NCJ Number
249677
Date Published
January 2016
Length
4 pages
Annotation
This article from TECHBeat, January 2016 describes the features of a recent upgrade of the software called “Field Search,” which assists investigators in identifying and reporting potential evidence in computer-related crimes and probation/parole violations.
Abstract
The National Law Enforcement and Corrections Technology Center (NLECTC) began providing Field Search as free software to qualified professionals in 2006. It was initially used by probation and parole agents as a non-technical tool that examines the contents of client computers in the field. The current article focuses on the most recent update (5.0), which was released in early January 2016. Field Search enables users to quickly search a target computer and create a detailed report of the findings. The software can be launched from a USB drive and works live on a suspect’s computer to find potential evidence, such as Internet histories, images, multimedia files, and results from text searches. Version 5.0 software has been recompiled, recoded, and rebuilt to improve its compatibility with today’s hardware and software. One of the most significant upgrades for users is an expansion of the keyword search function to include capability to search for a word or phrase in any language. A second major upgrade adds chat history tools that enable users to examine activity for Skype, Windows Live, ICQ, and Yahoo Messenger. This tool provides information on the person receiving a message from the computer, what the message said, and when it was sent. Also added is a search function that enables scanning a drive for hits against HASH sets, which provides a virtual “fingerprint” of a computer file. Field Search has been made fully compatible with Windows 8 and 10, as well as the current versions of Internet Explorer, Edge, Opera, Chrome, and Mozilla/Firefox.
Date Published: January 1, 2016