The Fields Data Recovery: Forensics Analysis

The description of the company

I would like to start a company that would specialize in such branches of computer forensics as data recovery and prevention of data loss. I have chosen this specific activity because these services may be required by both governmental and private organizations. On the whole, data loss is one of those problems faced by many customers, and many of them may ask for our assistance. Data recovery is essential for business continuity, and those enterprises which suffered from this problem spare no costs in order to restore valuable information. The company, which I intend to start, will help clients to restore information that has been damaged, erased, corrupted or made inaccessible in any way. We will work with various data storage media such as hard-disk drives, digital versatile disks, compact disks, flashcards, and even floppy disks. We will do both hardware recovery and non-hardware recovery. At this point, I can refer to Fields Data Recovery that is a good example of the firm that I would like to open or supervise.

The type of work it does

This company has worked in this field for eighteen years; they recover data from a large variety of storage media, for example, desktop and laptop hard drives, CDs DVDs, backup tapes, MP3 players, NAS, SAN and so forth (Fields Data Recovery, 2010 unpaged). The offices of this firm are located across the United States and in different regions of the world, in particular in France, Middle East (Dubai) and the United Kingdome (Fields Data Recovery, 2010 unpaged). They address the needs of various customers: 1) governmental and federal agencies; 2) private businesses; 3) healthcare organizations and 5) financial institutions. Furthermore, it should be mentioned that the employees of this data recovery company are very knowledgeable about storage media, produced by various manufactures such IBM, Hewlett-Packard, Cisco, Seagate and so forth (Fields Data Recovery, 2010 unpaged). In fact, these corporations are the key clients of Fields Data Recovery, and the management of this company has established long-term partnerships with them. Fields Data Recovery Guarantees complete confidentially of the inside information such as IP addresses, telephone numbers, or emails. Thus, this is the type of company which I would like to run. The major success factors for this type of organization are speed, efficiency, and confidentiality.

Equipment required for the lab

At this point it is necessary to determine what kind of technologies will be required for these processes. In this context, the word technologies means both equipment and software. In the majority of cases, data recovery companies do not provide information about those technologies which they use, and Fields Data Recovery is not an exception from this rule. The main reason for such secrecy is that they do not want to lose competitive advantage over other firms. Therefore, one can only deduce what kind of tools they apply.

If we are speaking about recovery equipment, we need to mention EnCase and FTK that are suitable for such operation systems as Windows (Casey, 2004, p 264). In turn, Unix-based recovery is based on the use of such tools as the Sleuth Kit and SMART (Casey, 2004, p 264). They are equally suitable for both recovery and analysis of the information. As a rule such toolkits are called hardware-soft-ware complexes. The equipment also includes portable disk imaging devices, allowing to create a single file that contains the entire contents of hard-disk drive or any other storage medium (Casey, 2004).If the hard disk drive has been physically damaged, the technicians must use such devices as magnetometers and soldering irons in order to retrieve files that no longer be restored only by means of software solutions. This is the equipment that they should always have close at hand.

However, one should bear in mind that data recovering companies should also procure different spare parts of a storage medium. Very often, they have to remove hard-disc platters or read-and-write head. So, these organizations must have a regular supply of these component parts to be able to do hardware recovery as quickly as possible. This is one of the reasons why they need to establish continuous relations with the leading manufacturers of storage media such as IBM, Seagate or Transcend. Moreover, they need to know which of these products is more prone to physical or logical failure. This case illustrates the idea that in order to estimate the technological needs of a data recovery company, one has to possess information about the mainstream IT manufacturers and their quality standards. Fields Data Recovery keeps track of the quality standards, set in various companies. This information is partially disclosed at their official website (Fields Data Recovery, 2010).

Software solutions

As far as software solutions are concerned, we can list a large number of programs that may be of great use to companies like Fields Data Recovery. They are as follows: 1) undelete tools; 2) recycle bin replacements; 2) CD rollers, 3) image recall tools (Cross & Shindler, 2008). The employees of such firms use bootable software which is particularly beneficial when the operating system has failed, for instance, boot disks or live USB (Cross & Shindler, 2008, p 314). They also need to apply different consistency checkers that are compatible with different operating systems like Windows, Unix, or Mac OS. Data recovery companies must also possess a large variety of file recovery and repair programs. The functioning of data recovery companies is also impossible without usage of file carving software that enables reassembling the damaged files from separate fragments (Casey, 2004, p 306). Thus, it is possible to argue that the founders or supervisors of a data recovery company need to purchase a great number of software solutions if they want to address their customers problems as soon as possible.

One should bear in mind that the development of web-based technologies has provided data recovery companies to operate online. In such scenario, the technician does not actually to gain physical access to the hard-disk drive (Cross & Shindler, 2008). While discussing software solutions, I should say that Fields Data Recovery only restores the damaged information and it seems to me that such company may also provide services for the prevention of data loss. For example, they can install DLP networks, host-based DLP systems, battery backups, and journaling file systems. This type of software may also be required for such firms.

This discussion shows that a data recovery company can provide a great variety of services to a large number of customers, with whom they may establish long-term relations. Nonetheless, in order to open such a business one has to carefully analyze technological needs of such organizations.

Reference List

Casey E. (2004). Digital evidence and computer crime: forensic science, computers and the Internet. NY: Academic Press.

Cross M. & Shindler D. (2008) Scene of the Cybercrime. London Syngress.Fields Data Recovery. (2010). The Official Website. Web.

The Encryption Forensics Trail Assessment

If someone uses the PKI infrastructure to send secure emails, what type of forensic evidence will be left behind?

