Computer Law Commons^™

Computer Forensics For Graduate Accountants: A Motivational Curriculum Design Approach, Grover S. Kearns

Journal of Digital Forensics, Security and Law

Computer forensics involves the investigation of digital sources to acquire evidence that can be used in a court of law. It can also be used to identify and respond to threats to hosts and systems. Accountants use computer forensics to investigate computer crime or misuse, theft of trade secrets, theft of or destruction of intellectual property, and fraud. Education of accountants to use forensic tools is a goal of the AICPA (American Institute of Certified Public Accountants). Accounting students, however, may not view information technology as vital to their career paths and need motivation to acquire forensic knowledge and skills. …

Book Review: Digital Forensic Evidence Examination (2nd Ed.), Gary C. Kessler

Journal of Digital Forensics, Security and Law

On the day that I sat down to start to write this review, the following e-mail came across on one of my lists: Person A and Person B write back and forth and create an email thread. Person A then forwards the email to Person C, but changes some wording in the email exchange between A & B. What is the easiest way (and is it even possible) to find out when that earlier email message was altered before sent to Person C? Before you try to answer these questions, read Fred Cohen's Digital Forensic Evidence Examination. His book won't …

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Reeling In Big Phish With A Deep Md5 Net, Brad Wardman, Gary Warner, Heather Mccalley, Sarah Turner, Anthony Skjellum

Journal of Digital Forensics, Security and Law

Phishing continues to grow as phishers discover new exploits and attack vectors for hosting malicious content; the traditional response using takedowns and blacklists does not appear to impede phishers significantly. A handful of law enforcement projects — for example the FBI's Digital PhishNet and the Internet Crime and Complaint Center (ic3.gov) — have demonstrated that they can collect phishing data in substantial volumes, but these collections have not yet resulted in a significant decline in criminal phishing activity. In this paper, a new system is demonstrated for prioritizing investigative resources to help reduce the time and effort expended examining this …

Trust Account Fraud And Effective Information Security Management, Sameera Mubarak

Journal of Digital Forensics, Security and Law

The integrity of lawyers’ trust accounts has come under scrutiny in the last few years. There are strong possibilities of information technology security breaches happening within the firms, either accidental or deliberate. The damage caused by these security breaches could be extreme. For example, a trust account fund in an Australian law firm was misused in a security breach in which Telstra charged A$50,000 for phone usage, mainly for ISD calls to Hong Kong. Our study involved interviewing principals of ten law companies to find out solicitors’ attitudes to computer security and the possibility of breaches of their trust accounts. …

Forensic Analysis Of The Windows 7 Registry, Khawla A. Alghafli, Andrew Jones, Thomas A. Martin

Journal of Digital Forensics, Security and Law

The recovery of digital evidence of crimes from storage media is an increasingly time consuming process as the capacity of the storage media is in a state of constant growth. It is also a difficult and complex task for the forensic investigator to analyse all of the locations in the storage media. These two factors, when combined, may result in a delay in bringing a case to court. The concept of this paper is to start the initial forensic analysis of the storage media in locations that are most likely to contain digital evidence, the Windows Registry. Consequently, the forensic …

Malware Forensics: Discovery Of The Intent Of Deception, Murray Brand, Craig Valli, Andrew Woodward

Journal of Digital Forensics, Security and Law

Malicious software (malware) has a wide variety of analysis avoidance techniques that it can employ to hinder forensic analysis. Although legitimate software can incorporate the same analysis avoidance techniques to provide a measure of protection against reverse engineering and to protect intellectual property, malware invariably makes much greater use of such techniques to make detailed analysis labour intensive and very time consuming. Analysis avoidance techniques are so heavily used by malware that the detection of the use of analysis avoidance techniques could be a very good indicator of the presence of malicious intent. However, there is a tendency for analysis …

The 2009 Analysis Of Information Remaining On Disks Offered For Sale On The Second Hand Market, Andy Jones, Craig Valli, Glenn S. Dardick, Iain Sutherland, G. Dabibi, Gareth Davies

