Throughout this course many software packages have been discussed as far as their usefulness and application in a computer forensics environment. I have chosen to write about encryption, as well as anti-spyware software. Specifically I will discuss TrueCrypt and Spybot – Search and Destroy.
TrueCrypt is a freely available disk encryption package. It is also open-source, which allows independent developers to legally change/modify and/or expand upon the software at their discretion, so long as all applicable terms and conditions of the TrueCrypt license are met. TrueCrypt also happens to be multi-platform, so it is not operating-system dependent. It supports Windows, Mac OS X, as well as Linux distributions. TrueCrypt volumes are also platform independent and can be mounted on different operating-systems.
There are several different methods of utilizing TrueCrypt to provide encryption for sensitive files, as well as to provide a layer of privacy. TrueCrypt can be used to encrypt entire hard drives, flash drives, as well as partitions. It can be used to force pre-boot authentication, by encrypting the drive or partition that an operating-system is installed on. The end-user of TrueCrypt can also provide fake boot error messages during the pre-boot authentication phase when the encryption password is incorrectly input.
TrueCrypt also has a semi-portable mode, in which TrueCrypt does not have to be installed in order to be executed. However, this requires administrative privileges in Windows due to driver requirements and has the potential to leave behind tracks in Windows registry. If this is a problem, TrueCrypt also allows the end-user to create hidden operating systems and hidden volumes. These offer the end-user ...
... middle of paper ...
...nd Destroy and TrueCrypt are very effective software packages that are both provided free of charge. Both packages are well designed and perform their assigned tasks very well. However, like all software packages, none are without bugs and quirks, and they cannot be expected to perform properly in all environments. Thus, precautions should always be made before installation of any software packages on any system with the understanding that the end-user is the only one held liable for problems that occur due to software packages performing unexpectedly in ways that may cause damage to the end-users machines.
. TrueCrypt - Free Open-Source On-The-Fly Encryption . TrueCrypt, 14 Feb 2012. Web. 8 Mar 2012. .
. Spybot - Search & Destroy. Safer Networking Ltd., 07 Mar 2012. Web. 8 Mar 2012. .
This type of encryption key administration is to create an extra key for decoding the data and is kept secure in escrow by an authorised 3rd party. We can also call this as a backup key or split-key. This kind of encryption method is been using to recover the data if a user forgot the password.
A. A. IP Cameras Keep Watching. PC World 30.10 (2012): 42. MAS Ultra - School Edition. Web. The Web.
Created by Philip Zimmermann in 1991, this program has been widely used throughout the global computer community to protect the confidentiality and integrity of the users’ data, giving them the privacy of delivering messages and files only to their intended individual or authorized person (Singh, 2012). Not only being useful for individuals as a privacy-ensuring program, it has also been used in many corporations to protect their company’s data from falling into the wrong hands (Rouse, 2005).
On 5 October 2009, computer equipment from a network data closet was stolen from BCBST. The items stolen were 57 unencrypted hard drives which contained over 300,000 video recording and over one million audio recordings. According to Whitman & Mattord (2010), confidentiality, integrity, and availability makes up the C.I.A triangle which is the basis of Committee on National Security model for information security, an industrial standard, (Whitman & Mattord, 2010). Confidentiality can be a synonym for encryption but also means only the people with the correct permission can access the information. One of the major security issue is the hard drives were not encrypted. The hard drives should be encrypted to prevent people from reading the information the computer. Software can be purchased which will encrypt files on hard drive with such as Folder Lock, SensiGuard, Secure IT, and more. There are open source encrypting software which are free for use which could have been used. If the hard drives were not needed, the data should hav...
Encrypt data of virtual system to make sure about confidential information is not exposed if the device is lost or stolen
There is a wide range of Linux forensic software available. There are single tools like file carvers, or there are comprehensive collections of tools. In the following, some of the most popular Linux forensic tools are described. The focus is put on The Sleuth Kit because it is organized according to the different filesystem layers. This provides an interesting insight on how forensics is done on filesystems.
One of the most important aspects of studying a history of a place is why that place came into existence in the first place. The FBI's Regional Computer Forensics Laboratories are perhaps not a terribly well-known entity within the general public, yet they play an essential part in both our justice system, and our everyday lives. So this begs the question, why would a laboratory centered strictly around computers, even more specifically the forensics around computers, come to be in an age where certainly all major government establishments have, and are familiar with, computers and the technology associated within them. These are a few of the questions that will be answered throughout this research paper, along with an analysis of where they are today, and where it appears the future of these labs will take them.
The 20 Enemies of the Internet. 1999. Radio Free Europe / Radio Liberty. Feb 20, 2001. <http://www.rferl.org/nca/special/enemies.html>.
This paper will guide you through the three major steps of using Spybot S&D. They are, getting started with the software, starting the scan, and interpreting the results and removing potential issues. Each step will be described in detail along with the necessary visual aids.
[25] Juanru Li. Dawu Gu. yuhao Lua. (2012). Android Malware Forensics: Reconstruction of Malicious Events: Dept of Computer Science and Engineering, Shanghai Jiao Tong University. [Online] Available: http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6258204
Robert Moore’s Cybercrime: Investigating High-Technology Computer Crime is an informative text that supplies the reader with basic understandable knowledge of increasing cybercrimes and strategies that law enforcement are taking in order to catch cyber criminals. Moore’s work has a total of thirteen chapters that are full of information that help the reader better understand the different cybercrime threats such as, hacking, identity theft, child pornography, and financial fraud. Moore also goes into detail on different law enforcement tactics that help catch cyber criminals such as, the seizing of digital evidence, executing search warrants for digital evidence, computer forensics, and cybercriminology. Moore’s main goal is to help the reader grasp a better understanding of cybercrime that faces the world today. Through reading this book, I can validly say that Moore’s thorough work, perspectives, and examples helped me better understand high-technology computer crime and investigative strategies as well.
Today’s businesses and organizations need privacy. They need to keep their employee’s information, trade secrets, financial records, and many other sensitive documents that cannot be shown to the public. To do this, these organizations use encryption. Encryption is using an irreversible program to turn a file into gibberish. To translate the gibberish back to the original contents of the file, you must use a decryption program and provide a password. This is so the program can decrypt the file correctly. This encryption is what prevents cybercriminals who happen to get a hold of any files from looking at file contents. To the cybercriminal, encrypted files are completely useless unless he can figure out how it was encrypted. In order to decrypt the file, the cybercriminal must first find a series of steps that can decrypt the file over and over again: an algorithm.
Tyson, Jeff, (n. d.), How Encryption Works, How Stuff Works, retrieved March 6, 2014, from http://computer.howstuffworks.com/encryption3.htm
The problem of spyware is only getting worse and there is no sign of it slowing down. In most cases the sign of spyware is not even evident and it allows the spyware to temper with the hardware mechanics of the computer eventually slowing down the computer’s performance. Peop...
The internet offers high speed connectivity between countries, which allows criminals to commit cybercrimes from anywhere in the world. Due to the demand for the internet to be fast, networks are designed for maximum speed, rather than to be secure or track users (“Interpol” par. 1). This lack of security enables hacker...