I am looking for cases and stories about digital evidence that had been collected but could not be used or authenticated (or at least became open to question) on account of problems like these:
1. Investigator could not vouch for the evidence due to the investigator's death, retirement, refusal to cooperate or termination of employment.
2. Investigator committed some kind of error related to his/her securing of the evidence with a digital hash, key or signature. Example: investigator used a private crypto key to "sign" a digital evidence file, but the private key was compromised either before or after its use and therefore the trustworthiness of the evidence diminished.
Have you seen any cases like this? Are any such cases documented?
The reason I am interested is that I've been experimenting with webcam "signed affidavits" by investigators. http://legal-beagle.typepad.com/wrights_legal_beagle/2011/04/credible.html
Many thanks
--Ben
Benjamin Wright
Attorney
SANS Institute Instructor: Law of Data Security & Investigations
https://profiles.google.com/benwright214/about
Recent Comments