If someone uses the Public Key Encryption (PKI) infrastructure, professionals can obtain only digital evidence that reveals encrypted traffic and the public key used by two parties involved in the communication of some data (Tubewar, 2010). However, the private key that allows to find out what information was transferred will not be obtained as it is usually never sent from one person to another and remains hidden (Itfreetraining, 2013a). Still, this information is critical for the professionals as it is the only thing that allows them to find out what was written.

If someone accepts or associates a certificate to view a website in a browser, what type of forensic evidence will you find?

If someone accepts or associates a certificate to view a website in a browser, forensic investigators get a chance to gather a lot of helpful information. In this way, it will be possible to find out which authority issued it. Moreover, there is an opportunity to get to know who owns this certificate. As a result, the professional can define when it was used and if it was used by the same person to whom the certificate was issued. An expiry date can be found as well as the private code utilized by the user and digital signature (Itfreetraining, 2013b).

Can a subject of an investigation be compelled to provide a password for an encrypted file?

A subject of an investigation may not be compelled but asked by a professional to provide a password for an encrypted file. Of course, peoples private information is protected by The Fifth Amendment; however, the investigator can ask one to provide not only the passwords but also the keys during the interview. As no key disclosure laws exist in the USA, this information cannot be demanded. As a result, a subject has an opportunity to forget to give this data. The court has a right to repeat the request and sometimes even to order one to provide the keys, insisting on incarceration in case of reluctance to obey. Still, such a situation does not appeal to the court, and the forces are often put at cracking the code after hearing (Wolfe, 2003).

How can a subject of an investigation avoid providing a password?

As it was mentioned previously, the subject of the investigation is not obliged to provide a passport if one is not willing to. When having an interview, one rarely refuses to give the information directly; this person can alter the topic of the conversation when being asked about the password and then just do not refer to this question again. It would look as if the subject just forgot that he was asked to reveal this data. The suspect can just say that he/she does not remember the keys at all. One is also able to keep silent and hide information (Wolfe, 2003).

What are six alternatives (identified in the Wolfe paper) for obtaining a password without a subjects cooperation?

In his paper, Wolfe (2003) states that the information can be obtained without the subjects cooperation. He claims that forensic investigators can crack the code if it is weak enough. They have an opportunity to use a dictionary search for the potential key, as a suspect system is very likely to include this information. It can also be advantageous if professionals gather all available information about the subject. Rather often, people use things familiar to them when they need to create a password not to forget them. In this way, search for a badge number can be a good alternative. As legislation differs in various locations, forensic investigators can target encryption software from where it is totally legal. Finally, products backdoor-access can be used to save the situation.

What technique was used by the child pornographer discussed in the Wolfe article to finally obtain his password?

In the case discussed in Wolfes (2003) article, professionals considered that they could crack the code, but then this decision was altered. As a result, they successfully utilized the third alternative method and found out the password when gathering the information about the suspect (the badge number).

STARR, DIRT, and Magic Lantern offer a disturbingly intrusive surveillance capability. Explain what that is, and offer an opinion on whether or not you think somebody from another country might be using a similar capability against you?

Various software programs and hardware tools provide an opportunity for disturbingly intrusive surveillance capability, which means that they allow to enable the capture of passwords and/or encryption keys (Wolfe, 2003, p. 390). They can be used to track ones actions and control them by logging keystrokes, for example, and gathering received data. Personally, I believe that people from other countries are not likely to use a similar capability against me, as such tools often require warrants and authorizations. Being discovered, this investigator may face legal issues, as the laws of both countries can be considered.

What is the purpose of KeyKatch and KeyGhost, and under what circumstances would they be used?

KeyKatch and KeyGhost are tools that can be used for surveillance. They are hardware-based programs that provide an opportunity to log keystrokes. They are often used to receive passwords. Investigators can substitute the suspects keyboard with the one that has KeyKatch or KeyGhost to get the keys when they are typed. These tools can even be used in organizations during security assessment (Simpson, Backman, & Corley, 2013).

How is a smart card (CAC Card) used in the PKI?

The Common Access Card (CAC) card is used for security purposes. Its usage proves that the individual has a card and knows the PIN. As a result, the process of authentication is maintained rather fast. The card requires up to three PKI certificates. Generally, the one needed for identification is used. Sill, depending on the tasks, signature, and encryption ones can be needed (Technology Assistance Center, 2007).

References

Itfreetraining. (2013a). . Web.

Itfreetraining. (2013b). . Web.

Tubewar. (2010). . Web.

Simpson, M., Backman, K., & Corley, J. (2013). Hands-on ethical hacking and network defense. Boston, MA: Cengage Learning.

Technology Assistance Center. (2007). CAC/PKI users guide. Web.

Wolfe, H. (2003). Encountering encryption. Computers & Security, 22(6), 388-391.

Tech: Database Forensics

Abstract

Data processing involves several activities designed to transform the raw data into a more sophisticated and usable design. Among the activities involved in the process of data processing is data storage. In the process of data storage, there are many places where some part of data can be stored. While these data are stored, there are instances when the data become manipulated or tampered with, and in the process lose the actual meaning of its storage.

Introduction

Database forensic is a specialty equivalent to computer forensic. Like computer forensics, the discipline pursues the typical forensic procedures and makes use of the exploratory practices to the database. In our todays society, information has so far been claimed as one of the very essential commodities and there are endless questions on what the society without information would look like. The majority of this information is composed and processed in a database. This piece of writing will have an in-depth analysis of database forensics, its obligation in database analysis, and other major results associated with it.

