In message <[EMAIL PROTECTED]>, [EMAIL PROTECTED] writes: > > In message <[EMAIL PROTECTED]>, "Daniel O'Connor" > > writes > > Only evidence collected by a forensic analysis tool > > is admissible in court. > > Not necessarily true. Log data that is routinely collected can be > admissible. Though, log data that you collected starting when you > suspected there was something amiss will not be.
That is true for logfiles, however Canadian law requires a filesystem analysis tool. As little as fiveyears ago taking a DD dump of a device was admissible but I've been told by the RCMP that a forensic analysis tool is now required. I've been told that this is also true of US law. I'm not sure about British or European law. Unfortunately taking people to court over hacking is difficult but not impossible. Police forces are becoming more receptive to the idea and tools which have been admitted in court previously make the job of preparing a successful case easier. Cheers, Cy Schubert <[EMAIL PROTECTED]> Web: http://www.komquats.com and http://www.bcbodybuilder.com FreeBSD UNIX: <[EMAIL PROTECTED]> Web: http://www.FreeBSD.org BC Government: <[EMAIL PROTECTED]> "Lift long enough and I believe arrogance is replaced by humility and fear by courage and selfishness by generosity and rudeness by compassion and caring." -- Dave Draper _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
