Examination Notes /...
 
Notifications
Clear all

Examination Notes / Case Notes / Contemporaneous Notes  

Page 2 / 2
  RSS
zhaan
(@zhaan)
Member

In case you have used Case Notes previously, here is the newest version

https://first-response.co.uk/casenotes/

ReplyQuote
Posted : 24/06/2017 2:56 pm
Merriora
(@merriora)
Junior Member

As a result of the discussions on this forum and with industry leaders, I wrote an article on The Importance of Documentation which is now available on Trewmte blog.

The purpose of the article isn’t to provide a singular and definitive answer to the question of what ‘examination notes’ should look like. Instead, the article is meant to further open up the discussions on what is acceptable in your area and see if we can work towards ‘best practices’ in the industry. This can help all of us as bad case-law in one region can quickly transform the legal landscape across your respective countries.

Please post your comments to the article in this thread including the aspects that you agree and disagree with.
- What legal concerns do you have in regards to your examination notes?
- What are your thoughts on a 'Best Practice'?

ReplyQuote
Posted : 10/07/2017 10:51 am
jaclaz
(@jaclaz)
Community Legend

The purpose of the article isn’t to provide a singular and definitive answer to the question of what ‘examination notes’ should look like. Instead, the article is meant to further open up the discussions on what is acceptable in your area and see if we can work towards ‘best practices’ in the industry.

With all due respect, it seems like your article is essentially about how good your product is, and how better it is than any other method.

Mind you, I am not in any way saying that your product is not the third best thing in the world after ice cream and sliced bread, or that the other considerations on methods/procedures are not extremely valid, only that it can be easily (mis)taken as one of the various promotion/astroturfing pieces that are already all over the net.

Once said this - and again with all due respect - the idea of having *anything* of actual value accessible "from everywhere" (as is - at least partially and if I get it right - on the cloud) via Facebook, Google or similar is very different from what I would envision as "safe" or "protected".
Working on an air-gapped PC inside a faraday cage in an underground rebar concrete bunker with 5" thick steel doors is more like it wink .

jaclaz

ReplyQuote
Posted : 10/07/2017 7:51 pm
trewmte
(@trewmte)
Community Legend

Just a couple of points to make about the article. I haven't used Forensic Notes and not connected with it. I was though happy to run the article as it highlights a wide disparity in techniques in use when it comes to features and securing content.

Why are so many products lacking securing data integrity?

Moreover, with ISO17025, the CPS guidelines, FSR guidelines and so on all indicating the importance to produce notes contemporaneous to the time of examination etc.; if these bodies and guidelines had intended notes could be altered surely they would say so?

Is there a suggestion Forensic Notes has gone over-board with features and securing data or is it the case the product reflects customer demand but which reflects that their customers have legal requirements if they use such a product?

I note John Douglas' Case Notes is not in the mix of the article. How does that solution compare to Forensic Notes?

Lastly, I think Rob has endevoured to report fairly on various techniques out there and in use so that is educationally helpful.

[Reason for correction I was typing on my smartphone and my fingers are bigger than the phone's keys, so typos corrected.]

ReplyQuote
Posted : 10/07/2017 8:29 pm
Merriora
(@merriora)
Junior Member

Hey Jaclaz

I appreciate your reply. Honestly, I do not want to turn this thread into a discussion about my product, but about note taking in general and the solutions that exist which is the intention of the article. To keep this discussion going to see if "Best Practices" can be agreed on for those that are working in smaller forensic units and do not have SOPs in place. To hear reasons for and against different methods, including against solutions like mine.

There are pros and cons to every service which I attempt to point out. Mine may not be for everyone especially in an air-gapped bunker underground. ;-). For others, it may be a solution like OneNote, Word, CaseNotes or trusty paper notebook. As far as my product is concerned, I am simply hoping to create something of value to the forensic community.

This is meant to be an open discussion so that people that are looking for a solution can read the discussions and determine their best solution given their particular requirements.

From this thread and numerous discussions, I have learned a lot in regards to note taking which I was not aware of prior. Thank you to everyone that has shared their views. The difference in opinions and what should and should not be included in notes has been eye-opening, especially as we all deal with ever increasing workloads.

Cheers.

ReplyQuote
Posted : 10/07/2017 8:29 pm
jaclaz
(@jaclaz)
Community Legend

Once said this - and again with all due respect - the idea of having *anything* of actual value accessible "from everywhere" (as is - at least partially and if I get it right - on the cloud) via Facebook, Google or similar is very different from what I would envision as "safe" or "protected".
Working on an air-gapped PC inside a faraday cage in an underground rebar concrete bunker with 5" thick steel doors is more like it wink .

To make more clear the above note, there is most probably no issue whatever in the actual implementation of the crypto/protocols/whatever of the service/tool, but a Google or Facebook login (which are handy means to get access easily with a "same" ID/password to many services) should not be used for anything exception made for personal, not professional, stuff of the lowest importance.

Raise your hand (if you are either a Google or Facebook user) if you NEVER have used that id/login on a non-secure machine, or on another people PC/phone/device or when connected to an unsecure wi-fi network.

And those that raised your hand, please lower it IF you EVER used that login/password by mistake when attempting to access ANY other site.

Good, I see that no hands are in the air. )

Sure, if you have a "dedicated" Google or Facebook account that you ALWAYS and ONLY access from a (hopefully) secure connection you are good to go.

And - as a side note - the underground rebar concrete bunker is pleasantly fresh at around 22° in these days of exceptionally high temperature. wink

jaclaz

ReplyQuote
Posted : 13/07/2017 12:16 am
Merriora
(@merriora)
Junior Member

but a Google or Facebook login (which are handy means to get access easily with a "same" ID/password to many services) should not be used for anything exception made for personal, not professional, stuff of the lowest importance.

Jaclaz,

Thank you for clarifying your statement and I do agree that a dedicated email with a complex password not used for any other services would provide an extra level of security.

In our case, Multi-factor authentication is mandatory on all our accounts (except Enterprise within a secured VPN on dedicated hosts) and this does offer an extra layer of security, but the first weakness in any account compromise is often a compromised password from a situation like you describe.

No matter what application is used, be it online or offline, security of your data should be the #1 priority.

ReplyQuote
Posted : 13/07/2017 7:24 am
Page 2 / 2
Share: