|
Wednesday, August 6, 2008, 10:15 am - 11:15 am
Speaker:
Stevens Miller, Owner, Data Forensics Labs of Northern Virginia, Inc.
A quick introduction to the capture, analysis, and production as evidence of data recovered from computer hard drives, using Linux and other open-source software. Stevens Miller is an attorney with over 30 years' experience as a computer programmer, who has been qualified in state and federal courts as a computer forensics expert witness. He will explain how to use off-the-shelf tools to provide forensics services aimed at entering evidence and testimony on the record in a judicial proceeding. Techniques demonstrated will include: imaging, verification, "undeleting," keyword searches and data filtration. In addition, some legal issues addressed will include: authentication of evidence, relevant differences between a civil and criminal proceeding, how to qualify as an expert and how to cope with ignorant lawyers.
Note: All methods explained will rely exclusively on Linux applications, but the data to be captured and analyzed will (as it mostly is in actual practice) be from Windows filesystems.
|
