Breaking Forensics Software: Weaknesses In Critical Evidence Collection presented at Blackhat USA 2007

by Chris Ridder,

Tags: Security Forensics

Summary : Across the world law enforcement,
enterprises and national security apparatus utilize a small but
important set of software tools to perform data recovery and
investigations. These tools are expected to perform a large range of
dangerous functions, such as parsing dozens of different file systems,
email databases and dense binary file formats. Although the software we
tested is considered a critical part of the investigatory cycle in the
criminal and civil legal worlds, our testing demonstrated important
security flaws within only minutes of fault injection.