Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Adds Two Digital Forensic Labs

Posted by kdawson on from the put-a-spike-through-it dept.

coondoggie sends us a story from NetworkWorld.com, as is his wont, this one on the FBI opening two new US Regional Computer Forensics Laboratories this week. In these laboratories examiners conduct a growing number of forensic examinations of digital media in support of the investigation and/or prosecution of a federal, state, or local crime. With the addition of the new facilities in Los Angeles and Albuquerque, the FBI will have 16 RCFLs nationwide. And they are needed: "During 2007, RCFL experts conducted 4,634 exams, processing 1,288 terabytes of information. A total of 76,581 digital devices were examined (the most popular media by far — CDs, coming in at 37,424; followed by hard disk drives at 17,378; floppy disks at 11,781; and DVDs at 4,374). The number of CDs, cell phones, and flash media devices examined doubled from the previous year."

2 of 35 comments (clear)

  1. Re:Crazy math by mikael · · Score: 2, Informative

    Do the arithmetic. Assuming that the average size hard disk drive is 60-80 Gigabytes, then the totals add up:

    CD's: 37,424 x 650 Megabytes = 24325600 Megabytes
    HD's: 17,378 x 70 Gigabytes = 1245655040 Megabytes
    Floppy's: 11,781 x * 1.4 Megabytes = 16493.4 Megabytes

    DVD's: 4374 x 4 Gigabytes = 17915904 Megabytes

    Total = 1287913037.4 Megabytes

                = 1287913.0374 Gigabytes

                = 1287.9130374 Terabytes

    --
    Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
  2. Re:How good are these guys? by sirket · · Score: 4, Informative

    They are incompetent- completely and utterly incompetent. They know only what encase or another piece of forensic software tells them. If the disk blocks have been rewritten a couple of times- they're not going to find it. They're not going to break AES unless you've done something stupid and left the key laying around.

    The real bitch of it is- these guys never get challenged properly- especially in child porn cases. (Thank John Walsh- Adam's Law is absurd). They can claim whatever they want and the defense is basically helpless. The defense is not allowed to have their own copy of the drive to do forensic analysis on. They have to do it at the FBI lab with FBI equipment and with FBI goons hanging over their shoulders. If the FBI finds "overwritten" evidence- there is no good way to challenge that. It's your word against theirs.

    Chain of custody? HAH! I've watched these guys leave crime scenes with drives under their arms, I've watched them run programs and click around a system they suspect of containing illegal material. No effort made to prevent trojans or other programs from covering their tracks. No effort made to preserve the state of the system. It's laughable.

    And no- I wasn't a target. I did "forensic" analysis for years and got sick of watching these people make a mockery of my profession. (I put forensic in quotes because there is nothing scientific about these analyses- they are the best guesses of someone who may or may not be even remotely qualified to give an opinion).