Forensic outcome and result

According to Lucy (2005), almost every single institution is in one way or another connected with data that may involve clients or patient information. Lucy further remarks that these data are usually entrusted to various relevant data protection for safekeeping. The outcome and information obtained from database forensic can be used for several reasons according to Brinkmann & Carracedo (2003).

Brinkmann & Carracedo (2003) observes that one argument in which the outcome of database forensic can be of greater importance to a company is the fact that a company can be able to determine whether the integrity of the companys data has been compromised, or whether one way or another has violated the users privacy. Lucy notes the two reasons are the core of any successful company. This is because the end users information usually forms the pillar on which the success of any company is built. By carrying out this analysis, the company will be conveying the message that it ought to verify if its database has been tampered with.

Butler (2009) observes that the outcome of database forensic will equally go a long way into developing a valid file system inclined to the database forensic. Butler easily recognizes that developing modern files, which are not, common with database forensic has made the whole exercise very difficult to analyze as most of the database forensic tools used, do not support them. Mozayani (2010) in a similar response echoes the same sentiments as Lucy and points out that by embracing database forensics, the company will also be able to comprehend and analyze any instance of attack that may have been orchestrated toward its database.

These results will therefore to a great point equip the company with expertise on the susceptibility exploited, therefore, in the process raise the issue of escalating deterrent countermeasures. Mozayani (2010) in addition, views that to analyze data it is pressing to know and understand in-depth how the database is structured. The author remarks that this will simplify the work of analyzing the data and therefore, take less time on the work of the forensic team.

A forensic analysis of the database may center on recognizing operation within a database system or benefit that point out verification of wrongdoing, for instances occurrence of fraud (Graham 2010). In this way, Graham observes that, if the practice is carried out expertly, it will lead to light several fraud cases within a company and in the system either avert the potential occurrence of such case in point or make available the extent of damage caused by such deception.

Shoester (2006) points out that some programs can be used to exercise and analyze data. The software as well makes available audit classification expertise that present acknowledged substantiation of what role or analysis a forensic analyst carried out on the database. According to Shenoi & Peterson (2009), the use of these programs to verify the extent of analysis carried out on the database by a forensic expert performance as a means of validating that database forensic was carried out.

Saitoh & Franke (2009) notes that most of the software and forensic tools used nowadays are not very reliable and precise enough to be used in forensic work. These authors attribute this fact to too little effort shown in researching the topic an issue that has left very few books on the topic being published. Similarly, Saitoh & Franke (2009) insist on the need for more delve into the topic of forensic and mostly that of data.

Conclusion

Database forensic has been reflected from the above article as an exercise that is still in development. From the way, the exercise is carried out on the database to identify instances of tampering with them, to the use of database outcome and results in making important decisions about the safety of the companys database the exercise is such a significant one. From the above information, one cannot fail to observe the relationship between database forensic and the development of technology. It is in the hypothesis that one realizes there is still much to be done if forensic is to be useful and generally at the rate at which technology is advancing.

Reference list

Brinkmann, B & Carracedo, A (2003) Progress in forensic genetics 9.

Butler, J (2009) Fundamentals of Forensic DNA Academic Press: Washington.

Graham, I (2010) Forensic Technology, Evans Brothers publishers: London.

Lucy, D (2005) Introduction to statistics for forensic scientists, John Wiley and Sons: New York.

Mozayani, A (2010) the Forensic Laboratory Handbook Procedures and Practice, Springer: New York.

Proceedings from the 19th International ISFG Congress held in Munster, Germany. 2001, Elsevier Health Sciences publishers: New York.

Sako, H, Franke, K & Saitoh, S (2011) Computational Forensics: 4th International Workshop, IWCF 2010 Tokyo, Japan 2010, Springer: New York.

Shenoi, S & Peterson, G (2009) Advances in Digital Forensics V: Fifth IFIP WG 11.9 International Conferences on Digital Forensics, Orlando, Florida, USA, 2009, Springer Publishers: New York.

Shoester, M (2006) Forensics in Law Enforcement, Nova publishers: Durban.

The Fields Data Recovery: Forensics Analysis

The description of the company

I would like to start a company that would specialize in such branches of computer forensics as data recovery and prevention of data loss. I have chosen this specific activity because these services may be required by both governmental and private organizations. On the whole, data loss is one of those problems faced by many customers, and many of them may ask for our assistance. Data recovery is essential for business continuity, and those enterprises which suffered from this problem spare no costs in order to restore valuable information. The company, which I intend to start, will help clients to restore information that has been damaged, erased, corrupted or made inaccessible in any way. We will work with various data storage media such as hard-disk drives, digital versatile disks, compact disks, flashcards, and even floppy disks. We will do both hardware recovery and non-hardware recovery. At this point, I can refer to Fields Data Recovery that is a good example of the firm that I would like to open or supervise.

The type of work it does

This company has worked in this field for eighteen years; they recover data from a large variety of storage media, for example, desktop and laptop hard drives, CDs DVDs, backup tapes, MP3 players, NAS, SAN and so forth (Fields Data Recovery, 2010 unpaged). The offices of this firm are located across the United States and in different regions of the world, in particular in France, Middle East (Dubai) and the United Kingdome (Fields Data Recovery, 2010 unpaged). They address the needs of various customers: 1) governmental and federal agencies; 2) private businesses; 3) healthcare organizations and 5) financial institutions. Furthermore, it should be mentioned that the employees of this data recovery company are very knowledgeable about storage media, produced by various manufactures such IBM, Hewlett-Packard, Cisco, Seagate and so forth (Fields Data Recovery, 2010 unpaged). In fact, these corporations are the key clients of Fields Data Recovery, and the management of this company has established long-term partnerships with them. Fields Data Recovery Guarantees complete confidentially of the inside information such as IP addresses, telephone numbers, or emails. Thus, this is the type of company which I would like to run. The major success factors for this type of organization are speed, efficiency, and confidentiality.

