Computer Forensics ...
 
Notifications
Clear all

Computer Forensics in 5 years time

13 Posts
8 Users
0 Likes
963 Views
(@studentoflife)
Posts: 15
Active Member
Topic starter
 

Hello

I'm a recent BSc Computer Forensics graduate. Whilst I'm in persuit of my first CF job I'm keeping up with technology and forensics.
My question is where do you see CF in 5 years time?

I've read an article on evidence from a pacemaker being used as evidence Here

And Amazon Echo data being requested to be used as evidence Here

And I'm interested to know where people in the field see CF in 5 years time. Challenges? Problem solved? Other? Bring it all to the discussion.

My guess is that there'll be an increase in smart device's data being used as evidence, resulting in lab storage space becoming an issue.

Feel free to bring a new angle to the question.

I'm genuinely interested in learning. Let's talk

 
Posted : 01/10/2017 3:26 pm
(@mscotgrove)
Posts: 938
Prominent Member
 

I think questions on the use of personal data may be a bigger issue that the collection of the original data.

Encryption and passwords is also a major issue, re iPhone case about 1 year ago.

My final concern is the size of data, a 1TB disk drive is now 'small'

 
Posted : 01/10/2017 5:12 pm
(@studentoflife)
Posts: 15
Active Member
Topic starter
 

I think questions on the use of personal data may be a bigger issue that the collection of the original data.

Do you think people are beginning to distrust organisation's with their personal data due to so many cyber attacks/breaches? Re Deloitte. Or do you think that organisations aren't being ethical with their data handling/storage techniques? Or other

 
Posted : 01/10/2017 7:06 pm
RolfGutmann
(@rolfgutmann)
Posts: 1185
Noble Member
 

The dawn of smart home devices and Voice Assistants with AI will have small effects on DF. As evidence is the focus the data hinting towards evidence is confused. Intensions do not proof a fact, they just hint towards. Pieces of evidence are location at a certain time e.g.. This information is residing in a Mobile Equipment without VAs. More and more apps ask for location permission, so location you get out of many apps logging/clouding location (Cellebrite Cloud Analyzer).

In 5 years I expect DF gets more easy as more devices to collect data for evidence but new areas underdevelopped like extrem complex financial fraud investigations like Virtual Currencies. To learn to handle more cryptographic issues is obviously as a 'nice try' to protect digital processes. As 80% of crypto is implementation and by default weak, there is an easy way to overcome crypto. Do not be blinded by the 20% algo part of crypto. With cloudbased spot instances on AWS you can break crypto by lease of resources.

A new phenomena will rise. Multi-tenant data residence questions where to fastest find the most accurate evidence? Which device first if time critical? A longtime research of which data layers in correlation with Apps brings the most accurate evidence we have running as a project.

Digital Hidding and Digital Camouflage will be on-large in 5 years.

Ping-Pong What do you say now?

 
Posted : 01/10/2017 7:06 pm
Bunnysniper
(@bunnysniper)
Posts: 257
Reputable Member
 

My question is where do you see CF in 5 years time?

My opinion Digital Forensics will go darker. Encryption on iOS is only the beginning, new versions of the Android OS will have a very similar encryption as the iOS has today.

Much more forensics will be done on the Cloud Service Provider`s side they will establish (by law!) a "forensic API" for all customers, which is accessible with a digital search warrant. DFIR Experts from Law Enforcement only get a raw image file by clicking the "Evidence Button" on a website.

Much more IoT devices will lead to a very heterogenous scene, and strong encryption will find its way on these devices, too.

Encryption will be the standard for every connection and storage. Cloud based storage, apps and computing will be the standard architecture. Digital Forensics as we are practicing today will only be done on a few remaining PC and Servers. There will be more breaches on IoT and Home user`s devices, but we will not see compromised business networks and companies and longer. Cloud Service Providers are doing a much better job on security and breach prevention than most companies.

Just my 2 cent….

best regards,
Robin

 
Posted : 01/10/2017 7:40 pm
(@athulin)
Posts: 1156
Noble Member
 

My question is where do you see CF in 5 years time?

Somewhere where it rests on more solid research.

I've read an article on evidence from a pacemaker being used as evidence

That's a fairly good example. As it is presented, there's no solid evidence of anything, just seems to be a lot of assumptions. (But then, the links to 'court records' don't seem to lean anywhere near court records, so there boring details I want to read may be found elsewhere.)

Was the data acquiry forensically sound? How was that established?

What error sources are present in this kind of data? And what kind of behaviour do they show? Could there, for example, be a problem in data logging?

Is it repeatable? Ask the person to repeat his actions, and then compare that performance with what his pacemaker showed from the claimed event, you might have something. (Though it might be considered borderline unethical to do so …)

It's far to easy to overinterpret data.

And I'm interested to know where people in the field see CF in 5 years time. Challenges?

Let's hope it is not in the situation where some other forensic practices are shaken baby syndrome, bite mark or hair identification, etc.

Recommended reading 'Blind injustice' by Mark Godsey from University of California Press. Just published.

 
Posted : 01/10/2017 7:52 pm
(@studentoflife)
Posts: 15
Active Member
Topic starter
 

Digital Hidding and Digital Camouflage will be on-large in 5 years.

Ping-Pong What do you say now?

First of all, some very interesting points made. I never imagined somebody saying that DF would become easier.
Are cryptocurrencies something that you're encountering regularly?

Also do you think there's going to have to be more rigorous training and standards for DF analysts to find the hidden data?

 
Posted : 01/10/2017 8:02 pm
(@studentoflife)
Posts: 15
Active Member
Topic starter
 

My opinion Digital Forensics will go darker. Encryption on iOS is only the beginning, new versions of the Android OS will have a very similar encryption as the iOS has today.

Thank you! Very interesting points made

 
Posted : 01/10/2017 8:24 pm
(@studentoflife)
Posts: 15
Active Member
Topic starter
 

It's far to easy to overinterpret data.

This is something I'll remind myself of

Recommended reading 'Blind injustice' by Mark Godsey from University of California Press. Just published.

I've been meaning to read more so thank you for the recommendation

 
Posted : 01/10/2017 8:28 pm
(@deltron)
Posts: 125
Estimable Member
 

I can see more in house forensics/prevention for bigger companies.

Also seeing alot of startups of IR in house Software such as Red Canary and thin air
https://www.redcanary.com/managed-detection-and-response/
https://www.thinair.com/

Any opinions on these and the future?

 
Posted : 02/10/2017 3:12 am
Page 1 / 2
Share: