Forensics tools such as Guidance Software's EnCase are used by law enforcement, enterprises and national security agencies for data recovery and investigation. As iSEC says in its presentation description, investigators use these tools for a range of functions, such as parsing dozens of different file systems, e-mail databases and dense binary file formats.
"Although the software we tested is considered a critical part of the investigatory cycle in the criminal and civil legal worlds, our testing demonstrated important security flaws within only minutes of fault injection," iSEC says.
iSEC is promising to present what it found after six months of subjecting leading forensics packages to exploitation techniques. The security firm also plans to release new file and file system fuzzing tools created specifically to put forensics software through its paces in the project.