Tuesday, April 08, 2008

Why the hell is everything so expensive?

I don't usually rant, possibly because I'm not sure I'd be able to stop, but one thing I've noticed is just how incredibly expensive everything is in the world of computer forensics. Not just the usual wallet-draining culprits like high end hardware but other stuff too - software, training, books, software, training... (sorry, I'm starting to repeat myself, I knew this would happen).

I once tried to explain computer forensics to a good friend of mine with little knowledge of technical matters. They said something rather insightful: "So, it's basically just copying stuff and looking at it?" Now, we all know there's more to it than that, but there's a kernel of truth in that statement which leads me to wonder about at least some of the pricing structures out there.

OK, rant over, and to some degree this is an "Aunt Sally". But not entirely...

3 comments:

azrael said...

I was pleasantly suprised the other day upon ordering a load of evidence bags to discover that they weren't subject to the normal "technology tax" that the rest of our forensic equipment is !

It is a significant problem for an independent consultant to fork out for things - but it is one of those great markets - we can't do without them and therefore they can charge what they like ...

stevegibson.com said...

Everything is expensive because the current market will bear it. People would rather pay the money for easy-to-use tools; tools that can be learned and used by people without having a computer science or programming background (like most cops and lawyers).

If a person is dedicated enough and smart enough, practically everything they need to get the job done can be had for free using Linux and open-source software tools. You just have to be willing to walk away from the comfy (but expensive) world of Windows as a forensic workstation platform. I think you also have to be extremely comfortable (like at the level of a senior sysadmin) in the Linux environment before using it as a forensic platform, though, and many people aren't willing to invest the time -- they'd rather pay the money.

Either way is perfectly acceptable. However, I do believe a significant side-benefit to going the Linux/open-source route, and really immersing yourself and thoroughly learning that environment, is that you will end up a more technically proficient and knowledgeable practitioner.

-Steve

Anonymous said...

Well, i think that part of the costs related to the technologies can be avoided using Open Source tools. In my office, for example, we are working with PTK Forensic for the conventional cases. This makes us save money..