On Wed, 06 Jun 2007 04:36:08 -0000, =?utf-8?B?SmFzb24gQ29vbWJz?= said: > Until and unless a person has worked for years as a software engineer, and > has studied technical details of information security including the creation > and exploitation of software bugs to force software to do things that it was > never designed to do, there is no way that a person can imagine the precise > technical implications of the sort of scenarios that we encounter in the real > world when law enforcement computer examiners and prosecutors collaborate to > transform a particular bit of data into forensic evidence of guilt to be used > against a person who stands accused of a crime. So I take it that law enforcement computer examiners and prosecutors *do* have the years of experience in software engineering and exploit construction and use, to qualify them to translate a bit of data into forensic evidence of guilt? Since the standard is "innocent until proven guilty", it would seem that the prosecution's interpretation would need to be even *more* technically rigorous that the defense's interpretation. However, the number of district attorneys and detectives that have 10 and 20 years of full-time work experience in computer security is very limited, so one wonders why the court would accept the findings from a prosecution expert that doesn't have the qualifications that you imply a defense expert should have? Also - do you require that all DNA testing be done by a professional with several decades of research in genetics, or do you allow a well-trained technician to do the work?
Attachment:
pgpfPIaPkU2af.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/