Fur Over Forensics Software Can Be Hacked Report

The fur is flying over a presentation, planned for Black Hat in Las Vegas Aug. 1, that security firm iSEC says will demonstrate how easy it is to break forensics software. Forensics tools such as Guidance Software's EnCase are used by law enforcement, enterprises and national security agencies for data recovery and investigation. As iSEC […]

The fur is flying over a presentation, planned for Black Hat in Las Vegas Aug. 1, that security firm iSEC says will demonstrate how easy it is to break forensics software.

Forensics tools such as Guidance Software's EnCase are used by law enforcement, enterprises and national security agencies for data recovery and investigation. As iSEC says in its presentation description, investigators use these tools for a range of functions, such as parsing dozens of different file systems, e-mail databases and dense binary file formats.

"Although the software we tested is considered a critical part of the investigatory cycle in the criminal and civil legal worlds, our testing demonstrated important security flaws within only minutes of fault injection," iSEC says.

iSEC is promising to present what it found after six months of subjecting leading forensics packages to exploitation techniques. The security firm also plans to release new file and file system fuzzing tools created specifically to put forensics software through its paces in the project.

Full Article

Forensics Software, Hack, Hacking, Intrusion, iSEC, BlackHat, Las Vegas, Event, Security, Security Conference, Conference, Tech News