Computer Forensics Defined
Computer forensics is the branch of forensic science that examines evidence stored digitally on a hard drive or other data storage medium.
Other People Are Reading
-
History
-
Computer forensics can be traced back to the beginning of the 1990s when computers began to be integrated into our daily existence. DIBS USA was one of the first computer forensics companies to emerge.
Time Frame
-
By the late 1990s law enforcement and major corporations started employing their own computer forensics experts.
-
Function
-
Computer forensics is about the preservation and extraction of data. Data is often found in server logs or on suspects' hard drives. Since every move on a computer leaves a footprint, forensic experts have to find out how to tie that footprint to a case.
Misconceptions
-
Computer forensics doesn't involve a lot of high-level hacking or computer security knowledge since most of the data that investigators would be looking for is in logs. The hardest part is going through each of those logs that can contain thousands of entries per second.
Effects
-
Computer forensic technology has led a lot of criminals toward encryption. Since military-grade encryption is legal for use in the United States many people encrypt their files with algorithms that are impossible for forensic experts to crack.
-
