RE: Re: Guidance Software response to iSEC report on EnCase

["Alex Stamos" <alex () isecpartners com>]

iSEC last night released our report on issues discovered in The Sleuth
Kit and Guidance Software's EnCase Forensic and Enterprise Editions:
http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper
.v1_1.BH2007.pdf

We will send out these bugs in "advisory" format soon.  It should be
noted that these issues were addressed in version 2.09 of The Sleuth
Kit, and most of the EnCase issues (not including our concerns with
EnCase Enterprise's cryptographic system) will be mitigated in the
upcoming version 6.7 release.  

Also of interest to those in the forensics community may be this
analysis of the impact security flaws can have on the use of computer
forensic evidence in civil and criminal proceedings prepared by Chris
Ridder of the Stanford Law School Center for Internet and Society.
Although we are happy to host his paper, this work is the output of Mr.
Ridder and is not officially a publication of iSEC Partners:
http://www.isecpartners.com/files/Ridder-Evidentiary_Implications_of_Sec
urity_Weaknesses_in_Forensic_Software.pdf

I would like to thank Tim Newsham, Chris Palmer, and Jesse Burns for
finding these issues.

Thank you,
   Alex