1 / 14

Applications with Warrants In Mind

Applications with Warrants In Mind. The Law. Why are there laws specifically for computer crimes? A persons reasonable right to privacy The nature of computers and electronics Probable cause. Search and Seizure.

frey
Download Presentation

Applications with Warrants In Mind

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Applications with Warrants In Mind

  2. The Law • Why are there laws specifically for computer crimes? • A persons reasonable right to privacy • The nature of computers and electronics • Probable cause

  3. Search and Seizure • Basically identical to previous laws with exceptions to the actual allowable procedure for searching and/or seizing. • In both cases a warrant must be obtained before searching and seizing, but the conditions for each are different. • The exemption to a warrant is probable cause, but this is difficult for electronics

  4. The Process • Crime is suspected • Suspects are watched • Their system is qualitatively analyzed • When enough substantial evidence is acquired a warrant is requested and granted by a magistrate judge. • They go to physically analyze the system

  5. Important things to Think about • The criminal computers are in most cases standard PC’s or laptops, but also are many times servers. • It is important to know what OS the machine is running. • Is the machine booby trapped? • Where should I look for data?

  6. The File System • Are the desired files hidden within other data types • Could the files be in hidden (invisible) directories • What programs could be running? • Is there a program set to wipe the whole drive upon boot up if a special password or key is not entered.

  7. Time constraints • How long will it take to get the warrant? • With proper evidence it should not take long. • How long will the warrant last? • Usually the warrant will last about a month. • How long is too long to hold on to a suspects computer? • Depends on the nature and size of system.

  8. Analyzing the Evidence • Much of the work in analyzing a system is hardware related • In most cases the first thing to do is make a copy of the hard drive • Once a hard copy is made they data can be sorted with out worry of contamination • They use hard drive duplicators

  9. Forensics Software • SubRosaSoft in addition to making data recovery software for consumers and IT professionals also makes forensics software • MacForensicsLab keeps track of every action and window/button click; records date time of action.

  10. http://www.engadget.com/2007/04/30/subrosasofts-maclockpick-extracts-personal-info-from-os-x/http://www.engadget.com/2007/04/30/subrosasofts-maclockpick-extracts-personal-info-from-os-x/

  11. http://www.macforensicslab.com/samplereport/Logs_2_1.html

  12. Acknowledgements • Pictures in slides taken from image.google.com unless a link is provided on the particular slide indicating otherwise • Law information provided from US department of Justice • http://www.usdoj.gov/criminal/cybercrime/s&smanual2002.htm

More Related