BURTONS DIGITAL specialists are
industry leaders. Dedicated staff
specialising in law and separate onsite experts
to assist in forensic and technical evaluations. |
Information Technology
(IT) evolves at lightning
pace and as such our experts undertake
regular training and professional
development to ensure that we stay ahead
technological developments and emerging
legislation.
Our personnel are
specialists drawn from
a range of industries. Experts in
Penetration Testing, Network
Communications, e-commerce solutions,
digital forensics, IT Policy and law,
and associated information security
applications - we understand how to turn
complex technical challenges into a
practical and affordable strategy.
Our experts lecture extensively on new
developments in the spheres of
infrastructure architecture and risk
management. In addition, we play an
active role in cutting edge research and
provide input to a variety of leading
Government Working Groups and industry
forums. Our publication, e-Crime
Briefing, keeps
our clients in touch with their
technology and investigations partner.
In addition to education and experience,
our consultants hold the certifications
from leading vendors and training
providers, a badge to our customers that
our services are Best in Class and that
our Clients can rest assured that they
are receiving only the very best
service:
BURTON DIGITAL is proud to be the only
legal firm in the UK that has a representative seat
on the prestigious
Home Office 'Internet
Crime Forum', shaping Government policy
on technology fraud and e-crime. Our principal consultant is also a member of
the Executive Council at the British
Academy of Forensic Science (BAFS).
We believe in using client business
objectives, processes, and corporate
priorities as the initial building
blocks. From here we can work together
to develop a customised strategic and
tactical solution, effective at
technical, operational and executive
levels.
And yet where other firms finish,
BURTONS DIGITAL is only just beginning.
Following our investigative services we use
this exclusive knowledge to keep you
abreast of the latest developments in
the technology and forensics arena. Whether it is a new
data analysis process or the latest case
law that is of relevance to your
proceedings - we'll make sure you
are the first to know and provide expert
instruction on what this means for your
defence.
Our
philosophy is to provide outstanding
service and cost predictability. No
matter what work our clients send to us,
and no matter which of our offices they
use, they can expect the same high level
of service and the same promise of cost
predictability, with 'no surprises'
billing upon the successful conclusion
of assessments.
"We know that the measure of our success
is the success of our clients'
objective. Our collaborative
approach of working with rather than for
clients is one of our distinctive
working styles!"
Ross Patel
Director Forensics, Burtons Digital |
| |
|
 |
MAC Data for Forensics
MAC times are pieces of file
system metadata identifying when certain events
pertaining to a computer file occurred most recently.
The events are usually described as "modification",
"access", and "creation", and commonly used in computer forensics.
Modification time (mtime)
A file's modification time described when the content of
the file most recently changed. Because most file
systems do not compare data written to a file with what
is already there, if a program overwrites part of a file
with the same data as previously existed in that
location, the modification time will be updated even
though the contents did not technically change.
Access time (atime)
A file's access time identifies when the file was most
recently opened for reading. A running program can
maintain a file as "open" for some time, so the time at
which a file was opened may differ from the time data
was most recently read from the file.
Change/Creation time (ctime)
Unix file systems maintain the time when the file's
contents, or certain file metadata such as the file's
permissions or owner, were last changed. Some file
systems also store the time when the file was created
(also called "birth time"); most Unix file systems don't
store the creation time, although some do.
The semantics of creation times is the source of some
controversy. One view is that creation times should
refer to the actual content of a file: e.g. for a
digital photo the creation time would note when the
photo was taken or first stored on a computer. A
different approach is for creation times to stand for
when the file system object itself was created, e.g.
when the photo file was last restored from a backup or
moved from one disk to another. |
|
|
|
