Computer Law Commons^™

The Virtual Digital Forensics Lab - Expanding Law Enforcement Capabilities, Mark Mccoy, Sean A. Ensz

Annual ADFSL Conference on Digital Forensics, Security and Law

Law enforcement is attempting to respond to the growing and complex need to examine all manner of digital evidence using stand-alone forensic workstations and limited storage solutions. Digital forensic investigators often find their cases stalled by cumbersome and inflexible technology limiting their effectiveness. The Virtual Digital Forensics Lab (VDFL) is a new concept that applies existing enterprise host, storage, and network virtualization technologies to current forensic investigative methods. This paper details the concept of the VDFL, the technology solutions it employs, and the flexibility it provides for digital forensic investigators.

Keywords: Virtual Digital Forensics, digital forensic investigations, law enforcement, virtual …

Digital Forensic Certification Versus Forensic Science Certification, Nena Lim

Annual ADFSL Conference on Digital Forensics, Security and Law

Companies often rely on certifications to select appropriate individuals in disciplines such as accounting and engineering. The general public also tends to have confidence in a professional who has some kinds of certification because certification implies a standard of excellence and that the individual has expert knowledge in a specific discipline. An interesting question to the digital forensic community is: How is a digital forensic certification compared to a forensic science certification? The objective of this paper is to compare the requirements of a digital forensic certification to those of a forensic science certification. Results of the comparison shed lights …

Vol. Ix, Tab 41 - Ex 23 - Email From John Ramsey (Rosetta Stone Corporate Counsel), John Ramsey

Rosetta Stone v. Google (Joint Appendix)

Exhibits from the un-sealed joint appendix for Rosetta Stone Ltd., v. Google Inc., No. 10-2007, on appeal to the 4th Circuit. Issue presented: Under the Lanham Act, does the use of trademarked terms in keyword advertising result in infringement when there is evidence of actual confusion?

Vol. Ix, Tab 46 - Ex. 31 - Email From John Ramsey (Rosetta Corporate Counsel), John Ramsey

Rosetta Stone v. Google (Joint Appendix)

Exhibits from the un-sealed joint appendix for Rosetta Stone Ltd., v. Google Inc., No. 10-2007, on appeal to the 4th Circuit. Issue presented: Under the Lanham Act, does the use of trademarked terms in keyword advertising result in infringement when there is evidence of actual confusion?

Masthead

Journal of Digital Forensics, Security and Law

No abstract provided.

Front Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

Back Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

Vol. Vii, Tab 38 - Ex. 62 - Hagan Deposition (Former Google Managing Counsel - Trademarks, Jewelry Maker), Rose Hagan

Rosetta Stone v. Google (Joint Appendix)

Exhibits from the un-sealed joint appendix for Rosetta Stone Ltd., v. Google Inc., No. 10-2007, on appeal to the 4th Circuit. Issue presented: Under the Lanham Act, does the use of trademarked terms in keyword advertising result in infringement when there is evidence of actual confusion?

Vol. Vii, Tab 38 - Ex. 64 - Holden Deposition (Google Pm Director), Richard T. Holden

Rosetta Stone v. Google (Joint Appendix)

Exhibits from the un-sealed joint appendix for Rosetta Stone Ltd., v. Google Inc., No. 10-2007, on appeal to the 4th Circuit. Issue presented: Under the Lanham Act, does the use of trademarked terms in keyword advertising result in infringement when there is evidence of actual confusion?

Vol. Ix, Tab 46 - Ex. 18 - Email From Gina Reinhold (Adwords Associate), Gina Reinhold

Rosetta Stone v. Google (Joint Appendix)

Exhibits from the un-sealed joint appendix for Rosetta Stone Ltd., v. Google Inc., No. 10-2007, on appeal to the 4th Circuit. Issue presented: Under the Lanham Act, does the use of trademarked terms in keyword advertising result in infringement when there is evidence of actual confusion?

Zappers: Tax Fraud, Technology And Terrorist Funding, Richard Thompson Ainsworth

Faculty Scholarship

"Zappers," or automated sales suppression devices, have brought unheard of efficiencies and economies of scale to a very simple tax fraud - skimming cash sales at point of sale (POS) terminals (electronic cash registers). Until recently the largest tax fraud case in Connecticut, also the "largest computer driven tax-evasion case in the nation," was a zapper case. Stew Leonard's Dairy in Norwalk Connecticut skimmed $17 million in receipts and hid the cash in St. Martin (a Caribbean island). Talal Chahine and his wife, Elfat El Aouar, owners of the La Shish restaurant chain in Detroit Michigan have the dubious honor …

Two-Factor Fair Use?, Joseph Liu

Joseph P. Liu

Vol. Vi, Tab 38 - Ex. 36 - Email From Michael Wu, Michael Wu

Rosetta Stone v. Google (Joint Appendix)

Exhibits from the un-sealed joint appendix for Rosetta Stone Ltd., v. Google Inc., No. 10-2007, on appeal to the 4th Circuit. Issue presented: Under the Lanham Act, does the use of trademarked terms in keyword advertising result in infringement when there is evidence of actual confusion?

