Join Us!

(IN)Secure Magazine...
 
Notifications
Clear all

(IN)Secure Magazine - Computer forensics vs. e-discovery  

  RSS
MindSmith
(@mindsmith)
Active Member

Available for free download from http//www.insecuremag.com/

Regards,

Quote
Posted : 18/10/2006 4:29 pm
keydet89
(@keydet89)
Community Legend

MindSmith,

What about it? Many of us know about the site and the e-mag…is there something specific about the article?

What are your thoughts on the article?

ReplyQuote
Posted : 18/10/2006 6:12 pm
MindSmith
(@mindsmith)
Active Member

Apologies - It should have been posted in the 'Getting Started' forum & I should have put in an explanatory note that it provides a nice concise summary for those new to the field looking to explore the differences between the concepts of Forensics & E-Discovery.

Thanks for pointing that out.

Regards,

ReplyQuote
Posted : 19/10/2006 4:30 pm
keydet89
(@keydet89)
Community Legend

This is one of the things I see in the community all the time…someone posts nothing more than a link. As a member of the community, I'd love to see/hear what others think, especially the person who found it interesting enough to post in the first place.

ReplyQuote
Posted : 19/10/2006 5:18 pm
keydet89
(@keydet89)
Community Legend

I went back and read through the article in question again, and it is a good description of the differences between computer forensics and e-discovery.

IMHO, if anyone comes up to you with a job offer and mentions "the exciting world of e-discovery", run! If you just want to run keyword searches over and over, and that's your thing…go for it!

ReplyQuote
Posted : 19/10/2006 6:12 pm
w47ty
(@w47ty)
New Member

I thougt it was a good article, if a little brief. However I was disappointed that half of it was given over to regurgitating guidelines. A simple link would have sufficed (it is after all an online journal)

It is an interesting area at the moment because Ediscovery is very much the flavour of the month and is very often confused with Computer Forensics by many clients.

Harlan-i take your point about running for cover from the exciting world of Ediscovery. However an interesting point, Morgan Stanley in May 2005 had damages awarded against them for US$1.4 Billion, yes thats $1.4 billion!! for failing to conduct a satisfactory discovery process. I havent heard of anything quite that sizeable as a result of an issue with CF.

My point is, as I know you will ask what it is, is that there are or will be alot of people selling Ediscovery products and services at the expense of CF work and will be making a nice profit out of it I am sure. Of course I am not motivated by making lots of money myself but… D

ReplyQuote
Posted : 26/10/2006 6:30 am
keydet89
(@keydet89)
Community Legend

w47ty,

Oh, without a doubt! Pen testing was the "sexy" service of the '90s, and from here on out, CF and eDiscovery will be the same way.

Of course, like many, I have mortgages and bills, so earning a living is necessity…but eDiscovery really boils down to imaging vast amounts of data and running keyword searches. But then, I know a CF guy who would copy an image and put the copies into 6 different systems to run massive keyword searches in parallel…and play Quake on the 7th system. HHhhmmmm…maybe I should rethink my position, and sign up for an Unreal tournament…

ReplyQuote
Posted : 26/10/2006 7:18 am
w47ty
(@w47ty)
New Member

haha absolutely and dont get me wrong give me CF over Ediscovery anytime. It isnt a very interesting use of our skills and I am unfortunately in the position where I need to do both as somebody who has taken the big four shilling!! D

On a topic close to your heart it will be interesting to see what, if any innovation comes out of the Ediscovery space. not sure being a professional Quake player qualifies though!!

ReplyQuote
Posted : 26/10/2006 7:38 am
ChocolateDonut
(@chocolatedonut)
New Member

I'm up to my neck in complex litigation (patent) eDiscovery and find the forensic aspect monstrously fascinating. The current ED tools were first designed for data storage capacity from 5-7 years ago- and they are stuggling to keep up. With the size of data collections we make today, the only way to sort out relevant docs begs some forensic knowledge. I see a great space for CF to overlap/compliment the ED process in native file searches- preserving the orig file formats. You should see the mess summation makes dealing with native files- copying files, changing file names. Our best practice right now is maintain a path back to the orig in case that file’s metadata is found relevant. There’s definitely a bleeding btwn the 2.

New US e-discovery federal rules might compel companies to crack down on what their employees are doing with their machines – and that could open some forensic doors.

I do still get the impression that we are all sort of in glass houses with ediscovery and having CF knowledge might give us the upper hand in challenging the other side’s processes.

ReplyQuote
Posted : 27/10/2006 4:16 am
az_gcfa
(@az_gcfa)
Active Member

Sounds like you need some cutting edge technology. Maybe you need to checked out Attenex Patterns E-Discovery Software? From reading all the Web info on this product it seems to fill your technical needs. The online information is quite impressive and provides an interesting read!

I could not find any reliable price structures. From the Ads I would probably guess that I could not afford the software box.

Maybe some of the other folks have experience with E-Discovery Software products?

ReplyQuote
Posted : 28/10/2006 12:24 pm
Share: