you can pretty much read the rest which is bad when we are told to protect and be secure with our personal information.

HTTP trees every request and response as individual questions and answers this means it can not follow long or draw out complicated conversations. Even when the communication comes from the same place HTTP will treat the information as a totally separate thing. HTTP also sufferers a certain lack of security and does not authenticate users. Through the use of cookies HTTP can get round some of the authentication issues by maintaining a connected state between the sever and the client there can also be protocols such as NTLM and certain forms and services like Microsoft Passport.

The HTTP protocol was never written with security in mind and should not be thought of a bad because it doesnâ € ™ t have security features, it was designed for the quick exchange of information in a simple manner it does this jobs really well otherwise it would not have survived the rate in which the Internet is expanding and developing.

Obviously HTTP can not be anonymous as it is designed to exchange passwords, usernames and identities the same way as all of the information it transfers and it can not protect your information or identity even when HTTP just blocks your IP address this is not really achieving any anonymity.

Digital Forensics For Private Investigators

What is Digital Forensics? Digital Forensics is the terminology used when digital artifacts are collected from a computer system in a forensically sound manner. In other words, digital artifacts such as documents, spreadsheet, pictures and email can be retrieved from a computer, PDA or any other type of digital device with storage capacity. The material…

What is Digital Forensics?

Digital Forensics is the terminology used when digital artifacts are collected from a computer system in a forensically sound manner. In other words, digital artifacts such as documents, spreadsheet, pictures and email can be retrieved from a computer, PDA or any other type of digital device with storage capacity. The material is then analyzed and preserved. This operation can often be done even if the data has been intentally erased. Digital Forensics procedures will allow the forensic examiner to reveal digital evidence, and display the exact time and date the information was created, installed, or downloaded, as well as when it was last accessed. Although the first computer crimes occurred in the 1970's, computer forensics is still a reliably new field. While we now have more PC and mobile device users then ever, the demand for Digital Forensics is quickly increasing. Laptop computers, PDA's and mobile phones with the capability of storing pictures, connecting to the Internet and e-mails, more and more often require the need of Digital Forensics to determine the action to be taken in criminal litigation cases, corporate espionage, and complaints of child pornography, Likewise, acts of terrorism as well as the practices of disgruntled employees and the behavior of cheating spouses, all have one thing in common: they frequently utilize computer systems and mobile devices to assist them in their unethical actions and crimes. The evidence that these activities leave behind is read through the procedures of digital forensics.

Digital Forensics or Computer Forensics?

In the past, computer forensic investigations have had PC and Laptop systems as their primary target for examination. Within the past years, the computer forensic field has been forced to broaden its scope, tools and investigative techniques in order to keep abreast of the personal technology being used by common citizens. Equipment such as Cell phones, PDA's, Blackberrys and GPS systems are used on a daily basis, and can contain vital information from sms test messages, emails, phone logs and previous GPS destination coordinates. Therefore the term Digital Forensics is becoming very popular as the computer forensic field expands and incorporates the digital analysis of new technological devices.

What can a skilled Digital Forensic Examiner do?

A skilled digital forensic examiner can recover deleted files from a computer. He or she can view which websites have been visited from a specific computer even after the browser history and cache have been cleared and deleted. A digital forensic examiner is able to review previous communications sent and received via an instant messaging and chat application such as yahoo instant messenger and msn messenger. The forensic process will also restore deleted or hidden pictures and email messages. In addition the forensic examiner is trained to analyze and re-create deleted text messages and call logs from cell phones, PDA's and Blackberry devices.

How the Private investigator can benefit from Digital Forensics

Digital Forensics can assist the private investigator in many ways principally by identifying vital information and saving cost and time. Often 2-3 hours of digital forensic examination techniques are able to expose more evidence then several days of surveillance and dumpster diving. Deleted data from digital devices such as cell phone text messages and other acts are often recoverable; for example, did your client's spouse have an instant messaging conversation? Are those deleted emails recoverable? What websites did the suspect visit?

Several examples below elaborate how Digital forensics can assist the private investigator in specific cases and tasks:

Adultery cases:

Online chats or sms text messages are often used to arrange meetings and provide covert communication to avoid suspicions by the guest.

Fraud Cases:

It is often possible to determine when and if a document was altered. Without the document was produced by a typewriter, there always is or at least has exhausted an electronic copy somewhere. In addition to the most common word processor, “Microsoft Word” which is part of the Microsoft office suite embeds Meta data into each document. This Meta data can provide vital information such as the identity of the author and the computer on which the document was composed. The same applies to Microsoft Excel spreadsheet applications.

