dfm covers
 
 

Anti-Forensics Tools in the Public Domain

Written by Frazer Lewis

Recovering deleted data goes hand in hand with forensic computing. It is difficult to imagine an investigative scenario whereby the information recovered in deleted data does not play a key role when drawing final conclusions.


Historically, anti-forensic or secure delete tools were somewhat “underground” executables. These applications were shared between the paranoid computer enthusiasts or those who “had something to hide”. Today, there exists a wide variety of secure delete tools that no longer carry such a dubious stigma. How and why did such tools get so popular?


Only a few years ago the average user believed that the process of securely deleting a file consisted of merely “emptying the bin” – and why wouldn’t they? There was no button for the user to get the file back. Many (if not, still most) people believe the same today, though a growing number are becoming more aware that deleted files are not exactly what they seem. Day-to-day computer operators are gradually gaining more education as to the implications of “non-secure” delete operations, though it is unlikely that this knowledge has emerged via a direct public interest in forensics. User awareness of secure deletion began not because people were looking for a way to hide data from prying eyes; rather, that people were looking for a way to recover the holiday snaps they accidentally deleted, or the important email sent from their boss. With this growing demand for data recovery, applications began to emerge providing the functionality which the mass market was looking for. Some companies were quick to cash in on the success, though in today’s world the average user has a wide choice of free offerings.


Due to experiences with other file system applications such as disk continuity checkers or de-fragmentation programs, many believed that an application advertising “deleted data recovery” would prove to be a long and arduous process. Individuals were no doubt surprised when within in a few clicks of a pretty GUI, they had successfully recovered their holiday snaps or important email from work. The uptake of data recovery tools continued to spread… see issue 5 for the rest of this article - subscribe now!


The full article appears in Issue 5 of Digital Forensics Magazine, published 1st Nov 2010. You must log in with a valid subscription to read on...


 
Please make cache directory writable.
 

Submit an Article

Call for Articles

We are keen to publish new articles from all aspects of digital forensics. Click to contact us with your completed article or article ideas.

Featured Book

Learning iOS Forensics

A practical hands-on guide to acquire and analyse iOS devices with the latest forensic techniques and tools.

Meet the Authors

George Bailey

George Bailey is an IT security professional with over 15 years of experience

 

Coming up in the Next issue of Digital Forensics Magazine

Coming up in Issue 31 on sale from May 2017:


DDOS Attacks on Mobile Devices

Denial of service attacks (DoS), distributed denial of service attacks (DDoS) and reflector attacks (DRDoS) are well known and documented. More recently however we have seen that these attacks have been directed at mobile communication devices.  Read More »

Advancements in Windows Hibernation File Forensics

Brian Gerdon looks at how the windows hibernation files can be a valuable source of information for digital forensic investigators. Read More »

Subscribe today


Testing Damage Sustainability on SD Cards

A growing number of companies and agencies are now specializing in repair and recovery of data and not on the forensic examination of the data. Read More »

Every Issue
Plus the usual Competition, Book Reviews, 360, IRQ, Legal

Click here to read more about the next issue