Question One:
PDAs, iPods, iPhones, iPads, most cell phones, and other data devices are miniature computer systems designed to be highly mobile. Describe how such devices could alter the typical investigative procedures taken to collect information for the purpose of processing a digital crime. Processing digital crime usually follows a pre-determined investigative procedure. This process is referred to as a digital forensic process. The digital forensic process constitutes a three-step procedure involving acquiring the digital evidence, an analysis of the evidence and a comprehensive report on the analyzed evidence. In the past, when a digital crime was thought to have been committed, the first response was to acquire the evidence that involved the computer. In that age, the desktop was the main device used to carry out the crime and, therefore, obtaining the device was easy. The recent past has seen the emergence of highly mobile devices such as PDAs and cell phones. In this era, acquiring evidence from such personal gadgets that are always on the move have made digital forensics a nightmare as crime is being committed across different networks through devices that are difficult to trace.
Question Two:
Discuss the legality of the hacker’s actions as described in the Computerworld article. Explain how investigators may go about collecting evidence if a crime was thought to be committed and provide a detailed explanation of the judicial process that would be followed to determine innocence or guilt.
According to a Computerworld article, A hacker by the screen name ‘Brookbond’ helped applicants into the Harvard business school learn of their fate, if they had been accepted into the school or not. This information was not yet released to the public and was held in confidentiality within the school’s management information system. In such cases, investigators need to acquire the evidence of breaching of the system via the suppliers of the system who informed the school of the breach. The school’s databases would need to be acquired by the investigators and a digital copy of the evidence that fits the 9-hour period obtained. Typically, an analysis by forensic experts would generate a report that is the final step in a computer forensic investigation. A judge making a ruling on such a case would have to rely on a computer technician’s assessment of the evidence. The process of recovery of the data would have to be explained so that the judge can determine whether any laws were violated before using the evidence as a basis to make a judgment.
References
NIJ (National Institute of Justice). (2008). Electronic Crime scene investigation: A guide to first responders, second edition. Retrieved from: http://www.nij.gov/publications/ecrime-guide-219941/Pages/welcome.aspx
Rosencrance, L. (2005). Harvard rejects business-school applicants who hacked site. Computer World. Retrieved from: http://www.computerworld.com/article/2568748/cybercrime-hacking/harvard-rejects-business-school-applicants-who-hacked-site.html
