Counter-Forensics, or Computer Anti-Criminalistics.
Counter-Forensics, or Computer Anti-Criminalistics.
In this section, we will consider measures against forensic analysis, and specifically, this chapter will be an overview where we will go through tasks and solutions.
There are three main methods of counteracting forensic analysis:
- Protection (encryption)
- Concealment (steganography)
- Destruction
Encryption and steganography are discussed in separate chapters, and before starting to study counter-forensics techniques, you should already have a encrypted hard drive, you should know how to create crypto-containers, be aware of methods for breaking them, and of course, be familiar with methods of disguising crypto-containers. It would also be good to get acquainted with methods for creating secure passwords, which discuss recommendations regarding protection against forensic analysis.
Encryption is generally a reliable method, provided that you encrypt the system, create crypto-containers within it, and follow these recommendations. However, sometimes the mere use of crypto-containers can lead to legal issues. We discussed these cases here and https://book.cyberyozh.com/ru/sposobyi-vzloma-kriptokontejnerov/