Nothing coming out of this person could be trusted.īut hey, that's just me, I could be wrong. Part of the problem is that once it was realized the investigaotr was using pirated tools, all of his investigations can be called into question. I would also go after the original investigator for using pirated software in the first place (professional ethics, etc). If I was working for the defense, that is the argument I would make, in an effort to get the evidence thrown out, barring that, at a minimum, the process has to be done over again using legal tools, and since that would take some time (and I would make them prove they were using legal tools), I would ask for dismissal of the charges based of being denied my right to a speedy trial. Since we don't know what the hackers did to break the copy protection - they could have installed back doors, spyware, etc - so basically, the tool can not be trusted, and therefore, the results of the tool can not be trusted, no matter what the MD5 / SHA1 says. ![]() ![]() So even if the encase aquisition tool is free and available online, the argument would go that the original investigator used the pirated version of 3.22f to duplicate and analyze the image. ![]() While its not overly clear from the descriptions, EnCase version 3.22f is a valid version, but it was also a widely pirated version, showing up on most of the peer-to-peer servers and newsgroups.
0 Comments
Leave a Reply. |