Computer Forensics Topics

• Current and Former Projects
• Business Partners
• Holden Web and Open Source
• Contact Holden Web

• Database Readings
• TCP/IP Reading
• Web Security Reading
• Computer Forensics Topics
• Network Vulnerability Assessment
• Securing Wireless Networks
• Student Comments About Steve Holden

• Family and Friends
• About the Company

Welcome to the Computer Forensics page

This page is just a starting-point. There is a huge amount of potential material for this page, so feel happy to let us know what information you think would be helpful for other students of forensics.

US Legal Environment
If you are looking for a good description of best US practices for the acquisition and handling of electronic evidence then the DoJ's advice on Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations is probably the definitive source. This SETEC white paper is an excellent reference as a checklist, though a little short on detail such as the capture of volatile evidence.

Successful Attacks on Disk Encryption
Results announced in February 2008 reveal that present-day systems for disk encryption have some surprising vulnerabilities that are relatively easy to get around. See this blog as a starting point. These techniques clearly have great forensic value, so if you are faced with data recovery from encrypted disks it might be worth a look.

UK Legal Environment
UK students need to understand the requirements of the Regulatory Investigation Powers Act (RIPA) of 2000. This law builds on the Computer Misuse Act 1990 and the Data Protection Act 1998. Reading the legislation directly is not necessarily the best way to understand it unless you are a lawyer, so we would really like to know of a good summary of current legislation. Please send any recommendations and we will incorporate them in this site. There have been a significant number of statutory instruments issued under the act, and one might wish they were better archived. Information about required authorisations was formerly published* by the Home Office. It appears this document has now been withdrawn and is no longer even available from the Internet archive.

Drive Locking Products
Probably the best-known products come from ICS. Their Super DriveLock range has products for laptops and desktops.

* at www.homeoffice.gov.uk/crimpol/crimreduc/regulation/codeofpractice/humanintell/annexa.html

• 
  See it at Amazon.com

• Python Code
• Python Web Programming
• Networking in Python
• Python Training
• Introduction to Python
• .NET: IronPython from the Ground Up

• AES encryption of files in Python with PyCrypto
• New Holden Web Subsidiary to Produce DjangoCon 2010
• Students: Help Python 3 Take Off
• How to extend the user model in Django and enable new fields in ‘newforms-admin’
• jacobian's django-deployment-workshop
• Register for PyCon, or the Kitten Gets It
• New Podcast: A Little Bit of Python