Oct 12

Forensic Tecnologies Preview Day, Introduction

Tag: Informática LegalJoaquim Anguas @ 8:15 pm

Today I attended “Forensic Technologes Preview Day” held in Karlruhe, Germany, an overview of the state of the art by some of the major players in the field.

I would like to thanks the organizers MH Service for the initiative and specially to Jan for his help before and during the event.

With at least 50% of the attendees being from law enforcement, product demonstration and presentations had some focus to their needs.

There’s also an emerging trend to move forensically sound practices inside the enterprise.

While some providers’ concentrate on horizontal solutions, like Paraben’s  P2 Enterprise or AccessData’s Access Data Enterprise for example, others see vertical approaches and specialization as their core value.

I am not inclined myself to use the term “forensics” widely because of the dissonance between the original meaning of the term (“of or before the forum”, recently “legal” or “related to courts” (see here) and the meaning we find lately: scientific or engineering techniques or activities oriented to derive facts from evidences. Deriving facts from evidences is a matter of interest for legal systems, but also for investigators, auditors and computer security professionals in our context. In my humble opinion mixing disciplines is not recommended. Anyway…

I had the opportunity to share experiences with some law enforcement officers. They pointed me to a Linux distribution I wasn’t aware of: grml. It is not primarily intended for forensic acquisition or analysis, but it looks like it deserves an in depth evaluation. I’ll let you know.

I want to share some comments regarding the presentations in following posts.