The General Public License Version 3.0: Making Or Breaking The Foss Movement, Clark D. Asay

Michigan Telecommunications & Technology Law Review

Free and open source software (FOSS) is a big deal. FOSS has become an undeniably important element for businesses and the global economy in general, as companies increasingly use it internally and attempt to monetize it. Governments have even gotten into the act, as a recent study notes that FOSS plays a critical role in the US Department of Defense's systems. Others have pushed for the adoption of FOSS to help third-world countries develop. Given many of its technological and developmental advantages, FOSS's use, adoption, and development are only projected to grow.[...] The FSF created the most popular version of …

The 2007 Analysis Of Information Remaining On Disks Offered For Sale On The Second Hand Market, Andy Jones, Craig Valli, Glenn S. Dardick, Iain Sutherland

Journal of Digital Forensics, Security and Law

All organisations, whether in the public or private sector, increasingly use computers and other devices that contain computer hard disks for the storage and processing of information relating to their business, their employees or their customers. Individual home users also increasingly use computers and other devices containing computer hard disks for the storage and processing of information relating to their private, personal affairs. It continues to be clear that the majority of organisations and individual home users still remain ignorant or misinformed of the volume and type of information that is stored on the hard disks that these devices contain …

Steganography: Forensic, Security, And Legal Issues, Merrill Warkentin, Ernst Bekkering, Mark B. Schmidt

Journal of Digital Forensics, Security and Law

Steganography has long been regarded as a tool used for illicit and destructive purposes such as crime and warfare. Currently, digital tools are widely available to ordinary computer users also. Steganography software allows both illicit and legitimate users to hide messages so that they will not be detected in transit. This article provides a brief history of steganography, discusses the current status in the computer age, and relates this to forensic, security, and legal issues. The paper concludes with recommendations for digital forensics investigators, IT staff, individual users, and other stakeholders.

Book Review: Challenges To Digital Forensic Evidence, Gary C. Kessler

Journal of Digital Forensics, Security and Law

This issue presents the fifth Book Review column for the JDFSL. It is an experiment to broaden the services that the journal provides to readers, so we are anxious to get your reaction. Is the column useful and interesting? Should we include more than one review per issue? Should we also review products? Do you have suggested books/products for review and/or do you want to write a review? All of this type of feedback -- and more -- is appreciated. Please feel free to send comments to Gary Kessler (gary.kessler@champlain.edu) or Glenn S. Dardick (gdardick@dardick.net).

Developing A Process Model For The Forensic Extraction Of Information From Desktop Search, Timothy Pavlic, Jill Slay, Benjamin Turnbull

Journal of Digital Forensics, Security and Law

Desktop search applications can contain cached copies of files that were deleted from the file system. Forensic investigators see this as a potential source of evidence, as documents deleted by suspects may still exist in the cache. Whilst there have been attempts at recovering data collected by desktop search applications, there is no methodology governing the process, nor discussion on the most appropriate means to do so. This article seeks to address this issue by developing a process model that can be applied when developing an information extraction application for desktop search applications, discussing preferred methods and the limitations of …

The Forensics Aspects Of Event Data Recorders, Jeremy S. Daily, Nathan Singleton, Elizabeth Downing, Gavin W. Manes

Journal of Digital Forensics, Security and Law

The proper generation and preservation of digital data from Event Data Recorders (EDRs) can provide invaluable evidence to automobile crash reconstruction investigations. However, data collected from the EDR can be difficult to use and authenticate, complicating the presentation of such information as evidence in legal proceedings. Indeed, current techniques for removing and preserving such data do not meet the court’s standards for electronic evidence. Experimentation with an EDR unit from a 2001 GMC Sierra pickup truck highlighted particular issues with repeatability of results. Fortunately, advances in the digital forensics field and memory technology can be applied to EDR analysis in …

Data Mining Techniques In Fraud Detection, Rekha Bhowmik

Journal of Digital Forensics, Security and Law

The paper presents application of data mining techniques to fraud analysis. We present some classification and prediction data mining techniques which we consider important to handle fraud detection. There exist a number of data mining algorithms and we present statistics-based algorithm, decision treebased algorithm and rule-based algorithm. We present Bayesian classification model to detect fraud in automobile insurance. Naïve Bayesian visualization is selected to analyze and interpret the classifier predictions. We illustrate how ROC curves can be deployed for model assessment in order to provide a more intuitive analysis of the models.

