Is Error Level Analysis (ELA) in image forensics a reliable indicator for detecting digital modifications?

I’m reading about Error Level Analysis (ELA) in image forensics as means to detect if modifications were made to a photo. ELA is nicely described here: https://fotoforensics.com/tutorial.php?tt=ela. Also below examples are from that site.
Continue reading Is Error Level Analysis (ELA) in image forensics a reliable indicator for detecting digital modifications?

What Graykey Can and Can’t Unlock

This is from 404 Media:

The Graykey, a phone unlocking and forensics tool that is used by law enforcement around the world, is only able to retrieve partial data from all modern iPhones that run iOS 18 or iOS 18.0.1, which are two recently released versions of Apple’s mobile operating system, according to documents describing the tool’s capabilities in granular detail obtained by 404 Media. The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1, which was released on October 28.

More …

Continue reading What Graykey Can and Can’t Unlock

Can Benford’s law be used for the purpose of detecting deviations in a file metadata dates?

Considering the metadata such as creation and modification datetimes of files in terms of computer forensics. If tampering of such metadata date information is expected, can Benford’s law be used to proof or disprove the act of metadata al… Continue reading Can Benford’s law be used for the purpose of detecting deviations in a file metadata dates?

How can you trust a forensic scientist to have maintained the chain of custody?

I have been reading about the chain of custody in cybersecurity-related forensics and I wonder how you can be so sure the forensic scientist made their job right and they are not a malicious actor.
I have a specific scenario in mind, let’s… Continue reading How can you trust a forensic scientist to have maintained the chain of custody?

Your “DNA-shedder” status could be crucial in crime scene investigations

If you’ve ever watched CSI, you’ll know that suspects frequently leave incriminating traces of their DNA behind at crime scenes. According to a recent study, however, the telltale amount of that genetic material could also point to a person’s guilt or … Continue reading Your “DNA-shedder” status could be crucial in crime scene investigations

Is it possible to repair a corrupted partition table of a Bitlocker encrypted disk? [migrated]

Assuming a disk was full-disk encrypted using Bitlocker and the partition table is corrupted or entirely missing. Is it possible in any way to recover from this, given that the original Bitlocker password and Bitlocker recovery key are ava… Continue reading Is it possible to repair a corrupted partition table of a Bitlocker encrypted disk? [migrated]

How to properly determine if an Bitlocker encrypted disk has a corrupted partition table? [migrated]

Background: A Bitlocker encrypted hard disk (5TB WD Elements HDD USB) was accidentally wiped partially using the wiping tool Eraser Classic Portable (using the US DoD 7 passes method). The wiping only went on for a few minutes (max. 5 min… Continue reading How to properly determine if an Bitlocker encrypted disk has a corrupted partition table? [migrated]