Equipment required for the lab

At this point it is necessary to determine what kind of technologies will be required for these processes. In this context, the word technologies means both equipment and software. In the majority of cases, data recovery companies do not provide information about those technologies which they use, and Fields Data Recovery is not an exception from this rule. The main reason for such secrecy is that they do not want to lose competitive advantage over other firms. Therefore, one can only deduce what kind of tools they apply.

If we are speaking about recovery equipment, we need to mention EnCase and FTK that are suitable for such operation systems as Windows (Casey, 2004, p 264). In turn, Unix-based recovery is based on the use of such tools as the Sleuth Kit and SMART (Casey, 2004, p 264). They are equally suitable for both recovery and analysis of the information. As a rule such toolkits are called hardware-soft-ware complexes. The equipment also includes portable disk imaging devices, allowing to create a single file that contains the entire contents of hard-disk drive or any other storage medium (Casey, 2004).If the hard disk drive has been physically damaged, the technicians must use such devices as magnetometers and soldering irons in order to retrieve files that no longer be restored only by means of software solutions. This is the equipment that they should always have close at hand.

However, one should bear in mind that data recovering companies should also procure different spare parts of a storage medium. Very often, they have to remove hard-disc platters or read-and-write head. So, these organizations must have a regular supply of these component parts to be able to do hardware recovery as quickly as possible. This is one of the reasons why they need to establish continuous relations with the leading manufacturers of storage media such as IBM, Seagate or Transcend. Moreover, they need to know which of these products is more prone to physical or logical failure. This case illustrates the idea that in order to estimate the technological needs of a data recovery company, one has to possess information about the mainstream IT manufacturers and their quality standards. Fields Data Recovery keeps track of the quality standards, set in various companies. This information is partially disclosed at their official website (Fields Data Recovery, 2010).

Software solutions

As far as software solutions are concerned, we can list a large number of programs that may be of great use to companies like Fields Data Recovery. They are as follows: 1) undelete tools; 2) recycle bin replacements; 2) CD rollers, 3) image recall tools (Cross & Shindler, 2008). The employees of such firms use bootable software which is particularly beneficial when the operating system has failed, for instance, boot disks or live USB (Cross & Shindler, 2008, p 314). They also need to apply different consistency checkers that are compatible with different operating systems like Windows, Unix, or Mac OS. Data recovery companies must also possess a large variety of file recovery and repair programs. The functioning of data recovery companies is also impossible without usage of file carving software that enables reassembling the damaged files from separate fragments (Casey, 2004, p 306). Thus, it is possible to argue that the founders or supervisors of a data recovery company need to purchase a great number of software solutions if they want to address their customers problems as soon as possible.

One should bear in mind that the development of web-based technologies has provided data recovery companies to operate online. In such scenario, the technician does not actually to gain physical access to the hard-disk drive (Cross & Shindler, 2008). While discussing software solutions, I should say that Fields Data Recovery only restores the damaged information and it seems to me that such company may also provide services for the prevention of data loss. For example, they can install DLP networks, host-based DLP systems, battery backups, and journaling file systems. This type of software may also be required for such firms.

This discussion shows that a data recovery company can provide a great variety of services to a large number of customers, with whom they may establish long-term relations. Nonetheless, in order to open such a business one has to carefully analyze technological needs of such organizations.

Reference List

Casey E. (2004). Digital evidence and computer crime: forensic science, computers and the Internet. NY: Academic Press.

Cross M. & Shindler D. (2008) Scene of the Cybercrime. London Syngress.Fields Data Recovery. (2010). The Official Website. Web.

Tech: Database Forensics

Abstract

Data processing involves several activities designed to transform the raw data into a more sophisticated and usable design. Among the activities involved in the process of data processing is data storage. In the process of data storage, there are many places where some part of data can be stored. While these data are stored, there are instances when the data become manipulated or tampered with, and in the process lose the actual meaning of its storage.

Introduction

Database forensic is a specialty equivalent to computer forensic. Like computer forensics, the discipline pursues the typical forensic procedures and makes use of the exploratory practices to the database. In our todays society, information has so far been claimed as one of the very essential commodities and there are endless questions on what the society without information would look like. The majority of this information is composed and processed in a database. This piece of writing will have an in-depth analysis of database forensics, its obligation in database analysis, and other major results associated with it.

Forensic outcome and result

According to Lucy (2005), almost every single institution is in one way or another connected with data that may involve clients or patient information. Lucy further remarks that these data are usually entrusted to various relevant data protection for safekeeping. The outcome and information obtained from database forensic can be used for several reasons according to Brinkmann & Carracedo (2003).

Brinkmann & Carracedo (2003) observes that one argument in which the outcome of database forensic can be of greater importance to a company is the fact that a company can be able to determine whether the integrity of the companys data has been compromised, or whether one way or another has violated the users privacy. Lucy notes the two reasons are the core of any successful company. This is because the end users information usually forms the pillar on which the success of any company is built. By carrying out this analysis, the company will be conveying the message that it ought to verify if its database has been tampered with.

Butler (2009) observes that the outcome of database forensic will equally go a long way into developing a valid file system inclined to the database forensic. Butler easily recognizes that developing modern files, which are not, common with database forensic has made the whole exercise very difficult to analyze as most of the database forensic tools used, do not support them. Mozayani (2010) in a similar response echoes the same sentiments as Lucy and points out that by embracing database forensics, the company will also be able to comprehend and analyze any instance of attack that may have been orchestrated toward its database.

