1/5/2020 0 Comments
Tools in Wide Distribution Computer Forensics in Taiwan Back in the days when all computers are pretty much standalone entities in the world, each unit is self-contained and does not pose much threat. Similarly in politics, when patches of little disgruntle tribal groups here and there are kept in isolation, there was not much threat to a dominating foreign government. However, when the internet becomes available to all computer users around the world, it is like uniting all the little tribal groups under one umbrella and the potential threat is much greater. Now the disgruntled group can pool resources and recruit an army to overthrow the foreign government. The government will react to impose more security measures and bring in more knights and better artillery to maintain order. Similarly, cyber criminals can now have access to the world and can communicate with other criminals across the globe in conspiring against certain institute for whatever purposes. Then internet security communities will impose more secure measures such as network secure configurations (DMZ), honey-pots (traps or bait for the unknowing cyber-criminal), or implement more secure software so that cyber attacks is mitigated. These security measures taken both by the government and the internet security community provide preventive measures, at best. What happens when this line of defense is breached? One can take all the vitamin c to prevent from getting a cold, but what happens on the day when a cold is caught? One goes to the doctor and gets antibiotics and cold medicine to combat the virus; the government will try to bring in more troops to combat the rebellion. However, what of the inter world? That is where computer forensics comes in, to treat/fix the hole and bring the culprit to justice. Therefore, where software security bring forth prevention, computer forensics, incidence response, calls for treatment. What exactly is computer forensics? It is a toolbox of science, which contains tools and methodologies to recover both passwords and deleted data, to analyze network traffic and logon/logoff times, to snoop and sniff out, as undercover agents do, rotten apples in the barrel. Due to the nature of each incident, the nature of the case may be legal, political, business, or technical oriented. Consequently, one could gather how much a computer means in people's lifestyles nowadays. Nevertheless, computer forensics team (aka: incident response team) are popping up around the world, due to the global nature of the internet, which makes it a lot harder for local law authorities to oversea and prosecute local crimes executed remotely outside the country.