Article: Courts wary of cellphone forensics
Interesting, but I do not see the "wary eyes" in the article.
I am definitely concerned by the statement
…many of the tools that investigators use to extract evidence are not designed to be forensically sound…
How many is many?
To back up the forensically unsound use of tools the author writes
…a phone-syncing tool that was used for at least two years by law enforcement to gather evidence…
But, this implies that all law enforcement, all the time during the period used a simple phone-syncing tool. Is that true?
Of course, it is a good reminder for us to review our products, tools and methodologies are always sound.
I dread the day when an attorney does the "recursive questioning loop", where a judge allows it, possibly toppling thousands of cases… (
For any tools that are not "forensically sound," I would make sure I know what the tool is actually doing to and with the evidence data, document thoroughly, and be able to articulate the entire process in court–in close approximation to layman's terms.
It has troubled me that some tools insert a small applet or code on a device or require that no write-blocker is present for extraction of data , while we are supposed to ensure, in general, that writing to evidence is prevented.