These results will therefore to a great point equip the company with expertise on the susceptibility exploited, therefore, in the process raise the issue of escalating deterrent countermeasures. Mozayani (2010) in addition, views that to analyze data it is pressing to know and understand in-depth how the database is structured. The author remarks that this will simplify the work of analyzing the data and therefore, take less time on the work of the forensic team.

A forensic analysis of the database may center on recognizing operation within a database system or benefit that point out verification of wrongdoing, for instances occurrence of fraud (Graham 2010). In this way, Graham observes that, if the practice is carried out expertly, it will lead to light several fraud cases within a company and in the system either avert the potential occurrence of such case in point or make available the extent of damage caused by such deception.

Shoester (2006) points out that some programs can be used to exercise and analyze data. The software as well makes available audit classification expertise that present acknowledged substantiation of what role or analysis a forensic analyst carried out on the database. According to Shenoi & Peterson (2009), the use of these programs to verify the extent of analysis carried out on the database by a forensic expert performance as a means of validating that database forensic was carried out.

Saitoh & Franke (2009) notes that most of the software and forensic tools used nowadays are not very reliable and precise enough to be used in forensic work. These authors attribute this fact to too little effort shown in researching the topic an issue that has left very few books on the topic being published. Similarly, Saitoh & Franke (2009) insist on the need for more delve into the topic of forensic and mostly that of data.

Conclusion

Database forensic has been reflected from the above article as an exercise that is still in development. From the way, the exercise is carried out on the database to identify instances of tampering with them, to the use of database outcome and results in making important decisions about the safety of the companys database the exercise is such a significant one. From the above information, one cannot fail to observe the relationship between database forensic and the development of technology. It is in the hypothesis that one realizes there is still much to be done if forensic is to be useful and generally at the rate at which technology is advancing.

Reference list

Brinkmann, B & Carracedo, A (2003) Progress in forensic genetics 9.

Butler, J (2009) Fundamentals of Forensic DNA Academic Press: Washington.

Graham, I (2010) Forensic Technology, Evans Brothers publishers: London.

Lucy, D (2005) Introduction to statistics for forensic scientists, John Wiley and Sons: New York.

Mozayani, A (2010) the Forensic Laboratory Handbook Procedures and Practice, Springer: New York.

Proceedings from the 19th International ISFG Congress held in Munster, Germany. 2001, Elsevier Health Sciences publishers: New York.

Sako, H, Franke, K & Saitoh, S (2011) Computational Forensics: 4th International Workshop, IWCF 2010 Tokyo, Japan 2010, Springer: New York.

Shenoi, S & Peterson, G (2009) Advances in Digital Forensics V: Fifth IFIP WG 11.9 International Conferences on Digital Forensics, Orlando, Florida, USA, 2009, Springer Publishers: New York.

Shoester, M (2006) Forensics in Law Enforcement, Nova publishers: Durban.

Chemical Spills in Forensic Setting

A chemical leak is characterized by discharge of a chemical compounds. It commonly occurs during haulage, storage, handling and disposal of compounds with chemical characteristics. Spilling of chemicals is a frequent incident in many labs.

Necessary steps to clean the spill are extremely imperative due to their perilous nature. Chemical spills may cause immediate peril to the life and wellbeing of a person (St. Clair, St. Clair & Given 231). Reasonable steps of spill preclusion and availing sufficient resources to clean up unintentional spills are indeed critical.

The chemicals may be combustible, noxious, acerbic, reactive or volatile, and may lead to difficulties in inhalation, skin problems and blindness. Necessary steps to stop chemical spills should always be in place for the staff to know proper work practices while handling chemicals (Horswell 32). The containers must be made using unbreakable materials. Compound wastes should be eliminated separately, preferably through incineration.

There are certain procedures outlined in laboratories to counter the spill of chemicals. Everybody in the laboratory should wear shielding specs, gloves and lab coats after being informed of the spill (St. Clair, St. Clair & Given 248). The spill must be constrained to a small region and cleaned right away. If it is combustible, all sources of heat should be instantly turned off; furthermore, materials used in the clean up should then be disposed properly and labeled as hazardous.

Labs work with a set of chemicals in different conditions. The storage, decanting, moving and discarding of chemicals therefore require strict procedures during handling. Chemical containers should be easy to retrieve, and be kept higher than the eye plane. Chemicals containers should be inspected for leaking, and old ones be regularly replaced.

They should be transported in secure cans which must be fixed firmly. Laboratory devices should always be inspected for cracks before they are used in handling chemicals (St. Clair, St. Clair & Given 248). It is not forgotten that the position of a chemical leak kit should always be known before one uses chemical compounds. Incompatible wastes must never be mixed together while disposing chemical materials.

OSHA protocol

The OSHA protocol requires new and established employees to be trained on health and safety in their careers. While elimination of risk is impossible, necessary risk-reduction measures must be taken. There are specific terminologies to identify lab employees who have met certain specific training requirements. Pictorial representation is preferred over written work, and simple guidelines are given to encourage cooperative, deliberate safety and health programs in the lab (Moran 9).

In the forensic labs, rudiments of environmental wellbeing and safety should be strictly considered. Proper coordination in the laboratory is important because the mistake of one individual may compromise the safety of others (St. Clair, St. Clair & Given 229). Productivity should never be put before the safety of the individuals in the laboratory. The required quantity of chemicals should be used in crime scenes, and excess spillage must be cleaned.

The analysis of drugs and chemicals which may be used in diverse crime scenes are handled in the forensic science laboratory (Horswell 32). Samples of chemical supplies recovered should be placed in labeled envelopes which are resistant to corrosion. Forensics involves labs bursting with digital activity, high-tech apparatus and visiting of crime sites. The safety regulations observed in the labs is not different from those followed in typical labs (Petraco and Kubic 230).