Journal of Digital Forensics, Security and Law

The ever increasing use and reliance upon computers in both the public and private sector has led to enormous numbers of computers being disposed of at the end of their useful life within an organisation. As the cost of computers has dropped, their use in the home has also continued to increase. In most organisations, computers have a relatively short life and are replaced on a regular basis with the result that, if not properly cleansed of data, they are released into the public domain containing data that can be relatively up to date. This problem is exacerbated by the …

Avoiding Sanctions At The E-Discovery Meet-And-Confer In Common Law Countries, Milton Luoma, Vicki Luoma

Journal of Digital Forensics, Security and Law

The rules of civil procedure in common law countries have been amended to better deal with the requirements of electronic discovery. One of the key changes in case management is the scheduling of a meet-and-confer session where the parties to litigation must meet early in the case before any discovery procedures have begun to exchange information regarding the nature, location, formats, and pertinent facts regarding custody and control of a party’s electronically stored information (ESI). Failure to abide by the rules and participate in good faith at the meet-and-confer session can have dire consequences for the parties and lawyers involved. …

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Making The Punishment Fit The (Computer) Crime: Rebooting Notions Of Possession For The Federal Sentencing Of Child Pornography Offenses, Jelani Jefferson Exum

Faculty Publications

(Excerpt)

Sexual exploitation of children is a real and disturbing problem. However, when it comes to the sentencing of child pornography possessors, the U.S. federal system has a problem, as well. This Article adds to the current, heated discussion on what is happening in the sentencing of federal child pornography possession offenses, why nobody is satisfied, and how much the Federal Sentencing Guidelines are to blame. At the heart of this Article are the forgotten players in the discussion—computers and the Internet—and their role in changing the realities of child pornography possession. This Article argues that computers and the Internet …

Towards Voluntary Interoperable Open Access Licenses For The Global Earth Observation System Of Systems (Geoss), Harlan Onsrud, James Campbell, Bastiaan Van Loenen

Harlan J Onsrud

Access to earth observation data has become critically important for the wellbeing of society. A major impediment to achieving widespread sharing of earth observation data is lack of an operational web-wide system that is transparent and consistent in allowing users to legally access and use the earth observations of others without seeking permission from data contributors or investigating terms of usage on a case-by-case basis. This article explores approaches to supplying a license-based system to overcome this impediment in the context of the Global Earth Observation System of Systems. It discusses the benefits and drawbacks of the explored approaches and …

Exploring The Ethicality Of Firing Employees Who Blog, Sean Valentine, Gary Fleischman, Robert Sprague, Lynn Godkin

Robert Sprague

This exploratory study evaluates the ethical considerations related to employees fired for their blogging activities. Specifically, subject evaluations of two employee-related blogging scenarios were investigated with established ethical reasoning and moral intensity scales, and a measure of corporate ethical values was included to assess perceptions of organizational ethics. The first scenario involved an employee who was fired because of innocuous blogging, while the second vignette involved an employee who was fired because of work-related blogging. Survey data were collected from employed college students and working practitioners. The findings indicated that the subjects’ ethical judgments that firing an employee for blogging …

Legal Interoperability In Support Of Spatially Enabling Society, Harlan J. Onsrud

Harlan J Onsrud

Spatial data is critically important for the wellbeing of society. Yet appropriate spatial data is often very difficult to find and, when found, the legal ability to use it is often in question. Lack of an operational web-wide capability allowing users to legally access and use the geospatial data of others without seeking permission on a case-by-case basis remains as an entrenched major impediment to general spatial enablement for all sectors in society. This chapter presents a legal inter-operability vision for offering, acquiring, and using spatial data and proposes an operational environment for gaining much greater legal clarity and efficiency …

Dr. Generative Or: How I Learned To Stop Worrying And Love The Iphone, James Grimmelmann, Paul Ohm

James Grimmelmann

In The Future of the Internet--And How to Stop It, Jonathan Zittrain argues that the Internet has succeeded because it is uniquely "generative": individuals can use it in ways its creators never imagined. This Book Review uses the Apple II and the iPhone--the hero and the villain of the story as Zittrain tells it--to show both the strengths and the weaknesses of his argument. Descriptively and normatively, Zittrain has nailed it. Generativity elegantly combines prior theories into a succinct explanation of the technical characteristics that make the Internet what it is, and the book offers a strong argument that preserving …