The Report discuss about the case of an arrested drug dealer who is suspected of the operations which are running with the help of laptop. In the first part of the report it gives the details about main technologies which the suspect makes use in order to communicate with his co-conspirators, it also points out the problems posed by the technologies in carrying out the forensic investigation.
In the second part the report discuss about the possible sources of evidence which could be obtained from the laptop’s file system.
2. Computer Forensics:
Computer forensics is a branch of forensic science permitting to legal evidence found in computers and digital storage media, it is also known as “digital forensics”.
The goal of computer forensics is to explain the current state of a digital artefact; where as the term digital artefact can includes computer system, storage medium and an electronic document.
The subject of computer forensics has evolved into major field in the legal systems around the world, in the year 2002 the FBI stated that “fifty percent of the cases the FBI now opens involve a computer”.similar to the pathological forensic which is called the forensic medicine where as the body temperature cuts and marks etc are looked for, clues and marks are looked within the system memory to get the detail description which effects to the relationship of the crime, these are looked by the digital forensic.
We can make a challenge for the digital forensic which involves retrieving the data from the existing or from the deleted files.
The challenge of the digital forensic examiner is to
To determine what type of pasts have been produced the evidence before us.
To understand what type of pasts could not have produced the evidence before us.
Able to give a demonstration on the value of the assessment to the third parties which it should be understanding to them.
3. Technology used by drug dealers:
According to the current analysis we have to find the answers for the questions that are critical which are the possible key technologies that the drug dealer could possible uses it,
There are three questions:
Qno1: what is the need for the illicit drug dealers to turn on the computer technologies to run their business?
Qno2: What are the attractive technologies that a drug dealer uses to perform his communication with co-conspirators without being caught by the police?
Qno3: How and what possible conclusions can be obtained from the analysis?
4. about the new technology:
Ans1: answer to the first one is twofold.
Ans2: the latest communication technologies used by the drug dealers are
To reach the larger audience and to expand the base of the business
To run the operations as secretly as possible
And not to leave any evidence to the police.
According to the current situation the dealings and the business runs by using the mobile phones, mobile phones are the most widely used by the drug dealers for the communication but this trend is changing because now a days the mobiles can be tapped on the network and even if the phone is misplaced or lost then the contacts of all the drug dealers can be revealed and by using the mobile phones they can’t communicate in the crowded places. Hence the selection of the new ways of communication is imminent.
The advent of modern network technologies like computer to computer communication technologies and social networking websites had made the communication strong and had opened the new ways to communicate through the various places for the each individual.
The technologies adopted by the drug dealers for the communication is
‘Spamming net drug dealer gets 30years in prison’ revealed by CNET news in the year 2007 2nd august
‘Italian drug dealers as early adapters of innovative communications technology revealed by Experiential in the year 2008 23rd august.
‘Google site used by drug gang’ revealed by BBC news in the year 2005 22nd July.
5. Key technologies used for communications by drug dealers:
Listed below are some of the key communication technologies that a drug dealer is believed to be using to perform his operations.
1. Instant messenger programmes
2. Social networking websites
3. VOIP programs
4. Email encryption programs and spamming.
5. Content sharing websites.
6. Private online chat rooms.
7. Blogging and micro blogging websites.
Instant messenger Programmes:
Instant messenger programmes had been the main source because these are fast and easy and they are available in the market for a quite while now, popular programmes like Google talk, yahoo messenger, windows live messenger, meebo and many other are used by a large number of users. These instant messenger programmes can be linked with free instant messenger chat encryption software which is used to available easily in the internet.
“IM ENCRYPTO” is one such software which can be used in conjunction with the yahoo messenger and establish the secure connections which can only be deciphered by the computer which is having the correct encryption key.
Having installed the program need to be generated a key pair which is used for the encryption and decryption, this type of operation is performed on the second stage of IM Crypto configuration wizard, and one more important point about the software is that the others cannot see the chat messages and they only see the garbled set of characters, but this software must be installed by the two parties where the communication is done.
Social networking websites:
There are so many social networking websites like face book, orkut, Hi5, Friendster MySpace, net log etc, The social networking sites also serve the qualitative purpose of the drug market as majority of the consumers of illegal drugs happen to be teenagers who are also largest spenders of time on the social networking websites and hence they have a great probability of being contacted by a drug dealer.
