Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Law Enforcement Foresics Tools

From: "Mason, Samuel" <SMason () mt gov>
Date: Tue, 5 Feb 2008 11:28:33 -0700
No disrespect intended (and I'm not trying to start an argument) but I think it's important to state that court systems 
do not approve or disapprove forensic tools. Therefore a freeware tool should be, from a court perspective, just as 
good as a purchased tool. What I've heard from experts (having never tried a case in court myself) is that evidence 
without a chain of custody, timelines, and other sound forensic practices is just as likely to be shot down from EnCase 
as any other tool.

Again, not saying you had proposed this per se in your message but I thought I'd pass along that chestnut of wisdom 
from pros.

Samuel Mason CISSP, GCFA

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of David Gillett
Sent: Wednesday, January 30, 2008 9:54 AM
To: 'Michael Condon'; security-basics () securityfocus com
Subject: RE: Law Enforcement Foresics Tools

  As I understand it, EnCase has sold well in that market, and evidence
collected by an EnCase-certified investigator using this tool is unlikely
to be challenged *on technical grounds* in court.

Dave Gillett


-----Original Message-----
From: listbounce () securityfocus com
[mailto:listbounce () securityfocus com] On Behalf Of Michael Condon
Sent: Tuesday, January 29, 2008 8:51 PM
To: security-basics () securityfocus com
Subject: Law Enforcement Foresics Tools


What are the primary Forensics Tools used by local, state,
federal  Law Enforcement?
Michael Condon
Previous By Date Next
Previous By Thread Next

Current thread: