Ethical Hacking Training at InfoSec Institute

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Computer Forensics Computer-Forensics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Tools accepted by the courts

from [Craig, Tobin (OIG)] Network Security [Permanent Link]
Subject: Re: Tools accepted by the courts
Date: Thu, 30 Jun 2005 13:55:30 -0400 
I'm not convinced that public humiliation is the way to go.  The way that 
credibility is maintained in our field is through doing our job with 
thoroughness, accuracy and excellence, both in the laboratory and in the 
courtroom.
Can I suggest that the proliferation of substandard examiners is the result of 
treating computer forensics as an offshoot of information security?  Police 
officers are trained to investigate, but forensic analysis is a much more 
specialized focus, regardless of the evidence examined.  A trained police 
investigator will know for example how to properly secure a firearm for 
forensic examination, but won't necessarily know the full nuances of ballistics 
forensics (striation, headstamp analysis, ballistics chemistry, etc).
I came into this field as a forensic chemist, so it is easier for me to see a 
suspect computer as a crime scene than a information security breach.  When 
seen as a crime scene, then the same evidence handling concepts and forensic 
principles apply as for any form of tangible evidence.  Perhaps it might be 
time for the information security arena to stop regarding computer forensics as 
a subset of IT investigation, and see it instead as a completely separate 
entity.

Just my thoughts,

Tobin
[More with this subject...]


<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Tools accepted by the courts, Keith Morgan
Next by Date:  [Full-disclosure] [Fwd: Returned post for forensics@securityfocus.com], Jason Coombs
Previous by Thread:  Re: Re: Tools accepted by the courts, tobincraig
Next by Thread:  Re: Tools accepted by the courts, Raymond C. Parks
Indexes:  [Date] [Thread] [Top] [All Lists]