Forensics Bonanza in Facebook Case

Discussion in 'privacy general' started by LockBox, Apr 3, 2012.

Thread Status:
Not open for further replies.
  1. LockBox

    LockBox Registered Member

  2. Securit

    Securit Registered Member

    Thanks! Very interesting reading!
     
  3. BrandiCandi

    BrandiCandi Guest

    Interesting indeed.
     
  4. syncmaster913n

    syncmaster913n Registered Member

    What I found most interesting in the paper is the fact that the forensics experts were able to extract metadata from files that were erased and overwritten by new data. I thought that doing that without employing very expensive means is not possible?
     
  5. Dogbiscuit

    Dogbiscuit Guest

    Some metadata is stored in the Windows file system and not in the file itself.
     
  6. syncmaster913n

    syncmaster913n Registered Member

    Ah, I see!

    Do you know of any free (or trial) software that can be used to analyze metadata from specific files? They mentioned one in the paper, but it is paid and has no trial. I'd like to see just how much information you can extract this way.
     
  7. Dogbiscuit

    Dogbiscuit Guest

    I can't recommend one, but a search on 'metadata removal tool' showed many.
     
  8. syncmaster913n

    syncmaster913n Registered Member

    Last edited: Apr 15, 2012
  9. chronomatic

    chronomatic Registered Member

    It looks like this guy tried to hide his tracks by reinstalling Windows. He obviously doesn't understand that does nothing to hide most of the data that was on the drive.
     
  10. CloneRanger

    CloneRanger Registered Member

    Eye-opening, Indeed !

    Thanks for posting :thumb:

    It appears he only reinstalled, Without deleting the partions first = Big No No :D
     
Thread Status:
Not open for further replies.