Those of you familiar with CSI (or have surely heard of it) are all too familiar with the process they use to catch the criminals - scientific analysis, forensics, gadgetry, and smarmy head investigators. Reoccurring themes include DNA analysis or other types of human-related evidence. However, in the information world, catching a criminal after the crime is in another league of its own. This article presents an account of a recent DefCon presentation which focused on breaking the actual forensics software used to analyze compromised systems. The most interesting line in the article referred to the weaknesses in one of the most popular forensics tools - "Most of these can and will be fixed in the near future, but at least one is a design flaw, not a bug.". Read on to find out how your forensics tools are only as good as the makers of them, and how it can result in a perfect getaway.

The link for this article located at The Inquirer is no longer available.