*****Digital Evidence and Computer Crime, Second Edition. By Eoghan Casey; published by Elsevier, www.elsevier.com (Web); 688 pages; $69.95.
English Cavalier poets urged people to carpe diem, or “seize the day.” If computer investigators were to have a mantra, it might be “seize the data.” But like seizing the day, the latter may be easier said than done.
Digital evidence is a fleeting thing, and even fully intact computer data can be difficult to use for reasons ranging from technical extraction issues to privacy rights. As a result, the entire forensic process—collecting, preserving, analyzing, and presenting evidence—is highly difficult and prone to case-destroying error.
Fortunately, this second edition of Digital Evidence is available to guide the way. It may not have the same lilt as Cavalier poetry, but author Eoghan Casey’s work will be music to the ears of computer-crime investigators. Remarkably thorough in scope, this book offers something no other textbook does: a stable set of standards to achieve and surpass.
Every conceivable aspect of digital evidence and computer crime is covered in detail. The bits-and-bytes material is cushioned by rich context, with sections addressing the history of computer crime and the methods and mind-sets of computer criminals. With that background in place, Casey examines every practical application of forensic examination, detailing the extraction of evidence from computers running Windows, UNIX, and Macintosh operating systems. One whole chapter is devoted to hand-held devices.
Legal issues get their due as well, which isn’t the case in similar books. Casey explores the complexities of search and seizure, jurisdiction, privacy, and other issues, from both the U.S. and European perspectives.
A CD that comes with the book is valuable as well. It contains simulated case exercises to test students and practitioners before they take their skills to the real world.
Remarkably, given the short lifespan of today’s tech books, this book is likely to have lasting value. Tomorrow’s advances in technology, as well as developments in the law and law enforcement, will easily integrate with the information in this book.
Reviewer: Dan Bergevin is the principal of Catfield International, an intelligence and security firm based in the Salt Lake City, Utah, area.