Name
Institution
Find an article where important information was recovered from the recycle bin or the INFO2 folder, summarize the article in your own words, and discuss why an investigator should care about this information. Include the link to the article.
The article by Prather, “Minnesota detectives crack the case with digital forensics” provides how the detectives were able to find two 13-year-old Andover girls that went missing by recovering information from iPods and smartphones of the suspect. With lack of eye witness, the detectives were able to recover digital information from the smartphone and the tablet recycle bins to obtain clues of the suspect was bout. According to the article, personal electronics are currently being used to obtain evidence considering that almost 90 percent of American adults have access to electronics and carry around mostly (Prather, 2014). Digital forensic tools have been developed to enhance information recovery from electronic devices that play a significant role in crime investigation. Two types of data acquisition that could be used by detectives in the case are manual acquisition strategy, which involves detectives going through the regular interface to examine the content on the device. However, where the content has already been deleted, the forensic detectives could apply the logical acquisition strategy, which enables access to deleted data in the recycle bin (Sule, 2014). The investigator should care about the information in the recycle bin as it could help in providing admissible evidence such as call history, emails, and text messages that implies the crime of the suspect or intention. The information could also allow the investigation to proceed at costs proportional to the incident, ensure there is a minimal interruption of operations by investigations, and provide evidence that targets potential crime ensuring that the impact of the evidence offers a positive outcome during the legal action (Albright, 2017). The increased usage and dependence on technology have resulted in the availability of digital footprints that could be used to uncover criminal incidents.
Find an article where important information was recovered from a Linux or a Macintosh partition, summarize the article in your own words, and discuss why an investigator should care about the information.
The toy story 2 article provides how the Pixar was able to recover 90% of the film that had been deleted unknowingly. The company used Linux to recover the missing Toy Story movie work that had been erased in roughly 20 seconds. According to the article, the technical director, Galyn Susman checked the backup history only to notice that the backups for Toy Story 2 had failed for almost a month (Dynamic Business Technologies, 2019). With more than 400 people on the network that had access to the project, it was hard to determine how the large part of the movie went missing. However, the company was able to salvage the part of the movie that had been deleted using the Linux operating system. Linux operating system comes with pre-installed popular forensics application toolkits that enable investors to recover information in hard drives (Azad, 2019). The tool also helps in recovering deleted files from RAM when an intruder6 executes a program and then deletes it from disk to hide its existence. Linux kernel uses a pseudo-file system to track the general state of the system as long as the program remains in running. Since the deleted information is kept in virtual memory, the Linux can be used to access the system memory through the /proc directory (Craiger, n.d). The investigator should care for the information since it would be able to provide the possible person that had conducted the malicious activity that resulted in the top the loss of the information. The investigator can also provide Pixar with possible recommendations that the company could use in the future to avoid loss of data by making sure data is safe and secure through backing up major projects hosted in private data centers.
References
Azad, U. (2019). Kali Linux Forensics Tools. Elite Cafemedia. Retrieved from https://linuxhint.com/kali_linux_forensics_tools/
Albright, D. (2017, August 23). How Do Forensic Analysts Get Deleted Data from Your Phone? MakeUseOf. Retrieved from https://www.makeuseof.com/tag/forensic-analysts-get-deleted-data-phone/
Craiger, P. (n.d). Recovering Digital Evidence from Linux Systems. Retrieved from https://link.springer.com/content/pdf/10.1007%2F0-387-31163-7_19.pdf
Dynamic Business Technologies. (2019). Toy Story 2: How Redundant Data Backup Protects Against Human Error. Retrieved from https://dbtechnologies.com.au/toy-story-2-disaster-recovery-case-study/
Prather, S. (2014, 0October 06). Minnesota detectives crack the case with digital forensics. Star Tribune. Retrieved from http://www.startribune.com/when-teens-went-missing-digital-forensics-cracked-case/278132541/
Sule, D. (2014). Importance of Forensic Readiness. ISACA Journal. Retrieved from https://www.isaca.org/Journal/archives/2014/Volume-1/Pages/JOnline-Importance-of-Forensic-Readiness.aspx