Comments on: Network Forensics Puzzle #3 Finalist!

By: Wesley McGrew

Wesley McGrew — Mon, 08 Mar 2010 16:32:33 +0000

Certain kinds of network and file activity can show that someone was there. How that contradicts or corroborates what the suspect is saying in interviews, or how it relates to non-digital evidence varies from case to case.

You’ve hit the nail on the head though: One of the biggest difficulties in digital forensics is “putting a butt in a chair”. You have to tie it together with other forms of forensics and investigations. I suppose other types of forensics have the same problem: if my fingerprints are on a knife, it doesn’t prove I stabbed someone with it. It’s up to investigators and legal teams to bring it all together into something that makes sense for that case.

By: thefixer

thefixer — Mon, 08 Mar 2010 02:01:05 +0000

just because a users account was logged in does not prove that he was there.

By: Wesley McGrew

Wesley McGrew — Sun, 07 Mar 2010 01:12:09 +0000

A lot of digital forensic techniques that don’t look useful on the surface can come in handy with some cases.

Even if it’s not directly related to the crime in question, being able to show that someone was in a household and using computers (or other devices) there at a given time can punch holes in alibis or whatever story a suspect might come up with when interviewed.

By: thefixer

thefixer — Fri, 05 Mar 2010 08:58:39 +0000

cops have no business learning this, they outta spend time writing tickets and catching killers and crack dealers, pimps and, maybe child porno, you know, people who really need to be in prison, id sleep better at night knowing that boss hawg and his high and mighty judge croneys, and the privatized prisons who make a capitolist mockery of justice, sleeping soundly knowing they dont have the power to put me away for a few petty keystrokes because impotence and anus cancer has got them afraid the bad man might sleep with their women. bwhahaha.