iSEC last night released our report on issues discovered in The Sleuth Kit and Guidance Software's EnCase Forensic and Enterprise Editions: http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper .v1_1.BH2007.pdf We will send out these bugs in "advisory" format soon. It should be noted that these issues were addressed in version 2.09 of The Sleuth Kit, and most of the EnCase issues (not including our concerns with EnCase Enterprise's cryptographic system) will be mitigated in the upcoming version 6.7 release. Also of interest to those in the forensics community may be this analysis of the impact security flaws can have on the use of computer forensic evidence in civil and criminal proceedings prepared by Chris Ridder of the Stanford Law School Center for Internet and Society. Although we are happy to host his paper, this work is the output of Mr. Ridder and is not officially a publication of iSEC Partners: http://www.isecpartners.com/files/Ridder-Evidentiary_Implications_of_Sec urity_Weaknesses_in_Forensic_Software.pdf I would like to thank Tim Newsham, Chris Palmer, and Jesse Burns for finding these issues. Thank you, Alex
