Many PC users understand that hitting the delete button doesn’t necessarily make every document on a hard drive evaporate.
It won’t kill everything you might think is stored on the Internet either, says a Canadian security company.
JADsoftware Inc. made that claim this week as it announced its upcoming version 5.0 of its Internet Evidence Finder (IEF), a tool for national security agencies, police departments, forensic accounting companies and enterprises to scour Windows-based computers for potential evidence of wrongdoing.
Other investigative software looks for Word documents, spreadsheets or databases, but browser histories, Twitter postings and Web mail messages – anything Internet-related — are IEF’s specialty.
“Not only do we know where to look for that information once the user has deleted it, but we have the ability to recognize things like chat conversations or email within a bunch of raw data,” says CEO Adam Belsher.
They may think that once they’ve deleted their email or Gmail or Facebook chat they’re safe, he said. “But chances are there’s some footprint left on the hard drive and we’re able to understand where that’s being stored and what it is.”
IEF comes on a dongle that plugs into a USB port on a device, then does its work.
The $999 Standard Edition can scrub most hard drivers overnight, Belsher said. A new $1,299 Triage Edition can do a quick scan in about 15 minutes.
Belsher says IEF is used by the RCMP, the FBI, the U.S. Department of Homeland Security and other agencies and investigators in 90 countries.
Version 5, to be released Jan. 30, is up to 20 per cent faster than the previous version, the company says. New is the ability to probe for artifacts from Google+, Skype, World of Warcraft and such peer-to-peer file sharing applications Torrent, Ares, eMule and Shareaza.
It now also searches entire logical and physical drives, and will find .E01/dd images. Reporting has also been improved.
“It’s a pretty big leap forward for us,” said Belsher.
Based in Waterloo, Ont., the seven-member company was founded in 2009 by former Waterloo Regional Police forensic investigator Jad Saliba, who is now JADsoftware’s CTO.
Belsher is a former Research In Motion vice-president who met Saliba through a mutual friend and joined the firm.
IEF is sold direct, although the company is starting to canvas for solution providers. It already has one in the Toronto area in Net Cyclops Inc. of Mississauga.