Care must always be taken while in the laboratory to shelter everybody from harm. Necessary lab gear should always be in place, and equipment to deal with chemical spills must be at hand. The main priority is ensuring individual safety, and most importantly, that of other users of the laboratory. The OSHA protocol emphasizes on training which every employer must subject its workforce to in order to ensure both wellbeing and security in the lab.

Works Cited

Horswell, John. The practice of crime scene investigation. London: CRC press, 32-34

Petraco, Nicholas. & Kubic, Thomas. Forensic science laboratory manual and workbook. London: CRC press, 2005 220-240

St. Clair Jami, St. Clair Michael & Given, Jo. Crime laboratory management. London: Academic press, 2003. 231-260

Moran, Mark. The OSHA training answer book (2nd edn). Florida: Safety certified Inc, 2008 9-140

Forensic Evidence in Criminology

Footwear Evidence

Footwear evidence as the name suggests, is the foot impressions that used in connecting the culprit to the act of crime. Properly collected and analyzed footwear evidence normally leads to the culprit (Domnauer, 2007).

If the shoe or foot impressions do not bear inimitable patterns or marks, they are null and void evidence. Additionally, if the evidence can link to the real culprit, they are admissible evidence in the court of law (Fisher, 2004). In order to capture footwear evidence, gelatin lifters and plastic casts are mainly used to produce both two and three-dimensional forms of the cast impression.

How to preserve evidence

Photographed evidence is only admissible in the court of law if the prosecutors can prove that they collected and properly documented them. Repeatedly, only the authorized staff are only restricted to the evidence. All rules governing the evidence preservation is essential for legal authorities and police.

For example, an investigator should document a transfer of evidence from the evidence section to a forensic laboratory for analyses. It is a general rule that when the custody of evidence changes, proper documentation is mandatory (Pepper, 2010). Once the evidence analyses are over, the laboratory staff must make sure they have the evidence and no one tampers with. Documentation process aims at reducing theft of evidence (Pepper, 2010). It is important that all evidence will be preserved and subject to scrutiny by the defense lawyers.

Photography of the footwear evidence

In collecting the footwear evidence, white and black films are usually used, but in the case of blood stains found on the impression, the detector can shine an indirect light onto the impression. Sequences of photographs with varying light positions provide enough photos to allow proper investigation.

Moreover, scaling and adjusting images improves the image for thorough analyses of the impression. Aerosol paints provide best impressions by highlighting the footprints when it is difficult to capture visible images at the crime scene. Photographing the footwear evidence requires a special camera to capture best qualities (Millen, 2008).

Casting the footwear evidence

Making the cast of the footwear impression at the crime scenes is a special activity which requires diligence and ability. Production of the impression will help the comparison between the shoe and the impression. A dental stone is generally used as a casting stone. Dental stone is available in the form of powder, which is then mixed with clean water.

The mixture is normally poured gently into the footwear impression created on the soil. It is then allowed to set up for at least thirty minutes after which it is possible to collect as the footwear evidence (Domnauer, 2007). The impression can now be used to trace the culprit and as evidence in the court of law by comparing both the footwear impression with the real shoe. Casting has been very fruitful in providing evidence used in the criminal court proceedings.

Procedures used in examining firearms evidence

Firearms offer crucial evidence related to criminal activities. Laws governing the arms stipulate that when the firearms found at the crime scenes, it is a procedure to unload and store them in a secured place.

If the person collecting is not conversant with the best way of unloading, he or she should seek help from an expert, usually the firearms instructor or an examiner. Careless and negligent unloading will make it difficult for DNA trace or any useful evidence present. It is a general rule that all unloaded firearms are only submitted to a laboratory.

After securing the firearm, law requires a follow-up of the agency protocols recommend identification of firearms by the crime detector. The agency protocols require that the collector should inscribe his or her initials using a diamond on the trigger guard. Firearms collected from water points should also follow special handling procedures so that no evidence is carelessly destroyed.

A closer check on the trigger can show the real finger prints of the culprit, but finger prints are invisible in case the culprit had used hand gloves (Domnauer, 2007). Evidence such as the fingerprints and DNA can only be traced if the firearm is in a safe custody or under proper control.

If there are blood stains, tissue and hair, it is a mandatory that they are closely examined by a qualified laboratory technician. The examiner must wear mask and hand gloves when collecting DNA found on the firearm. If there is more than one firearm, different gloves are strictly worn for each case.

To ensure a safe custody of the evidence and the firearms, the detectors should always wrap in a tamper proof paper and stored in a box that is only designed for firearms. Unloaded firearms are carefully marked, identified and packaged separately. Firearms examiner should always be aware of the state of packaging and storage before submitting to the laboratory for more examination. Dismantling and unloading of guns is not applicable to shotguns and rifles because they can tamper with the value of evidence (Fisher, 2004).

References

Domnauer, T. (2007). Crime scene investigation. Columbus, OH: School Specialty.

Fisher, B. A. J. (2004). Techniques of crime scene investigation. Boca Raton, FL: CRC

Millen, P. (2008). Crime scene investigator. London: Robinson.

Pepper, I. K. (2010). Crime scene investigation: Methods and procedures. Maidenhead: Open University Press.

U2 IP Forensic Science: Types of Guns and the Nature of Gunshot Wounds

The most common cause of death in homicides is a gunshot wound. The caliber of a weapon and the distance from a gun to a victim determine the features of an injury caused by bullets, shell casing, or projectile. Therefore, forensic investigators should know the types of guns and, consequently, understand the nature of gunshot wounds.

