•  
  •  
 

Publisher

The Association of Digital Forensics, Security and Law (ADFSL)

Abstract

The two most common computer forensics applications perform exclusively on Microsoft Windows Operating Systems, yet contemporary computer forensics examinations frequently encounter one or more of the three most common operating system environments, namely Windows, OS-X, or some form of UNIX or Linux. Additionally, government and private computer forensics laboratories frequently encounter budget constraints that limit their access to computer hardware. Currently, Macintosh computer systems are marketed with the ability to accommodate these three common operating system environments, including Windows XP in native and virtual environments. We performed a series of experiments to measure the functionality and performance of the two most commonly used Windows-based computer forensics applications on a Macintosh running Windows XP in native mode and in two virtual environments relative to a similarly configured Dell personal computer. The research results are directly beneficial to practitioners, and the process illustrates effective pedagogy whereby students were engaged in applied research.

References

“Apple to Use Intel Microprocessors Beginning in 2006” (2005), Apple, Worldwide Developer Conference, June 6, 2005, From http://www.apple.com/pr/library/2005/jun/06intel.html on 6/13/2008.

Carlton, G.H. (2007), A Protocol for the Forensic Data Acquisition of Personal Computer Workstations, ProQuest, Ann Arbor, Michigan, UMI 3251043.

Griffith, E. (2008), “OS Wars: The Battle for Your Desktop”, PC Magazine, Vol. 27, No. 4, March 1, 2008.

Nelson, B., Phillips, A., Enfinger, F., and Stewart, C. (2008), Guide to Computer Forensics and Investigations, 3rd Ed., Thomson, Boston.

Pash, A. (2007), “Build a Hackintosh Mac for Under $800”, Lifehacker, 11/13/2007, http://lifehacker.com/software/hack-attack/build-a-hackintoshmac-for-under-800-321913.php, accessed 6/13/2008.

Volonino, L., Anzaldua, R., and Godwin, J. (2007), Computer Forensics Principles and Practices, Prentice Hall, Upper Saddle River, New Jersey.

DOI

https://doi.org/10.15394/jdfsl.2008.1045

 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.