To License Or Not To License: An Examination Of State Statutes Regarding Private Investigators And Digital Examiners, Thomas Lonardo, Doug White, Alan Rea

Journal of Digital Forensics, Security and Law

In this paper the authors examine statutes that regulate, license, and enforce investigative functions in each US state. After identification and review of Private Investigator licensing requirements, the authors find that very few state statutes explicitly differentiate between Private Investigators and Digital Examiners. After contacting all state agencies the authors present a distinct grouping organizing state approaches to professional Digital Examiner licensing. The authors conclude that states must differentiate between Private Investigator and Digital Examiner licensing requirements and oversight.

An Evaluation Of Windows-Based Computer Forensics Application Software Running On A Macintosh, Gregory H. Carlton

Journal of Digital Forensics, Security and Law

The two most common computer forensics applications perform exclusively on Microsoft Windows Operating Systems, yet contemporary computer forensics examinations frequently encounter one or more of the three most common operating system environments, namely Windows, OS-X, or some form of UNIX or Linux. Additionally, government and private computer forensics laboratories frequently encounter budget constraints that limit their access to computer hardware. Currently, Macintosh computer systems are marketed with the ability to accommodate these three common operating system environments, including Windows XP in native and virtual environments. We performed a series of experiments to measure the functionality and performance of the two …

Book Review: Guide To Computer Forensics And Investigations (3rd Ed.), Keyu Jiang, Ruifeng Xuan

Journal of Digital Forensics, Security and Law

No abstract provided.

Remote Forensics May Bring The Next Sea Change In E-Discovery: Are All Networked Computers Now Readily Accessible Under The Revised Federal Rules Of Civil Procedure?, Joseph J. Schwerha, Scott Inch

Journal of Digital Forensics, Security and Law

The recent amendments to Rule 26 of the Federal Rules of Civil Procedure created a two-tiered approach to discovery of electronically stored information (“ESI”). Responding parties must produce ESI that is relevant, not subject to privilege, and reasonably accessible. However, because some methods of storing ESI, such as on magnetic backup tapes and within enormous databases, require substantial cost to access and search their contents, the rules permit parties to designate those repositories as “not reasonably accessible” because of undue burden or cost. But even despite the difficulty in searching for ESI, the party’s duty to preserve potentially responsive evidence …

Trends In Virtualized User Environments, Diane Barrett

Journal of Digital Forensics, Security and Law

Virtualized environments can make forensics investigation more difficult. Technological advances in virtualization tools essentially make removable media a PC that can be carried around in a pocket or around a neck. Running operating systems and applications this way leaves very little trace on the host system. This paper will explore all the newest methods for virtualized environments and the implications they have on the world of forensics. It will begin by describing and differentiating between software and hardware virtualization. It will then move on to explain the various methods used for server and desktop virtualization. Next, it will explain how …

Extraction And Categorisation Of User Activity From Windows Restore Points, Damir Kahvedžić, Tahar Kechadi

Journal of Digital Forensics, Security and Law

The extraction of the user activity is one of the main goals in the analysis of digital evidence. In this paper we present a methodology for extracting this activity by comparing multiple Restore Points found in the Windows XP operating system. The registry copies represent a snapshot of the state of the system at a certain point in time. Differences between them can reveal user activity from one instant to another. The algorithms for comparing the hives and interpreting the results are of high complexity. We develop an approach that takes into account the nature of the investigation and the …

Data Recovery From Palmmsgv001, Satheesaan Pasupatheeswaran

Journal of Digital Forensics, Security and Law

Both SMS and MMS data analysis is an important factor in mobile forensic analysis. Author did not find any mobile forensic tool that is capable of extracting short messages (SMS) and multimedia messages (MMS) from Palm Treo 750. SMS file of Palm Treo 750 is called PalmMgeV001 and it is a proprietary file system. A research work done to find a method to recover SMS data from PalmMsgV001 file. This paper is going to describe the research work and its findings. This paper also discusses a methodology that will help recover SMS data from PalmMsgV001. The PalmMsgV001 file is analysed …

Data Security Measures In The It Service Industry: A Balance Between Knowledge & Action, N. Mlitwa, Y. Kachala

Journal of Digital Forensics, Security and Law

That “knowledge is power” is fast becoming a cliché within the intelligentsia. Such power however, depends largely on how knowledge itself is exchanged and used, which says a lot about the tools of its transmission, exchange, and storage. Information and communication technology (ICT) plays a significant role in this respect. As a networked tool, it enables efficient exchanges of video, audio and text data beyond geographical and time constraints. Since this data is exchanged over the worldwide web (www), it can be accessible by anyone in the world using the internet. The risk of unauthorised access, interception, modification, or even …

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.