I have posted this elsewhere but I think this forums members may be interested in this.
The UK Forensic Science Regulator has issued the linked document for consultation.
For UK practitioners, big or small, the implications are considerable. If you don't agree with what is proposed you need to respond by the end the month.
FWIW I think UK practitioners are sleep walking into a bureaucratic disaster in the years ahead.
Regards,
I have posted this elsewhere but I think this forums members may be interested in this.
The UK Forensic Science Regulator has issued the linked document for consultation.
Very, very interesting. )
FWIW I think UK practitioners are sleep walking into a bureaucratic disaster in the years ahead.
Yep ), and IMHO as well all providers of related software and hardware tools will have a rather tough time. 😯
jaclaz
Do you know who wrote this paper? It could have really done with the services of a copy editor.
It does appear to be creating an absolute monster. It appears to treat a digital investigation like some sort of process production line in the private sector. Investigations are dynamic and often a wide range of tools and manual techniques are used.
I totally agree with maintaining the absolute highest standards and validating results but this appears to be such a bureaucratic and wasteful way to achieve it.
The vast vast array of tools, o/s, file systems and artefacts makes it all but impossible to blanket test before using tools. Think of the vast array of browser updates, chat program updates, phone apps, o/s changes etc etc. Surely the validation and testing should be done on a case by case basis during the investigation and before evidence is produced?
Either that or have a centralised body to do it as efficiently as possiblly. Even this has problems. Having seen the NIST document comparing 2 particular version of 2 popular mobile phone forensic tools I can appreciate the difficulty and challenge of the task.
To me it feels like the sort of document written by an academic with very little investigation experience.
Not everyone in the same laboratory validates every tool used in that laboratory.
Normally a new tool is validated by one member of staff and and then used by other members of the same team.
Whilst this approach is less demanding of resources it could be made even less demanding if we shared our results between laboratories and individual practitioners.
By making validations available to the the scrutiny of the whole forensic community we would each feel more confident with the results of our own validations.
Would it be possible to post validations on this forum where the work would benefit the whole of the forum / forensic community?
There are so many problems with it that it's difficult to know where to start. But possibly my favourite part is the comparison between computers vs phones. Apparently phones are varied enough that the process can be purposefully vague - but computer analysis has to strictly adhere to procedure. Wonderful!
There are so many problems with it that it's difficult to know where to start. But possibly my favourite part is the comparison between computers vs phones. Apparently phones are varied enough that the process can be purposefully vague - but computer analysis has to strictly adhere to procedure. Wonderful!
Totally agree with you - but the key thing now is for these observations to be recorded in the response document and sent back to the home office. The deadline is tomorrow.
Best regards,
Totally agree with you - but the key thing now is for these observations to be recorded in the response document and sent back to the home office. The deadline is tomorrow.
I don't know 😯 , to be picky (as I notoriously am) that is a given deadline for submission of comments, but the whole procedure (as often happens with this kind of drafts/regulations) is - at least to me - completely "opaque".
There was - seemingly - a "competitive tendering process" 😯 (When/Who/What/Where?) that was *somehow* awarded to the "academic with very little investigation experience" (as in dan0841's nice description, the one that clearly - in my opinion - didn't actually write anything but made one of his/her student jolt down it instead wink ) and there are no hints anywhere about the process that is expected to be carried to move from the draft to the actual final document, and it's enforcement.
I would expect that a document with such a potential disruptive effect on court cases and on the profession of digital forensic investigators would go through several "loops" of revisions/drafts, with successive edits, comments, corrections and adjustments implemented before being released.
Otherwise (and I may be of course very wrong about this) it seems to me a lot like the typical "suggestion box" with integrated shredder. (
jaclaz
I don't know 😯 , to be picky (as I notoriously am) that is a given deadline for submission of comments, but the whole procedure (as often happens with this kind of drafts/regulations) is - at least to me - completely "opaque".
There was - seemingly - a "competitive tendering process" 😯 (When/Who/What/Where?) that was *somehow* awarded to the "academic with very little investigation experience" (as in dan0841's nice description, the one that clearly - in my opinion - didn't actually write anything but made one of his/her student jolt down it instead wink ) and there are no hints anywhere about the process that is expected to be carried to move from the draft to the actual final document, and it's enforcement.
I would expect that a document with such a potential disruptive effect on court cases and on the profession of digital forensic investigators would go through several "loops" of revisions/drafts, with successive edits, comments, corrections and adjustments implemented before being released.
Otherwise (and I may be of course very wrong about this) it seems to me a lot like the typical "suggestion box" with integrated shredder. (
jaclaz
Maybe but UKAS is already advertising the assessors job
The document envisages method validation for imaging by next year 2015 and for everything else I understand the planned implementation date is 2017.
Regards,
There was - seemingly - a "competitive tendering process" 😯 (When/Who/What/Where?) that was *somehow* awarded to the "academic with very little investigation experience" (as in dan0841's nice description, the one that clearly - in my opinion - didn't actually write anything but made one of his/her student jolt down it instead wink )
jaclaz
Sorry - I didn't mean it in that way! The point I was trying to make was that in an academic environment there are many things that are taught (or were to me as a student) that are not necessarily practical, cost-effective or realistic in a real world environment.
In an ideal world it would be amazing to be able to pick up scientific peer-reviewed documents which validate most aspects of most of the main forensic tools (Including all versions and iterations). However, given the range of tools, the range of O/S, File Systems, forensic artefacts it seems a very difficult and potentially unacheivable ideal.
I would expect that a document with such a potential disruptive effect on court cases and on the profession of digital forensic investigators would go through several "loops" of revisions/drafts, with successive edits, comments, corrections and adjustments implemented before being released.
Otherwise (and I may be of course very wrong about this) it seems to me a lot like the typical "suggestion box" with integrated shredder.
jaclaz
I hope it does get a lot more thought and revisions! D