![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
How Online Criminals Make Themselves Tough to Find, Near Impossible to Nab -- Good article on computer forensics and its limitations.
Despite all that, casting doubt over evidence is just a secondary benefit of antiforensics for criminals. Usually cases will never get to the legal phase because antiforensics makes investigations a bad business decision. This is the primary function of antiforensics: Make investigations an exercise in throwing good money after bad. It becomes so costly and time-consuming to figure out what happened, with an increasingly limited chance that figuring it out will be legally useful, that companies abandon investigations and write off their losses. Business leaders start to say, I cant be paying $400 an hour for forensics that arent going to get me anything in return, says Liu. The attackers know this. They contaminate the scene so badly youd have to spend unbelievable money to unravel it. They make giving up the smartest business decision.
Pretty sobering stuff.
