The Association of Digital Forensics, Security and Law (ADFSL)
The two most common computer forensics applications perform exclusively on Microsoft Windows Operating Systems, yet contemporary computer forensics examinations frequently encounter one or more of the three most common operating system environments, namely Windows, OS-X, or some form of UNIX or Linux. Additionally, government and private computer forensics laboratories frequently encounter budget constraints that limit their access to computer hardware. Currently, Macintosh computer systems are marketed with the ability to accommodate these three common operating system environments, including Windows XP in native and virtual environments. We performed a series of experiments to measure the functionality and performance of the two most commonly used Windows-based computer forensics applications on a Macintosh running Windows XP in native mode and in two virtual environments relative to a similarly configured Dell personal computer. The research results are directly beneficial to practitioners, and the process illustrates effective pedagogy whereby students were engaged in applied research.
“Apple to Use Intel Microprocessors Beginning in 2006” (2005), Apple, Worldwide Developer Conference, June 6, 2005, From http://www.apple.com/pr/library/2005/jun/06intel.html on 6/13/2008.
Carlton, G.H. (2007), A Protocol for the Forensic Data Acquisition of Personal Computer Workstations, ProQuest, Ann Arbor, Michigan, UMI 3251043.
Griffith, E. (2008), “OS Wars: The Battle for Your Desktop”, PC Magazine, Vol. 27, No. 4, March 1, 2008.
Nelson, B., Phillips, A., Enfinger, F., and Stewart, C. (2008), Guide to Computer Forensics and Investigations, 3rd Ed., Thomson, Boston.
Pash, A. (2007), “Build a Hackintosh Mac for Under $800”, Lifehacker, 11/13/2007, http://lifehacker.com/software/hack-attack/build-a-hackintoshmac-for-under-800-321913.php, accessed 6/13/2008.
Volonino, L., Anzaldua, R., and Godwin, J. (2007), Computer Forensics Principles and Practices, Prentice Hall, Upper Saddle River, New Jersey.
Carlton, Gregory H.
"An Evaluation of Windows-Based Computer Forensics Application Software Running on a Macintosh,"
Journal of Digital Forensics, Security and Law: Vol. 3
, Article 3.
Available at: http://commons.erau.edu/jdfsl/vol3/iss3/3