FBI Digital Forensic Examination: A Case Study
https://leb.fbi.gov/2016/january/forensic-spotlight-digital-forensic-examina... Copied below (some/all of the formatting will likely be stripped by the mailing list) *Forensic Spotlight* *Digital Forensic Examination: A Case Study* By John McHenry and Michael Gorn, M.S. 1/6/2016 A 2014 investigation into the distribution of child pornography revealed the identity and geographic location of a suspect. The case expanded to include domestic and international elements and collaboration by multiple law enforcement agencies associated with the Internet Crimes Against Children (ICAC) task force. A Sarasota, Florida, municipality was tasked with the local investigation, which led to the January 2015 arrest of a 34-year-old male. The city requested the assistance of Sarasota County Sheriff’s Office Intelligence Unit digital forensics experts to complete a comprehensive examination of the devices seized during the arrest. The information presented with the case indicated that the suspect was a local commercial and residential painter. *Evidence* Among the items presented for digital forensic examination was a cell phone with a 13+ megapixel camera capable of capturing high definition images. Many of the images captured by and extracted from the phone contained a pixel resolution of 2322 x 4128 and metadata directly linking the photos to the device. During the forensic examination, experts collected evidence to support charges for the possession, manufacture, and transmission of child pornography. The pictures included adult hands and pornographic images of infants. [image: Open quotes] As detectives further enlarged the pictures on the monitor, a high level of detail was witnessed within the fingerprints. In April 2015 Sarasota County Sheriff’s Office detectives, using a 42” high definition monitor, observed a paint-like substance on the hands in the photos, which correlated to the suspect’s trade as a painter. As detectives further enlarged the pictures on the monitor, a high level of detail was witnessed within the fingerprints. After removing the pornographic details, investigators submitted five images to the Sarasota County Sheriff’s Office Fingerprint Unit with a request for analysis. The argument of “some other guy did it” is a common defense in the field of digital forensics because it often is not possible to determine who actually used a device. Therefore, the potential of a fingerprint association becomes vitally important. *Print Examination* A latent print examiner (LPE) received the case and examined the ridge detail present in the images. In one image (figure 1), detail was of sufficient quality and quantity to be identified as the left middle finger of the suspect when compared with fingerprints taken during the jail booking process. Due to the digital image being a reversal of the print on the booking card, the print as visualized in the phone image had to be inverted. *Figure 1* [image: FS figure 1.jpg] This first identification was enough for the state attorney’s office to request a motion to compel the offender to provide major case prints. The office granted the motion, and the LPE went to the courtroom to take the set of prints. Further examination of two digital images from the phone led to identification of the left thumb of the suspect on the major case prints. These images were inverted for comparison. A second qualified LPE verified all identifications. *Trial* Prior to trial the defense counsel successfully argued to have the suspect’s confession suppressed. No faces were present in any images. This made the fingerprint evidence extremely valuable because the suspect could argue that a partner who had the same first name shared a common e-mail account, and the fingers depicted in the images were from the partner. The subject also could claim guilt for possession, distribution, and transmission of child pornography, but not the manufacture. *Conclusion* The identifications made by the latent print examiners proved that the suspect was involved directly in the acts as witnessed in the images recovered by the digital forensic detectives. This conclusive evidence was one piece of the forensic puzzle that assisted the jury in finding the offender guilty of 26 charges, including capital sexual battery; molestation; and possession, distribution, and transmission of child pornography. The offender faces up to life in prison. *Detective McHenry is a certified forensic computer examiner assigned to the digital forensics laboratory of the Sarasota County, Florida, Sheriff’s Office.* *Mr. Gorn is a certified crime scene investigator and supervisor of the forensic services unit for the Sarasota County, Florida, Sheriff’s Office.* The *Bulletin* currently is seeking submissions for its Forensic Spotlight, a department that highlights current and noteworthy developments in the forensic sciences. Articles focus on topics, such as fingerprinting, ballistics, toxicology, paint analysis, document validity, and other laboratory-based technology used in crime solving. Submissions can be sent to*leb@ic.fbi.gov* <https://leb.fbi.gov/owa/redir.aspx?SURL=YpOZ5D9fwGUCND6iaKk_OGoEqHSOET9bweqBXkxl9kzrz4qj9vfRCG0AYQBpAGwAdABvADoAbABlAGIAQABpAGMALgBmAGIAaQAuAGcAbwB2AA..&URL=mailto%3aleb%40ic.fbi.gov> for review and possible publication.
Did anyone ever mention that TV forensic shows like "CSI Wherever" are media-borne federal disinformation operations leading us to believe that LEOs have unlimited time, manpower and money to pursue the 'bad guys', when, if you read the news, you will easily see that most of their operations consist of FABRICATING AND FALSIFYING EVIDENCE. To wit, the "Miracle FARC Computer":
**The "FARC Miracle Laptop" Returns To Discredit The New Left-leaning Governor Of Guerrero Mexico**
It’s a MIRACLE! (Like an image of Jesus in a slice of french toast)
Did you know the INTERPOL report stated the FARC computer had been tampered with? (also this NACLA report) The western media knew, and LIED about it.
Now The “FARC Miracle Laptop” Returns To Discredit The New Left-leaning Governor Of Guerrero Mexico.
There’s also the Iranian “Computer of Death” and recently, the ISIS “Computer of Doom” (See this post)
As the vicious moron who was recently prezident said “Fooled me once…”
Lottsa Links @ http://auntieimperial.tumblr.com/post/101872219239/
On Wed, 6 Jan 2016 14:55:04 -0500 Michael Best <themikebest@gmail.com> wrote:
https://leb.fbi.gov/2016/january/forensic-spotlight-digital-forensic-examina... Copied below (some/all of the formatting will likely be stripped by the mailing list)
What, exactly, is your point?
juan wrote:
On Wed, 6 Jan 2016 14:55:04 -0500 Michael Best <themikebest@gmail.com> wrote:
https: //leb.fbi.gov/2016/january/forensic-spotlight-digital-forensic-examination-a-case-study Copied below (some/all of the formatting will likely be stripped by the mailing list) What, exactly, is your point?
That the FBI and Sarasota PD were capable of enlarging an already hi-def image of a fingerprint and comparing it to print taken at the suspect's booking. Really. NOT. 'rocket science'. -- RR "You might want to ask an expert about that - I just fiddled around with mine until it worked..."
On Wed, 6 Jan 2016 14:55:04 -0500 Michael Best <themikebest@gmail.com> wrote:
https://leb.fbi.gov/2016/january/forensic-spotlight-digital-forensic-examina...
https://en.wikipedia.org/wiki/Parallel_construction https://www.eff.org/deeplinks/2013/08/dea-and-nsa-team-intelligence-launderi... You're welcome.
participants (3)
-
juan
-
Michael Best
-
Rayzer