Movies Books Music Food Tv Shows Technology Politics Video Games Parenting Fashion Green Living more >

Lunch » Tags » Books » Reviews » Computer Forensics For Dummies » User review

Covers computer forensics work from both the technical AND legal perspective...

  • Oct 4, 2009
Being that I work in the tech industry, I know that there's far more on your computer (and other electronic devices) than you think there is. But I haven't ever given any in-depth thought to how one would legally go about discovering and documenting their finds for a court of law. Computer Forensics For Dummies by Linda Volonino and Reynaldo Anzaldua do a perfect job (in my opinion) in introducing the reader to the world of computer forensics, both from the technical side as well as the courtroom perspective. While I wouldn't expect it to be your primary guide for the field, Computer Forensics For Dummies goes a whole lot further than I expected, and I learned a lot.

Part 1 - Digging Out and Documenting Electronic Evidence: Knowing What Your Digital Devices Create, Capture, and Pack Away - Until Revelation Day; Suiting Up for a Lawsuit or Criminal Investigation; Getting Authorized to Search and Seize; Documenting and Managing the Crime Scene
Part 2 - Preparing to Crack the Case: Minding and Finding the Loopholes; Acquiring and Authenticating E-Evidence; Examining E-Evidence; Extracting Hidden Data
Part 3 - Doing Computer Forensic Investigations: E-Mail and Web Forensics; Data Forensics; Document Forensics; Mobile Forensics; Network Forensics; Investigating X-Files - eXotic Forensics
Part 4 - Succeeding in Court: Holding Up Your End at Pretrial; Winning a Case Before You Go to Court; Standing Your Ground in Court
Part 5 - The Part of Tens: Ten Ways to Get Qualified and Prepped for Success; Ten Tactics of an Excellent Investigator and a Dangerous Expert Witness; Ten Cool Tools for Computer Forensics

From the techie side, it's tempting to view computer forensics as all technical, and to figure that if you can find a file, you must have done the job. Not so much... Since most of the forensic work will be legal in nature (or could well end up that way), there are definite rules and processes you HAVE to follow in order to prove to the court's and jury's satisfaction that the data you found was truly there and not manufactured by you or someone else along the way. Volonino and Anzaldua cover those requirements very well, from search warrants and subpoenas to chain of custody documentation and documented actions. Those are the things that far too many techies would ignore on their way towards uncovering data, and in turn it would completely invalidate their efforts. That's why "do it yourself" forensic work is NOT recommended.

But that's not to ignore the vast array of skills and abilities that are needed to successfully find evidence that doesn't appear to exist any more. The authors present a nicely balanced discussion on both the reasons why and how data can be hidden (both intentionally and unintentionally) and how certain tools and techniques can be used to get at that data. In fact, they go into enough detail that you could download a few tools and start digging into your own computer to see practical examples of what you just read about. You might just end up rather concerned that what you thought you deleted isn't as "deleted" as you thought it was.

I think that Computer Forensics For Dummies does exactly what it sets out to do, and it does it very well. By the end of the book, I felt much more informed about how the *whole* field of computer forensics works, and I left with enough knowledge to know where I would need to go to learn more. Now... time to go see what's hiding on my computer that I forgot about... :)

What did you think of this review?

Fun to Read
Post a Comment
About the reviewer
Thomas Duff ()
Ranked #42
Thomas Duff, aka "Duffbert", is a long-time member of the Lotus community. He's primarily focused on the development side of the Notes/Domino environment, currently working for a large insurance … more
Consider the Source

Use Trust Points to see how much you can rely on this review.

Your ratings:
rate more to improve this
About this book


Uncover a digital trail of e-evidence by using the helpful, easy-to-understand information inComputer Forensics For Dummies! Professional and armchair investigators alike can learn the basics of computer forensics, from digging out electronic evidence to solving the case. You won’t need a computer science degree to master e-discovery. Find and filter data in mobile devices, e-mail, and other Web-based technologies.

You’ll learn all about e-mail and Web-based forensics, mobile forensics, passwords and encryption, and other e-evidence found through VoIP, voicemail, legacy mainframes, and databases. You’ll discover how to use the latest forensic software, tools, and equipment to find the answers that you’re looking for in record time. When you understand how data is stored, encrypted, and recovered, you’ll be able to protect your personal privacy as well. By the time you finish reading this book, you’ll know how to:

  • Prepare for and conduct computer forensics investigations
  • Find and filter data
  • Protect personal privacy
  • Transfer evidence without contaminating it
  • Anticipate legal loopholes and opponents’ methods
  • Handle passwords and encrypted data
  • Work with the courts and win the case

Plus, Computer Forensics for Dummies includes lists of things that everyone interested in computer forensics should know, do, and build. Discover how to get qualified for a career in computer forensics, what to do to be a great investigator and expert...

view wiki



ISBN-10: 0470371919
ISBN-13: 978-0470371916
Author: Linda Volonino
Genre: Computers & Internet
Publisher: For Dummies
© 2015 Lunch.com, LLC All Rights Reserved
Lunch.com - Relevant reviews by real people.
This is you!
Ranked #
Last login
Member since