Tailing a suspect:

When tailing a suspect, imagine how informative it could be to know his / her previous destinations, prior to starting the assignment. Impossible you say! This is not necessarily so especially if the individual had traveled by vehicle and used a GPS (Global Positioning System). Some of the most recent advances in Digital Forensics allow for the retrieval of information from the most common GPS systems.

Harassment cases:

There are many different types of harassment. It is often the case that your client may not only be receiving harassment in person, but also via phone, and / or email. A Forensic Examiner can reserve logs of phone calls received from cell phones and present them as evidence by strictly maintaining a chain of custody. Every email sent from a given source to a specific destination leaves information embedded in that email. This information is referred to as the email header. The forensic examiner can analyze the email header and trace it back to the origins of the IP address from which it has been sent.

Surveillance:

When considering surveillance, most think of traditional techniques such as: tailing, stakeouts and video surveillance. However, modern computer techniques can also be a valuable asset to the private investigator. There are such devices as spy ware programs and keystroke loggers that will provide real time information about what, where and when things have occurred on a suspected computer.

Who has the right to search a computer or Digital device?

The Fourth Amendment protection against unlawful search and seizure only applies to government entities such as law enforcement. The Fourth Amendment does not apply to private searches. A private search can be connected or authorized by anyone who has a legal right to the data stored on the computer, such as employers or spouses. Since computers are common property, spouses can give consent to a private search of the computer

Conclusion:

In the dynamic world of Private Investigation, it is vital to adapt to new technologies and be able to provide your clients with competitive services of the highest degree. Most importantly it is essential to keep your clients in your domain for all of their investigative needs. Therefore training private investigators in the art of Digital Forensics or partnering with a Digital Forensic expert is a necessary step in securing not only the stability and longevity of your business but assuring that it is prepared to meet the requirements of the technological exigencies of the future.

Top 6 Computer Forensics Schools

If you are really interested in retrieving lost data from digital devices like hard disks and memory cards for crime investigation purpose, you can consider learning a computer forensics degree as federal agencies and other detective agencies recruited people who have knowledge about computers and trained them for specific tasks relating to this particular field…

If you are really interested in retrieving lost data from digital devices like hard disks and memory cards for crime investigation purpose, you can consider learning a computer forensics degree as federal agencies and other detective agencies recruited people who have knowledge about computers and trained them for specific tasks relating to this particular field of forensics. There are many universities and colleges have started running specialized courses for this field of study.

Most universities offer this particular course online, while some institutions offer a traditional degree that requires mandates to attend lectures on campus. Here are the best universities that offer both online and off-line degree of this particular course:

  • The American Intercontinental University (AIU) is one of the most reputed universities offering such courses. You can earn one of the most reputed Bachelor's degrees in computer forensics and a Master's degree in Internet Security through the AIU.
  • The Kaplan University provides degrees in computer crime and criminal justice. This university does not provide a Master's degree program but they offer Bachelor's degree course in this field of study.
  • The Virginia College runs courses that would help you in learning a Master's degree in Cyber ​​Security.
  • The University of Phoenix runs regular and online courses for associate degrees in Information Systems.
  • Similar programs are run by the Colorado State University, offering associate degree in Information Technology, Bachelor's degree in IT security and Master's degree in Information technology.
  • The Capella University also runs highly reputed online programs specializing in IT and Information systems.

Two Basic Steps on How to Earn a Computer Forensic Certification

If you have the curiosity of solving crimes involving recovering deleted information from various digital devices like hard disks and memory cards (as used in mobile phones and digital cameras); then you can start to learn how to become a professional computer forensic investigator who is well-resourced with the skills needed to study and decipher…

If you have the curiosity of solving crimes involving recovering deleted information from various digital devices like hard disks and memory cards (as used in mobile phones and digital cameras); then you can start to learn how to become a professional computer forensic investigator who is well-resourced with the skills needed to study and decipher such crimes.

If you are really serious about it, then you should seek a proper training about this particular field.

Step 1: Start surveying for various institutions that offer this particular training

There are various exams and certifications for professionals, who do not have a proper degree in the field of computer forensics, and the same time that they want to increase their scope and ability or they are interested in switching from their current careers to a career in this field of study.

Since white-collar crimes have increased tremendously as well as the number of applicants of this field of study. It shows that being a skilled investigator has better prospect in terms of better salary and greater security. Therefore, getting yourself equipped with one or more such certifications can be one of the most beneficial steps that you might have taken for your career.

Step 2: Seek a training program that offers CISSP certification

The CISSP is one of the widely recognized certificates around the world. While the former stands for Certified Information Systems Security Professional, the latter stands for Certified Computer Examiner.

In order to earn a CISSP certification, the candidates are provided to exist to certain rules. They must, first of all, possess at least 5 years of direct security work experience. Candidates are also required to clear the CISSP exam with a score of more than 700 and answer four questions regarding criminal history and family background.