The overall process of gun-making consists of several steps:

  1. Forging
  2. Casting
  3. Machining
  4. Stamping
  5. Woodworking
  6. Metal treatments
  7. Assembly
  8. Testing (Holloway, 2015).

Barrel making is a complex and difficult process. The first step in making the barrel is to cut the bar to a specific length. After that, a barrel maker places it in the drilling machine. To achieve a straight hole, the barrel steel must also be uniform in its consistency. At the tip of the drill there is a hole, out of which through the drill shank, oil is pumped. Then, the oil goes through the drilled hole in the barrel and, on its way, washes all the chips created by the drill. The barrel maker intentionally drills the hole diameter under the specific bore diameter for the particular caliber. Thus, caliber is the internal diameter of the barrel, or the diameter of the bullet it fires, which is usually represented in millimeters, or hundredths/thousandths of an inch (Holloway, 2015). After the drilling process, it might be brought up to the necessary size by reaming it. Like in the drilling process, the reamer is also flooded with oil. These are the first and main steps in barrel making. The next stages depend on the type of barrel  cut or buttoned ones. In the case with a buttoned barrel, the next step is rifling (Sandlin, 2015). Rifling is a series of parallel spiral grooves cut the length of the bore of the barrel (DiMaio & Dana, 2006, p. 121). Its purpose is to impart a spin to a bullet to make it more aerodynamically stable and, as a result, straighter on its way (Prahlow & Byard, 2013).

The basic parts of revolvers and semiautomatic pistols are to some extent similar, but there is a big difference. Revolvers contain a cylinder within which at once several bullets can be placed. After one bullet is fired from the revolver, to load it again the cylinder must be rotated in such a way that the next bullet should be in one line with the firing pin and the barrel (Prahlow & Byard, 2013). A semiautomatic handgun contains a magazine, which slides into the handgrip. To place a bullet into the chamber demands the slide mechanism, which is pulled back toward the handle. Inside the magazine, there is a spring, which moves bullets automatically into the firing chamber, and after that, the gun is ready to fire again.

It is necessary to understand the differences between bullets, shell casings, and projectiles. The bullet is a lead portion of the cartridge, and when the gun is fired, it leaves the end of the barrel. Shell casing is a spent portion made of a cartridge, which is discharged after the gun is fired. It remains in the revolvers cylinder, or it can be ejected in the semiautomatic weapons. The projectile is a general term for everything that exits a weapon (Bucholtz, 2014). There are different classes of bullets, casings, and projectiles. For instance, classes of bullets can be identified by:

  1. Manufacture  for example, Winchester.
  2. Caliber  45 ACP, 9 mm, 12 gauge.
  3. Composition  steel, brass, copper (Bucholtz, 2014).

Shell casings differ from each other in size, shape, and materials. A shell casing can have different styles of heads, for instance:

  1. Rimmed  denoted by the suffix R, and have a rim at the base, which is wider than the rest of the casing.
  2. Semirimed  denoted by SR; the rim is wider than the casing body.
  3. Rimless  have no suffix.
  4. Rebated  denoted by RB, the rim is smaller than the casing body.
  5. Belted  denoted by B; the metal belt (above the extraction groove) is almost the same diameter as the rim (Duguid, n.d.).

There are two main types of gunshot wounds: perforating and penetrating. The penetrating wound is when a projectile has entered the body but not exited, while the perforating wound means that a projectile has passed completely through the body (Prahlow & Byard, 2013, p. 487).

There are two more types of wounds: entrance and exit. Entrance wounds have a marginal abrasion. They are usually round or oval. An exit wound may be round, or as a small or large laceration (Bucholtz, 2014, p. 159). It should be noted that the size of the wound does not identify the entrance or the exit. The exit wound is characterized by the absence of a marginal abrasion.

Once the gun is fired, hot gases and burned and unburned gunpowder exit the muzzle. There are four ranges of muzzle-to-target distance:

  1. Contact to near contact  the gun is firmly against the body, and on the body, the hot gases, among which is carbon monoxide, enter the tissue resulting in a bright-red muscle discoloration.
  2. Close range  the distance from the muzzle and the body can be from near contact to a couple of inches away (Bucholtz, 2014, p. 162). Here, the gases can diffuse from the weapon muzzle, and there will be less tissue destruction. The marginal abrasion will be evident.
  3. Medium range  usually extends from 12 inches to arms length from the muzzle. Since the distance is bigger than in the previous two cases, the gases and gunpowder can diffuse or burn. Still, some gunpowder can reach the skin and after burning leave powder tattooing. The closer the gun is to the skin, the brighter the tattooing.
  4. Distant range  the end of the gun is far enough from the body so that neither the gases nor the gunpowder will reach the body, and it will only show the entrance wound with its marginal abrasion (Bucholtz, 2014, p. 164).

The typical kinds of evidence from a handgun that can be found at the crime scene are trace evidence (gunshot residue), and weapons and firearms evidence (guns, knives, cartridge shell casings, bullet holes, and wounds). Besides, the close photographic documentation of visible wounds is also very important.

To sum up, death rates from gunshot wounds considerably vary all over the world. Gunshot wound investigations demand close attention to the details and pieces of evidence. It also requires basic knowledge about the common types of guns and their parts. After collecting, the necessary information and evidence the manner of death might be determined.

References

Bucholtz, A. L. (2014). Death investigation: An introduction to forensic pathology for the nonscientist. Waltham, MA: Anderson Publishing.

DiMaio, V., & Dana, S. (2006). Handbook of forensic pathology (2nd ed.). Boca Raton, FL: CRC Press.

