Hello
I'm a recent BSc Computer Forensics graduate. Whilst I'm in persuit of my first CF job I'm keeping up with technology and forensics.
My question is where do you see CF in 5 years time?
I've read an article on evidence from a pacemaker being used as evidence
And Amazon Echo data being requested to be used as evidence
And I'm interested to know where people in the field see CF in 5 years time. Challenges? Problem solved? Other? Bring it all to the discussion.
My guess is that there'll be an increase in smart device's data being used as evidence, resulting in lab storage space becoming an issue.
Feel free to bring a new angle to the question.
I'm genuinely interested in learning. Let's talk
I think questions on the use of personal data may be a bigger issue that the collection of the original data.
Encryption and passwords is also a major issue, re iPhone case about 1 year ago.
My final concern is the size of data, a 1TB disk drive is now 'small'
I think questions on the use of personal data may be a bigger issue that the collection of the original data.
Do you think people are beginning to distrust organisation's with their personal data due to so many cyber attacks/breaches? Re Deloitte. Or do you think that organisations aren't being ethical with their data handling/storage techniques? Or other
The dawn of smart home devices and Voice Assistants with AI will have small effects on DF. As evidence is the focus the data hinting towards evidence is confused. Intensions do not proof a fact, they just hint towards. Pieces of evidence are location at a certain time e.g.. This information is residing in a Mobile Equipment without VAs. More and more apps ask for location permission, so location you get out of many apps logging/clouding location (Cellebrite Cloud Analyzer).
In 5 years I expect DF gets more easy as more devices to collect data for evidence but new areas underdevelopped like extrem complex financial fraud investigations like Virtual Currencies. To learn to handle more cryptographic issues is obviously as a 'nice try' to protect digital processes. As 80% of crypto is implementation and by default weak, there is an easy way to overcome crypto. Do not be blinded by the 20% algo part of crypto. With cloudbased spot instances on AWS you can break crypto by lease of resources.
A new phenomena will rise. Multi-tenant data residence questions where to fastest find the most accurate evidence? Which device first if time critical? A longtime research of which data layers in correlation with Apps brings the most accurate evidence we have running as a project.
Digital Hidding and Digital Camouflage will be on-large in 5 years.
Ping-Pong What do you say now?
My question is where do you see CF in 5 years time?
My opinion Digital Forensics will go darker. Encryption on iOS is only the beginning, new versions of the Android OS will have a very similar encryption as the iOS has today.
Much more forensics will be done on the Cloud Service Provider`s side they will establish (by law!) a "forensic API" for all customers, which is accessible with a digital search warrant. DFIR Experts from Law Enforcement only get a raw image file by clicking the "Evidence Button" on a website.
Much more IoT devices will lead to a very heterogenous scene, and strong encryption will find its way on these devices, too.
Encryption will be the standard for every connection and storage. Cloud based storage, apps and computing will be the standard architecture. Digital Forensics as we are practicing today will only be done on a few remaining PC and Servers. There will be more breaches on IoT and Home user`s devices, but we will not see compromised business networks and companies and longer. Cloud Service Providers are doing a much better job on security and breach prevention than most companies.
Just my 2 cent….
best regards,
Robin
My question is where do you see CF in 5 years time?
Somewhere where it rests on more solid research.
I've read an article on evidence from a pacemaker being used as evidence
That's a fairly good example. As it is presented, there's no solid evidence of anything, just seems to be a lot of assumptions. (But then, the links to 'court records' don't seem to lean anywhere near court records, so there boring details I want to read may be found elsewhere.)
Was the data acquiry forensically sound? How was that established?
What error sources are present in this kind of data? And what kind of behaviour do they show? Could there, for example, be a problem in data logging?
Is it repeatable? Ask the person to repeat his actions, and then compare that performance with what his pacemaker showed from the claimed event, you might have something. (Though it might be considered borderline unethical to do so …)
It's far to easy to overinterpret data.
And I'm interested to know where people in the field see CF in 5 years time. Challenges?
Let's hope it is not in the situation where some other forensic practices are shaken baby syndrome, bite mark or hair identification, etc.
Recommended reading 'Blind injustice' by Mark Godsey from University of California Press. Just published.
Digital Hidding and Digital Camouflage will be on-large in 5 years.
Ping-Pong What do you say now?
First of all, some very interesting points made. I never imagined somebody saying that DF would become easier.
Are cryptocurrencies something that you're encountering regularly?
Also do you think there's going to have to be more rigorous training and standards for DF analysts to find the hidden data?
My opinion Digital Forensics will go darker. Encryption on iOS is only the beginning, new versions of the Android OS will have a very similar encryption as the iOS has today.
Thank you! Very interesting points made
It's far to easy to overinterpret data.
This is something I'll remind myself of
Recommended reading 'Blind injustice' by Mark Godsey from University of California Press. Just published.
I've been meaning to read more so thank you for the recommendation
I can see more in house forensics/prevention for bigger companies.
Also seeing alot of startups of IR in house Software such as Red Canary and thin air
https://
https://
Any opinions on these and the future?