Computer Forensics For Dummies (For Dummies (Computer/Tech)),   ISBN:9780470371916

Customer Rating: 

Being that I work in the tech industry, I know that there's far more on your computer (and other electronic devices) than you think there is. But I haven't ever given any in-depth thought to how one would legally go about discovering and documenting their finds for a court of law. Computer Forensics For Dummies by Linda Volonino and Reynaldo Anzaldua do a perfect job (in my opinion) in introducing the reader to the world of computer forensics, both from the technical side as well as the courtroom perspective. While I wouldn't expect it to be your primary guide for the field, Computer Forensics For Dummies goes a whole lot further than I expected, and I learned a lot.

Contents:
Introduction
Part 1 - Digging Out and Documenting Electronic Evidence: Knowing What Your Digital Devices Create, Capture, and Pack Away - Until Revelation Day; Suiting Up for a Lawsuit or Criminal Investigation; Getting Authorized to Search and Seize; Documenting and Managing the Crime Scene
Part 2 - Preparing to Crack the Case: Minding and Finding the Loopholes; Acquiring and Authenticating E-Evidence; Examining E-Evidence; Extracting Hidden Data
Part 3 - Doing Computer Forensic Investigations: E-Mail and Web Forensics; Data Forensics; Document Forensics; Mobile Forensics; Network Forensics; Investigating X-Files - eXotic Forensics
Part 4 - Succeeding in Court: Holding Up Your End at Pretrial; Winning a Case Before You Go to Court; Standing Your Ground in Court
Part 5 - The Part of Tens: Ten Ways to Get Qualified and Prepped for Success; Ten Tactics of an Excellent Investigator and a Dangerous Expert Witness; Ten Cool Tools for Computer Forensics
Glossary
Index

From the techie side, it's tempting to view computer forensics as all technical, and to figure that if you can find a file, you must have done the job. Not so much... Since most of the forensic work will be legal in nature (or could well end up that way), there are definite rules and processes you HAVE to follow in order to prove to the court's and jury's satisfaction that the data you found was truly there and not manufactured by you or someone else along the way. Volonino and Anzaldua cover those requirements very well, from search warrants and subpoenas to chain of custody documentation and documented actions. Those are the things that far too many techies would ignore on their way towards uncovering data, and in turn it would completely invalidate their efforts. That's why "do it yourself" forensic work is NOT recommended.

But that's not to ignore the vast array of skills and abilities that are needed to successfully find evidence that doesn't appear to exist any more. The authors present a nicely balanced discussion on both the reasons why and how data can be hidden (both intentionally and unintentionally) and how certain tools and techniques can be used to get at that data. In fact, they go into enough detail that you could download a few tools and start digging into your own computer to see practical examples of what you just read about. You might just end up rather concerned that what you thought you deleted isn't as "deleted" as you thought it was.

I think that Computer Forensics For Dummies does exactly what it sets out to do, and it does it very well. By the end of the book, I felt much more informed about how the *whole* field of computer forensics works, and I left with enough knowledge to know where I would need to go to learn more. Now... time to go see what's hiding on my computer that I forgot about... :)

Customer Rating: 

This book explains more how to work with legal issues than actually use computer forensics. There is very little actual "how to" and more "the defense will ask you". If you want to learn computer forensics, this is not the book for you, unless you are a master of uncovering data, but have no idea how show your skill in court.

Customer Rating: 

I am a system engineer who needed a refresher on the topic. The logical segregation of topics makes it very easy to pinpoint the information since this topic is far-reaching and spans the legal, criminal and technical disciplines. I have some experience with CF and this book does a good job of giving you a comprehensive understanding of the subject. It's also an interesting read and keeps your attention. You won't want to put it down for long.

Careers in this area are growing fast. I plan to keep this close as I move into this exciting field of work and will use it as a reference book going forward.

Customer Rating: 

WoW! This is a book that should be read by everyone. Especially corporate heads and some in government. What you discover is that the electronic trails are everywhere and someone in the know can and will retrieve them, if need be. So be careful what you write or do on your computer, there are no secrets!
Good writing, technical enough to keep us geeks in the read, but not so technical that everyone couldn't read it and learn a great deal. This is a book that I found myself going back to for additional information on a subject I believed I understood. It exceeded my expectations in every way.

Customer Rating: 

If you use a computer, you probably know that there is an electronic trail that follows you, and that the trail potentially lasts forever and can cause serious legal problems. This book demystifies how computer forensics is performed, what to do if you are ever in trouble (or trying to help someone who is in trouble), and tools that can help you. Though the topic is potentially complex, the book is an easy, interesting read. Statements like "An IP address is like a phone number for your computer" help make the material understandable. It is clear that the authors have considerable practical experience in the area and understand current best practices, computer technology, and the law. The book is appropriate for a wide variety of people -- those with a casual interest in the topic, in legal troubles related to materials on their PC, and lawyers who either work or want to work in the area.