Wednesday, November 30, 2011

Skype in eDiscovery



http://ow.ly/7JIXA

An article by Stuart Clarke on the articles.forensicfocus.com website.

This article discusses forensic collection of data from the Skype video chat, and messaging, internet service.  The article projects that audio electronically stored information will become a more important focus in eDiscovery in the near future, and such collection techniques require specialized strategies.

The article states, "Skype claim that during peak times they have around 20million users online (http://about.skype.com/). This figure is hardly surprising when you consider that Skype runs on a range of popular electronic devices including computers and smart phones. Current versions of Skype support instant messaging (IM), file transfers, SMS, standard speech calls and video calls. Helpfully, Skype records our activities in a non-encrypted form on the local device. Furthermore, the average user rarely disables the logging functionality of Skype. Consequently, all IM conversations, call records and details of file transfers are stored locally, be it a computer hard drive or a mobile device. This might not come as a surprise to many of you, and I expect that most Skype users have at some point noticed you can view your Skype message history at the click of a button."

The article further explains, "Skype records history in various database tables containing countless fields of data, which in honesty is not user friendly and requires the analyst to have some database knowledge. Many of the fields within the database are not of any great interest for an electronic discovery matter. Yet perhaps the real reason this data is ignored is the format of the Skype database file, which is a SQLite database. There are few computer forensic or eDiscovery solutions available to fully index and present the data from a SQLite database in an understandable manner to a non-technical person."  The article goes on to provide advice on how to possibly obtain useful data through specific forensic techniques.

The article also shows how certain collection tools can be used to present graphical representations of communication patterns, particular photos provided through the use of Nuix are provided in the article, and one is presented here below:

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)