Computer Forensics and Social Networking Sites

Posted on | April 20, 2010 | No Comments

SANS Computer Forensics Blog has a post about some interesting data that can be gleaned from social networking sites like Facebook, Twitter, etc.  This data will be more and more frequently targeted by law enforcement due to users’ lack of awareness regarding the privacy of their own data.  One public Facebook page, for example, can show plenty of information regarding a suspect (known associates, contacts, family, etc.), but once you layer information from multiple Facebook pages, you can create a much more detailed web of information regarding what could be an entire crime ring.  No warrants are needed, and scraping data from Facebook pages is unlikely to draw any attention to an investigation – that data is already out in the open!

Most modern sites that allow you to associate with other users (whom you probably know in real life) is ripe for plucking data from.  Often enough, this data is freely accessible and no type of warrant is needed – unless you’ve taken steps to actively restrict your Twitter account, for example, anyone with enough curiosity can find every Tweet you’ve sent, and every Tweet that has been directed at you.

When using social media for anything, treat everything as if everyone is watching.  Better yet, imagine your own grandmother reading back some of your forum posts to you…that’ll at least help you mind your manners on anonymous internet message boards!

Of course, email is slightly more secure, though there are procedures that law enforcement officials can take to get records of your email accounts as well, but those often require a warrant and are more time-consuming.  And of course, your own physical machine will be examined by a computer forensics expert in the event of a seizure, but you already know how to defend against that, right?

The point of this meandering post is to remind you that digital forensics is about more than just reading the bits off of a drive.  It’s about conducting an investigation, and often good information can be obtained much more easily than through traditional methods such as hard drive imaging.

Comments

Recent Posts

• Uses of Computer Forensics
• Cellebrite UFED and Cell Phone Forensics
• Google-Motorola acquisition
• Updated the glossary
• Full-Disk Encryption comes to Android
• Information Security – Protecting your business online
• DEFT Linux 6 coming soon
• Digital Copiers as a Forensic Utility
• Cybersecurity Paper from Harvard National Security Journal
• SANS Blog Survey Results

Tags

Android antivirus attorney client privilege Autopsy celebrity Computer Forensics computer security Cyber Crime data recovery DEFT digital evidence disk image drive-by download encryption expectation of privacy facebook firefox Google Guymager hard drive failure law enforcement lawsuit linux Live CD malware mcafee MFT Nessus noscript online banking Ophcrack Password security phishing SANS scam SIM card Sleuthkit social media social networking svchost.exe tax return twitter Webmail workplace yahoo mail

Categories

• Android
• Cell Phone Forensics
• Computer Forensics
• computer security
• Encryption
• Evidence Analysis
• GPS
• Internet Privacy
• iPhone

Archives

• November 2011
• September 2011
• August 2011
• March 2011
• February 2011
• January 2011
• November 2010
• October 2010
• August 2010
• July 2010
• June 2010
• May 2010
• April 2010
• March 2010

Blogroll

• Ediscovery Trends
• SANS Computer Forensics Blog