Posted by Corrine in Security
Yesterday, Brian Boyko of Network Performance Daily published commentary by the forensic examiner who provided information on his analysis of the infected computer as well as his courtroom experience. The anticipated article by Detective Lounsbury, expected today, has been delayed while information in the article is double-checked.
In the meantime, Mr. Boyko spoke with Steve DelGiorno, the CEO of ComputerCOP software, which makes some of the forensic software used in this case. In that conversation, Mr. DelGiorno stated that it is not the function of ComputerCOP software to determine the cause of files being on a computer, rather merely to locate existing, hidden and even deleted files and images.
In my opinion, Mr. DelGiorno’s description of the purpose and use of ComputerCOP software further substantiates Mr. Horner’s comment made in reference to the malware uncovered during his examination of the computer:
“Out of the 42, 27 were accessed or modified days if not a month before October 19, 2004.”
I will be looking forward to reading Detective Lounsbury’s article tomorrow followed by a news-analysis editorial concluding the Network Performance Daily coverage of the Amero case on Thursday.