The drug dealer could also use these social networking sites to keep in contact, exchange information, advertise his products, recruit new drug peddlers, and get information on events and student gatherings all at the easy and privacy offered by these websites.
Orkut is one such popular website which it is to be operated by the Google which it is on the news on the recent days for the wrong reasons. Criminals such as the drug peddlers establish ‘members-only’ groups on popular social networking websites and then exchange messages and information with other members.
And also the advent of 3G mobile communications ensured mobility and faster connectivity to the internet. Hence the drug dealers can communicate through social networking websites right from their mobile phones using unsecure wifi hot spots and hence get away un-detected.
Similar to Instant messenger programmes, the social networking’s websites can also used on the 3G phones and hence pose a danger of highly secure communication channel to the drug peddlers.
VoIP programmes could very well be the most popular and useful communication between the drug dealers because software’s like Skype is so useful in the communication because it offers with the less cost and even it is the secured communication Skype has been the most used software in the VoIP programmes which are followed by windows messenger and yahoo messenger.
These VoIP programmes is that which it helps the drug dealers to communicate by the voice and by the video with their customers through the internet, it is the most secure communication to the drug dealers and these conversations cannot be intercepted by the police.
According to the Reports in BBC website, “officers in milian say organised crime, arms and drug traffickers, and prostitution rings are turning to Skype in order to frustrate investigators”.
www.bbc.com stated that on 20/05/2010 that the “Italy police warn of Skype threat”
Skype programme is secure because it uses the encryption system and it is easily available in the market where as the encryption system the company keeps the issue confidential and even it does not discloses to the law enforcement agencies.
So according to the sources available in VoIP programmes the drug dealers uses this communication to perform their operations.
Email encryption programmes and spamming:
Data encryption is the source where it is done in a process because nobody can read the data or message expects the person whom the data is addressed.
Drug dealers will very well make use of the different email encryptions like ‘pipeline exchange’, ‘certified mail’, ‘read notify’, which these encryptions work with the e-mail clients like Microsoft-outlook.
Drug dealers send the spam messages to the people through email about their business, they use the email communication as the source to their advertisements in free off costs we have seen so many spam messages appear in Google mail accounts.
Recently a famous website named www.pcworld.idg.com stated on 17/05/2010 that ‘drug dealing spammers hits the Gmail accounts’
Encryption is a technique that it changes the data into a gibberish value by using the mathematical algorithms this helps the drug dealers to communicate the data to the addressed person, and no other can read the data, gibberish value means the data will be written in technical word or in the meaningless sentences, if the recipient has the confidential key needed to decrypt the message the date will be changed back to the original message.
The increasing phenomenon taking place in the internet is that if the criminals hiring the spammers and the specialists in IT, because the can promote the website where the drugs can be sold illegally.
But these types of spammed websites can be quickly discovered, but the drug tracking dealers use the different multiple layers.
5. Content sharing websites:
Content sharing websites like mega upload, rapid share, Z Share etc are used by the drug dealers for communication and also torrent sharing websites are used for the communication.
Websites like p2p sharing programmes and client software’s are also used by the drug dealers for the communication.
Drug dealers use this because these types of websites can share the more content and can uses to upload or download for minimum of 10mb for free off cost.
Whereas the lime wire, bit torrent, u torrent helps to upload or download the torrent files in the internet which these comes under the p2p sharing programmes.
But compared to the other communications used by the drug dealers this is little bit slower but is secured.
6. Private online chat rooms:
Private online chat rooms offer drug dealers and other criminals such as terrorists with secure communication channels where exchange of information can only be understood by the communicating end users this is a form of synchronous conferencing which it exchanges text messages on the internet. Encryption technologies like SSL are applied by the private chat rooms because to make it impossible to access their conversations to any interceptor and even makes impossible to build evidence.
7. Blogging and micro blogging websites:
Similar to the social networking websites the drug dealers uses the websites like twitter they form the members in groups, where they can make messages and information and this information can be made updated daily and it can reach all the members and in the groups in that network, this way of communication is secure and fast. Which it provides a most secure and fast mode of communication to the drug dealers, and no large chunks of data will be transferred as in a VoIP call or no packet sniffers can be used to intercept keywords in emails and in instant messages.
