Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Challenges to Digital Forensic Evidence", Fred Cohen

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Han
    BKCHTDFE.RVW 20080318 Challenges to Digital Forensic Evidence , Fred Cohen, 2008, 1-878109-41-3, U$39.00 %A Fred Cohen %C 572 Leona Dr, Livermore, CA
    Message 1 of 1 , Jun 23, 2008
    • 0 Attachment
      BKCHTDFE.RVW 20080318

      "Challenges to Digital Forensic Evidence", Fred Cohen, 2008,
      1-878109-41-3, U$39.00
      %A Fred Cohen
      %C 572 Leona Dr, Livermore, CA 94550
      %D 2008
      %G 1-878109-41-3
      %I Fred Cohen and Associates
      %O U$39.00 925-454-0171 all.net
      %O http://www.amazon.com/exec/obidos/ASIN/1878109413/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/1878109413/robsladesinte-21
      %O http://www.amazon.ca/exec/obidos/ASIN/1878109413/robsladesin03-20
      %O Audience s+ Tech 2 Writing 2 (see revfaq.htm for explanation)
      %P 122 p.
      %T "Challenges to Digital Forensic Evidence"

      Fred Cohen knows his stuff when it comes to digital forensics, despite
      the fun he has with legalities in the frontmatter of this book. Cohen
      states, in chapter one, he wrote the book because of the mistakes he
      had seen people make when bringing technical materials into a legal
      setting. The work is a sold background for a forensic examiner, and
      covers a number of areas that are missed in most of the current
      literature on this topic. Forensics is more than simply getting bits
      out of a given operating filesystem.

      Chapter two concentrates on the errors or problems that arise in the
      process of collecting evidence. Many computer forensics books list
      the sections that should be included in a written report, but this
      author provides, in chapter three, practical advice on both wording
      and approaches, including such aspects as the reporting of errors in
      previously submitted reports. Chapter four demonstrates difficult
      situations, some covered in prior chapters and some new, based on
      actual cases.

      Chapter five reiterates and emphasizes a point that Cohen raises
      frequently throughout the book: as an expert, you are working within,
      and subject to, an adversarial system and all its attendant
      limitations, but your primary responsibility is to the truth. Being
      honest in your work and statements is the basis for all of your
      testimony. As chapter six points out, it is also the best way to
      avoid being challenged.

      There are many books that talk about forensic tools: this isn't one of
      them. There are a number of works that address specifics of file
      systems and storage devices: this isn't one of them. A few texts even
      address some aspects of the investigative process and management:
      Cohen addresses some of those issues. However, I have not seen any
      other guides that will tell you, clearly and plainly, how to avoid the
      most common failings of technical experts trying to provide evidence
      in a decidedly non-technical legal system.

      copyright Robert M. Slade, 2008 BKCHTDFE.RVW 20080318


      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      `What was it you really put in the sugar?'
      `Cascara,' said Malicia.
      Keith sighed. `How much did you give them?'
      `Lots. But they should be all right if they don't take too much
      of the antidote.'
      `What did you give them for the antidote?'
      `Cascara.'
      `Malicia, you are not a nice person.'
      - `The Amazing Maurice and His Educated Rodents,' Terry Pratchett
      http://victoria.tc.ca/techrev/rms.htm
    Your message has been successfully submitted and would be delivered to recipients shortly.