Work done by law enforcement professionals to unlock the secrets left on a computer by a criminal is becoming standard front-page fare; witness the recent speedy investigation and arrest of an 18-year-old German youth charged with creating the devastating Sasser worm. As cutting-edge as such investigations seem, the basics of digital evidence collection go back to the late 1940s with mathematical formulas that distilled information into binary code.
The history and basics of computer forensics are laid out in "Computer Forensics: Characteristics and Preservation of Digital Evidence," an article by FBI computer forensic examiner Loren D. Mercer in a recent issue of the FBI Law Enforcement Bulletin. In the article, Mercer starts with the basics, explaining the binary digits, or bits, that are at the heart of computer data, and then explains why the hexadecimal system is needed to represent 26 letters and 10 numbers. Mercer also discusses the preservation of computer forensic evidence and breaks down federal rules of evidence that relate to digital data.
@ Link to the article by visiting SM Online.