Please help answer my question which relates to Netflix's "Making a Murderer" series.
In December of 2006, attorneys in the USA received a hard disk image file created by EnCase V4. The attorneys lacked EnCase software. The image was copied to 7 DVDs. The attorneys never mounted the image file.
I would like to know whether the free EnCase Forensic Imager, or another free alternative, was available in December 2006 to mount the image (or to convert it to a format that could be mounted with free software).
Thanks
Not been in the industry in 2006, and Google not helping, I haven't been able to determine if you could mount an image with freely available tools back then.
But I did start playing around with forensic tools in 2009, and was able to examine an image using trial versions of FTK and ProDiscover.
I haven't really gone through the other thread, but what was stopping them from paying for an examiner? Even then, they werent qualified to examine or present the evidence…
That's really what it comes down to; they don't even really need to have access to the tools. LE has access to the tools, and the defence can arrange for a suitably qualified examiner to attend the LE premises, get set up on a computer, and review the images that are in police custody. But at best they can say "i saw a file". But that doesn't mean they'll know anything about said file, or even be able to examine the forensic artefacts…
Thanks for the reply.
I don't think that the defense attorneys wanted to know what was on that computer. The prosecutor gave the defenders cover by sending an email falsely stating that the drive contained no evidentiary value. The prosecutor did not back up that claim with a forensics report. In fact, the prosecution prepared, and hid, a forensic report that was exculpatory for the defendant and damning for the prosecution witness.
The defenders claim that they didn't receive the image file soon enough to have it examined. That claim is nonsense. They had 22 days before a court deadline to submit evidence needed to point to an alternative suspect or they would be barred from making such an argument. They had 55 days before the trial. Forensic results within that time would allow the defense to impeach testimony of the key prosecution witness.
IMO, the trials of the two defendants in the Teresa Halbach murder case were staged political theater with every defense attorney aligned with the prosecutors. Defendant Steven Avery had zero chance of acquittal at his trial due to a jury rigged against him. One on the jurors was the father of a deputy of the sheriff's office and was himself a volunteer deputy who drove a patrol car. Another juror was the spouse of a county clerk. After the trial a couple of jurors reported that they feared for their, and their family's, personal safety if the didn't convict.
My view is very much a minority view. The two main defense attorneys are almost universally hailed as champions of justice who fought valiantly against a lost cause.
I work on defense cases, and I fight with everything I have to make sure they get best job that can be done.
The defense fights an uphill battle in quite a few aspects of the case. In the same sense the police have to deal with locked phones (which we don't deal with).
Thanks for the reply.
I don't think that the defense attorneys wanted to know what was on that computer. The prosecutor gave the defenders cover by sending an email falsely stating that the drive contained no evidentiary value. The prosecutor did not back up that claim with a forensics report. In fact, the prosecution prepared, and hid, a forensic report that was exculpatory for the defendant and damning for the prosecution witness.
The defenders claim that they didn't receive the image file soon enough to have it examined. That claim is nonsense. They had 22 days before a court deadline to submit evidence needed to point to an alternative suspect or they would be barred from making such an argument. They had 55 days before the trial. Forensic results within that time would allow the defense to impeach testimony of the key prosecution witness.
IMO, the trials of the two defendants in the Teresa Halbach murder case were staged political theater with every defense attorney aligned with the prosecutors. Defendant Steven Avery had zero chance of acquittal at his trial due to a jury rigged against him. One on the jurors was the father of a deputy of the sheriff's office and was himself a volunteer deputy who drove a patrol car. Another juror was the spouse of a county clerk. After the trial a couple of jurors reported that they feared for their, and their family's, personal safety if the didn't convict.
My view is very much a minority view. The two main defense attorneys are almost universally hailed as champions of justice who fought valiantly against a lost cause.
https://
History
Libewf was created by Joachim Metz in 2006, while working for Hoffmann Investigations.
Libewf is a rewrite of earlier work on the EnCase 4 file format by Michael Cohen part of PyFlag and the Expert Witness Compression Format Specification by Andrew Rosen. It has been updated to read and write EnCase version 1 to 7 .E01 files, EnCase 5 to 7 .L01 files, EnCase 7 .Ex01 and .Lx01 files and SMART .s01 files. Libewf has initiated an Extended EWF (EWF-X) specifications to bypass limitations on the format imposed by the EnCase .E01 format.
jaclaz
