Chapter 8. Understanding Information-Hiding Techniques
MOST USERS ARE UNAWARE THAT COMPUTERS CONTAIN large volumes of hidden data. In some cases, normal system use hides this data. In other cases, people deliberately conceal it using various techniques. As discussed in earlier chapters, hidden data includes fragments of deleted e-mail messages, backup copies of word processing files, deleted directory structures, and files reflecting a computer user's Internet browsing history. A careful examination of hidden data may tell a compelling story about document destruction or theft of intellectual property.
You can use a number of techniques to locate and retrieve hidden information. One method is to scan and evaluate alternate data streams. Another ...
Get System Forensics, Investigation, and Response now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.