1. Hunchly Evidence Introduction
NOTE: A PDF of this entire guide is available for download here.
This section of the Hunchly knowledgebase is designed to help educate Hunchly users and consumers of Hunchly evidence. The major areas of how Hunchly collects evidence are all covered including potential evidence challenges and attacks against evidence collected by Hunchly.
It is important to note that Hunchly does everything within reason to make sure that evidence is hashed, GPG signed and preserved accurately in an attempt to do our best to ensure no tampering has occurred. However, there are ALWAYS attacks that can be carried out against ANY software that collects and distributes forensic evidence. This is no different than submitting PDF evidence manually, screenshots, or anything else. Because YOU the investigator are in charge of your own data, you will always have the ability to mess with that data.
We believe in security and transparency at Hunchly, which means we are not afraid to disclose what we feel are weaknesses in our own system or ways that the evidence can be challenged. We would much prefer this than you hearing about it while in a witness box in court.
We ask that if you see additional attacks or gaps in how we are handling evidence in Hunchly that you reach out to us so that we can, test, document and disclose those weaknesses.