Drug dealers places their advertisements in the famous websites like they simply put an option to ‘click’ if the button is clicked it directly goes to the websites of the drug dealers and it is accessed , using these type blogs by drug dealers develop their drug business.
As per the above analysis the most secure and used communication by the drug dealers is the VoIP programme software’s because this uses the Skype software and it is used with free of cost and secure of all the communication because it provides video calling and then the drug dealers can be sure that they are talking to the right person and the information that they are transmitting is reaching the right person and the Skype software is easy to access and is easy for the installation.
The most important plus point in Skype is the impenetrable security aspect which the drug dealers can understand very well and hence use the system without putting their identities and information.
Another key observation from the above analysis is that the drug dealers mainly follows the encryption techniques as the mode of communication, because they largely dependent on the encryption techniques .Be it the encrypted email, encrypted instant messenger programmes etc.
All these technologies use method of encryption system that makes the flowing information gibberish to anyone other than the person with the right key to decrypt the message.
Hence the computer forensics experts can easily find out the cracks and codes for those type of encryption and decryption methods and nab the criminals and can mount an evidence against them.
7. Analysis of possible sources evidence in the laptop file system:
Extraction of evidence from a computer file system and from other digital devices like mobile phones and PDA’s usually deals with the extraction of the contents of the files and the folders which are available in the laptop file system.
It also deals with the extracted content from the files and folders as the interpreted data where as the interpreted data can be used for the process of the ongoing investigation to complete the digital forensic. Even though it reveals all the data, it is difficult and hard to the digital forensic expert to find out and it poses the real challenge. This section of the report deals with the discussion on the possible places where evidence may be found on the laptop file system. It also deals in finding the relative importance of the evidence by classifying it on the basis of the evidence obtained and the sources of the evidence obtained.
8 .Sources of evidence in the laptop file system:
In order to understand the possible places in the file system we have to understand the file system and the technologies used for it
They should have a technical knowledge on
Software packages present on the laptop
The operating system of the laptop
The file systems in the laptop
The type data organization that is available in the laptop.
The forensic analysis on the seized laptop of the drug dealer would certainly contain thousands if not millions of files. Each of these files can be broadly classified into either
user created files
There may be a number of locations to look for on the file systems and therefore it is important to make a note.
Possible locations of finding digital evidence:
Documents or text files.
Bookmarks and favourites
Text and document files.
Image or graphic files
Spread sheet files.
The possible locations under the system created files are
Back up files
Apart from the user created files and the system files there are number of other places to look for evidences such as
The most popular types of file systems are two types
FAT stands for file allocation table, an understanding of the file system is important for the effective forensic analysis.
NTFS system allows the file encryption and folder encryption where as it is not possible in the FAT32 system.
The disk organisation is also an important concept to be understand for the effective analysis
File allocation tables, adding and deleting files, partitions and master boot records and the patterns behind them can give a very useful insight to the investigation. The recovery of deleted files is another aspect of digital forensic investigation. The recovery of deleted files can be obtained by using debugging.
As discussed earlier even though a large amount of data can be obtained from a digital device such as laptop and from a PDA that is seized from drug dealer.
But the problem for the forensic expert is to find the authentic evidence which can be presentable in the court.
The common and known challenges to authenticity of digital evidence are
So many several cases have considered that to authenticate at the same time what foundation is necessary for the contents and appearance of a website.
Web pages which are having URL and having date stamp are not self-authenticating.
So, according to the analysis courts require testimony of a person with knowledge of the website’s appearance to authenticate images of that website
As per the analysis the computer electronic records are easy to alter, even the opposing parties often allege that computer records lack the authenticity.
Courts have rejected arguments that electronic evidence is inherently unreliable because of its potential for manipulation.
Although handwritten records may be penned in a distinctive handwriting style, computer-stored records do not necessarily identify their author; there is a particular problem with the internet communications.
For example internet technologies permit users to send effectively anonymous emails, and internet relay chat channels permit users for communication without revealing their real names.
Cite This Work
To export a reference to this article please select a referencing stye below:
Related ServicesView all
DMCA / Removal Request
If you are the original writer of this essay and no longer wish to have your work published on UKEssays.com then please: