Clickbait - You wil...
 
Notifications
Clear all

Clickbait - You will not believe how they register evidence!

6 Posts
4 Users
0 Likes
841 Views
LeGioN
(@legion)
Posts: 51
Trusted Member
Topic starter
 

Hello! D

I was just wondering how you guys register seized evidence?

In my agency we use Microsoft Access to register information about the case and the seized evidence in a database, Which we then use to create custom-rapports from.

I was thinking about perhaps creating something using SQL, Excel and PHP.. But with much going on at the office at the moment a premade solution would be loved.

Looking forward to hear how you guys do stuff.

/Stig

 
Posted : 06/06/2018 8:28 am
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

Clickbait - You will not believe how they register evidence!

D Lol!

Nice title.

What if I reply with "Tip Free Case management software"? (credits to MDCR ) )
https://www.forensicfocus.com/Forums/viewtopic/t=14486/

jaclaz

 
Posted : 06/06/2018 8:54 am
Bunnysniper
(@bunnysniper)
Posts: 257
Reputable Member
 

Looking forward to hear how you guys do stuff.

/Stig

The problem with managing evidence is not technology, it is the process. Getting the physical content of your evidence bag into a software. As long as all investigators do it properly and you get nice reports from Access `97 - why not? It is paid, mature, maintained, people know how to use it and the MS office files are "industry standard".

Never change a running team unless you have a really good reason to do so.

regards,
Robin

 
Posted : 06/06/2018 10:40 am
Bunnysniper
(@bunnysniper)
Posts: 257
Reputable Member
 

What if I reply with "Tip Free Case management software"? (credits to MDCR ) )
https://www.forensicfocus.com/Forums/viewtopic/t=14486/

jaclaz

In this case I have to reply with "the project is dead"
From https://kirjuri.kurittu.org/demo/help.php
"NOTICE Kirjuri is no longer actively developed since 09/2017, as I don't have time for this project anymore."

The mentioned link on dfir.training at https://www.dfir.training/index.php/tools/reports-evidence-management is dead with a 404, too.

Another argument for using MS Office xls will last forever! Excel will survive earth quakes, wars and the climate change 😉

regards,
Robin

 
Posted : 06/06/2018 10:48 am
jaclaz
(@jaclaz)
Posts: 5133
Illustrious Member
 

In this case I have to reply with "the project is dead"

I was just retaliating wink for the provocative title.

jaclaz

 
Posted : 06/06/2018 1:42 pm
Hwallbanger
(@hwallbanger)
Posts: 32
Eminent Member
 

Having been in IT for more than 30 + years (Mainframes to today's now Web developments) and seeing how Tech Creep effects all developed software regardless of publisher except maybe community supported software. Why not support Open Source software, with diminishing budgets ?

Legion's department has at least used a DataBase for their development. IMHO, this is better because it is NOT dependent upon main system RAM and it is more efficient when loading the needed information from a file - a database, minimally. This techniques is more common for the use of apps on a network for multiple user access.

This difference will end-up effecting system configuration's requirements by needing less and now with virtual becoming more and more the expected platform, this to will impact configurations.

In my agency we use Microsoft Access to register information about the case and the seized evidence in a database, Which we then use to create custom-rapports from.

So I would somewhat disagree with BunnySniper (Robin),

Another argument for using MS Office xls will last forever ! …

Having toyed with programming over the years, your choice is [in general] to use a commercial brand software that will try and pigeon hole you with tools and techniques that can only be used for their product and usually adds to the cost and complexity of the development versus the use of Community Open Source software.

I have also found that Open Source software, over the years, ends-up becoming Cross-Platform (available for Windows, Mac iOS, L/Unix). Thus providing you the Choice of which equipment and OpSys you wish to operate within.

An example of this pigeon holing, if you have used FrontPage versus programming in straight HTML, you would have experienced this for yourself. Such as the difference between website's that have been created with (now discontinued) FrontPage (.htm) versus website's created with standard HTML (.html). This same scenario can be found in most all of the commercial software.

I will admit, that I have not used all software, but from the ones that I have used and reviewed and considered, these are the general overall experiences that I have noticed about development platforms. I have watched development in languages being the standard to the move to creation of programs (apps) move to Databases, and they both now fight for this same market.

Why not consider such well known and supported Open Source Databases as

• MariaDB (MySQL compatible)
• PostgreSQL (an engine for EnCase and FTK)

Here is an article about the top 7 Databases (in their opinion) where you will find links to the mentioned databases The Top 7 Free and Open Source Database Software Solutions - Blog Post

Here is a thought, why not work within one of the Digital Forensics standards groups to come-up with some of the Common needs of this type of program and provide your insights ?

These are just some of my thoughts on this subject having been involved within the IT community for so many years. I hope that these experiences have helped in some way. )

 
Posted : 07/06/2018 12:33 am
Share: