Forensics Losing Relevance? New Tools Let Even Hobbyists Thwart Experts

from the cat-and-mouse dept

Chris Lindquist writes "Scott Berinato has written an article about how the declining complexity and increased effectiveness of antiforensic tools is making life difficult for data experts looking to snag the bad guys. “Five years ago, you could count on one hand the number of people who could do a lot of these things,” says one investigator. “Now it’s hobby level.” The result of all this antiforensic activity, Berinato concludes, is that someday soon the TJX case could be considered ordinary, a quaint precursor to an age of rampant electronic crime, run by well-organized syndicates and driven by easy-to-use, widely available antiforensic tools." It’s an interesting article, but it seems to overplay the woe-is-me factor for investigators. This is always a back and forth game, where the tools used by scammers and criminals gets more advanced — but so should the tools and tricks (note that it need not all be technology) used by those charged with tracking down the criminals.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Forensics Losing Relevance? New Tools Let Even Hobbyists Thwart Experts”

Subscribe: RSS Leave a comment
Dosquatch says:

Grugg's answer

to why he and others like him develop these tools:

“If I didn’t, someone else would. I am at least pretty clean in that I don’t work for criminals, and I don’t break into computers. So when I create something, it only benefits me to get publicity. I release it, and that should encourage the forensics community to get better. I am thinking, Let’s fix it, because I know that other people will work this out who aren’t as nice as me. Only, it doesn’t work that way. The forensics community is unresponsive for whatever reason. As far as that forensic officer [in London] was concerned, my talk began and ended with the problem.”

Not that he’s wrong – not that I completely disagree – but the question I would have asked in response is, if he is talented enough to understand forensics and the weaknesses thereof and know that these antiforensic tools present a problem, why doesn’t he offer better forensic tools as well?

Overcast says:

Well, the more complicated the plumbing the easier it is to jam up the works…

Years ago many people said the whole idea of computerizing important data, such as financial information, government records, etc. was bad.

Many companies back then said they would NEVER connect certain systems to a world-wide network. But corporate profits got in the way, and they found by just plugging everything into one network, they could save a few bucks.

But anytime you connect computers, you make ‘gateways’, and that’s going to allow someone access at some point, if they are determined to get in.

It’s simple really – if it’s plugged into the Internet, it’s not really secure.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...