Duguid, A. (n.d.). An introduction to collecting artillery shells and shell casings. Web.

Holloway, T. (2015). A guide to handgun cartridges: A reference for common calibers. Morrisville, NC: Lulu.com.

Prahlow, J. A., & Byard, R. W. (2013). Atlas of forensic pathology: For police, forensic scientists, attorneys, and death investigators. New York, NY: Springer Science & Business Media.

Sandlin, G. (2015). Web.

Forensics Expert Explains How to Analyze Bloodstain Patterns: Video Analysis

Presentation link:

For todays discussion, I decided to analyze a video by WIRED (2020) published on the official YouTube channel titled Forensics Expert Explains How to Analyze Bloodstain Patterns. The video touches upon how crime scene investigators and blood-stain analysts consider different factors to recreate the events of the crime (WIRED, 2020). The video goes through different difficulties of bloodstains, which helps to explain the view that a person needs very specific skills and much practice to analyze bloodstains.

The presenter uses almost all the effective presentation skills at the top level, as the YouTube channel is viewed by more than 11 million people, which demands high-quality videos. However, I wanted to focus on the two most powerful techniques. First, the presenter starts very strong, which grabs the attention of the audience. At the beginning of the video, the presenter smashes a bloodstain with a hammer and says, there we go, with relief. Such actions make the viewer wonder why hitting blood with the hammer can be so relieving. Second, the presenter always maintains eye contact with the camera and talks with a smile, which makes the viewer feel important and relaxed.

However, there are two presentation skills that can be improved. First, the presenter uses the visual aid ineffectively. Sometimes, when he talks, the video demonstrates pictures irrelevant to what he is talking about. This distracts attention and makes the viewer focus on the picture rather than on words, while the picture may be unimportant. As a result, the viewer may miss crucial information. Second, the presenter goes into very specific details and calculations using professional language. While this may be important for the prepared viewer, casual viewers may become confused. However, even though there are some areas of improvement, the presenter is nearly perfect in terms of using presentation skills.

References

WIRED. (2020). [Video]. Web.

Forensic Expert Defending Innocent Cybercriminal

Defend a plaintiff accused of a computer crime with cyber evidence

It would be appropriate to highlight the fact that evidence should not be viewed as admissible because of issues with validity. It is imperative to ensure that arguments are convincing. The defense attorney may note that presented pieces are related to the incident, but it is possible to argue with such statements. It is necessary to draw attention to the fact that presented evidence is not comprehensive.

Additionally, it is reasonable to question the consistency and explain the ways in which the information may be manipulated to benefit the accuser (Sammons, 2012). The focus on believability is of utmost importance. A system forensic expert must voice his or her concerns about the reliability of presented evidence. It is important to utilize the knowledge and discredit the arguments (Casey, 2011).

Evidence must be linked to the incident and plaintiff to be regarded valid. Moreover, it must be supported by other pieces to be considered by the jury (Easttom, 2014). Overall, the lack of information is quite problematic in this case and can be viewed as a disadvantage, but it is possible to provide a set of arguments that would prove that evidence does not meet the criteria and should not be reviewed.

Refuting the credibility of District Attorneys forensic witness

First of all, a person that tries to interfere with such procedures as collection and make inappropriate statements should not be trusted. Additionally, any attempts to influence the transportation should be viewed as questionable. It is paramount to take all the necessary measures to guarantee the safety of collected evidence, and it is reasonable to monitor the actions of forensic witnesses in such cases to ensure that they are appropriate.

Such factors as aggressive marketing could be used to refute their credibility. A use of statements that suggest advocacy is inappropriate, and could have an enormous impact on the way a professional is perceived. Any personal interest is not acceptable in such situations, and it is reasonable to review previous cases. Suggestions made by forensic witnesses that show the lack of knowledge when conducting the analysis should not be viewed as reliable.

Moreover, it is import to question their judgment if some of the statements are not aligned with presented evidence (Wall, 2009). Also, it is necessary to draw attention towards inconsistencies in arguments. Presentation of facts that contradict each other is also an outstanding opportunity to discredit a forensic witness (Bowers, 2013). Overall, it is important to determine the weaknesses that such professionals have and focus on areas that are most problematic.

Qualities of a forensic witness

Any bias should be viewed as extremely dangerous because a forensic expert may try to take all measures necessary to prove his or her position. Also, a professional that is too worried about their track record could manipulate the terms to support their statements. Excessive confidence can be regarded a dangerous sign because one may try to use a broad range of techniques to sound convincing. Ability to provide prompt and comprehensive answers to all the questions also could affect the outcome of the case.

An experienced forensic expert will know how to act during cross-examination, and it is a significant threat to the defense because it is too reliant on standard questioning most of the time (Wall, 2009). Utilization of tactics and strategies that are not commonly used also should warn the defense and must be taken into account. Overall, it is necessary to understand that forensic witness has an enormous influence in the courtroom, and it is crucial to be aware of approaches that help to refute the arguments.

References

Bowers, C. M. (2013). Forensic testimony: Science, law and expert evidence. Burlington, MA: Academic Press.

Casey, E. (2011). Digital evidence and computer crime: Forensic science, computers and the Internet (3rd ed.). Cambridge, MA: Jones & Barlett Learning.

Easttom, C. (2014). System forensics, investigation, and response (2nd ed.). Burlington, MA: Jones & Bartlett Learning.

Sammons, J. (2012). The basics of digital forensics: The primer for getting started in digital forensics. New York, NY: Elsevier Publishing.

Wall, W. (2009). Forensic science in court: The role of the expert witness. Hoboken, NJ: John Wiley & Sons.