diff --git a/content/notes/23-digital-forensics.md b/content/notes/23-digital-forensics.md index fd93a4a95..159dd1b8f 100644 --- a/content/notes/23-digital-forensics.md +++ b/content/notes/23-digital-forensics.md @@ -48,4 +48,13 @@ computers everywhere ## computers as a witness - good at storing info, with great reliability. -- have no common sense, no initative. \ No newline at end of file +- have no common sense, no initative. + +## expert witnesses +- ![tips](https://i.imgur.com/6z7FpgU.png) + +# documentation +- want to be able to recr + +# volatility +- how quickly does the data vanish when power if removed. \ No newline at end of file diff --git a/content/notes/comp210-test.md b/content/notes/comp210-test.md index 5b1ddec48..1d41bc3c2 100644 --- a/content/notes/comp210-test.md +++ b/content/notes/comp210-test.md @@ -9,9 +9,14 @@ tags: # 1 # 2 +This is saying that a computer is very good at storing data with great reliability. This makes them a good companion technology for us, as we are often not great at remembering things. We also tend to be biased, susceptable to stereotypes and impresssions, and are easily fooled. However, although computers are great at storing information, they have no "common sense" or initative. The data from a computer needs to be interpreted by a human in order for it to be useful. + +In a court of law, this means that a person has to "tell the story" for the computer. This means the computer data is technically circumstantial evidece - in court you are giving your account of your interpretation of the data. You are not providing direct evidence # 3 +Volatility refers to the time it takes for stored information to "vanish" after power has been removed. Data can be stored on a variety of mediums. These range from small, fast, and volatile to large, slow, but stable. +Triage is the process of analysing hardware to find potentially relevant information. During this process, the most volatile storage mediums should be analysed first, before non-volatile types. This ensures you have the highest chance of capturing the volatile data. # 4 The term is used to indicate the reliability of a system. For example if a spam detector stopped 99.99% of spam emails it would be 5 nines secure.