- Impact
- 72
Dear fellow NP'ers,
I'm currently at University in the UK studying a bachelor's degree in Digital Forensics, over the last few years I've come to learn some interesting points regarding how your data is stored on devices and how secure that "delete" button really is?! So I thought I'd share a few...
1) If you use Windows Vista or 7 (Business, Ultimate or Enterprise edition), assuming your system hasn't had it disabled at some point, windows will keep a "copy of previous files", simply Right Click on a file-> Properties->Previous Versions.
2) Up to 3500 file changes can take place just by pressing the power button on your device!
3) Facebook Chat history can be rebuilt using a systems Internet Cache
4) If you use a mobile phone (other than smartphones) and delete a message from your SIM cards memory, the message remains in storage, the status of the message is simply changed (until the maximum amount of stored deleted messages is reached)
5) The renowned thumbs.db - ever deleted a photo? well here's the bad news, most Windows systems will store a thumbnail version of that image in a file known as thumbs.db, this technique has been used a lot by the FBI.
6) One strange but true scenario is that if someone is caught taking part in illegal activity for example they could be "sending a death threat to someone via email", if the individual is arrested and they give law enforcement the login details for their email account (e.g. gmail) law enforcement are not allowed to login to the account without gaining permission from the provider in advance (e.g. gmail)
Well that's it, of course these are only based on my finding from guest lecturers from members of UK Cyber Crime Units and the final point may be different in other countries.
Best Regards,
:hehe:
I'm currently at University in the UK studying a bachelor's degree in Digital Forensics, over the last few years I've come to learn some interesting points regarding how your data is stored on devices and how secure that "delete" button really is?! So I thought I'd share a few...
1) If you use Windows Vista or 7 (Business, Ultimate or Enterprise edition), assuming your system hasn't had it disabled at some point, windows will keep a "copy of previous files", simply Right Click on a file-> Properties->Previous Versions.
2) Up to 3500 file changes can take place just by pressing the power button on your device!
3) Facebook Chat history can be rebuilt using a systems Internet Cache
4) If you use a mobile phone (other than smartphones) and delete a message from your SIM cards memory, the message remains in storage, the status of the message is simply changed (until the maximum amount of stored deleted messages is reached)
5) The renowned thumbs.db - ever deleted a photo? well here's the bad news, most Windows systems will store a thumbnail version of that image in a file known as thumbs.db, this technique has been used a lot by the FBI.
6) One strange but true scenario is that if someone is caught taking part in illegal activity for example they could be "sending a death threat to someone via email", if the individual is arrested and they give law enforcement the login details for their email account (e.g. gmail) law enforcement are not allowed to login to the account without gaining permission from the provider in advance (e.g. gmail)
Well that's it, of course these are only based on my finding from guest lecturers from members of UK Cyber Crime Units and the final point may be different in other countries.
Best Regards,
:hehe:
