With the coming up of Internet era, the way of finding information
has become much easier. There are many web browsers available in the way for
searching the information and one such browser is Opera Mini. Opera Mini is the
faster browser found in Smartphones, Mobile phones and in PDAs. It is of free
and available along with the mobile phones and is found as the most used web
browser in phones.
The Opera has the capability of plugging different search
engines and the default ones are Google and Wikipedia. The browser has the
facility to manage the tasks such as; emailing, downloading from BitTorrent,
surfing the web feeds, etc.
The outstanding feature of Opera is that, it is unaffected even
when your operating system fails or when the power failure occurs. When you get
back, you can see the search files or the pages as it is. Opera is a powerful
browser since when the viruses were written for the Internet Explorer, it did
not affect the Opera at all. Opera was uninfected from such viruses or
malwares.
When talking about the Opera Browser Forensics point, the
investigators can find the file located at the locations;
In XP:
In Windows 7 and Vista:
Where To Find
History?
The investigators can get the history record of the suspects from
the named file “global_history.dat”. These will reveal out;
Visited timestamps both Unix and GMT
URL
Window titles
And for finding the search history, the investigator has to see
the XML file named as; “search_field_history.dat”.
The agents can get the evidence related to the culprit by searching
the information from the last session, which the suspect has searched at last.
The last session feature of the browser expands the number of the URLs the
person has searched and the windows opened. It can also help to reinstate the
last session before crash and that too from the file “autosave.win”.
The manually entered URLs can be retrieved from the
“typed_history.xml” file of the opera browser and helps in getting the URLs
that are typed by the suspects; leading to the evidence, if found any. The
format followed is;
According to the entry in the ‘type’, the finder gets to know
whether the URL is manually done or by autocomplete. If the field corresponding
to ‘type’ contains type means; it’s
manual else, if has selected means;
done by the autocomplete of the Opera.
Why do the
investigators go for the web browsers first in search of evidences? What is
there as so important? These are some of the questions that need some
clarification.
As mentioned above about the Internet era, all the crimes are more
or less related with the internet. Here are few reasons for the need of web
browser forensics.
Need Of Web Browser Forensics
Some of the inevitable reasons are;
ü
All most all use web browsers
ü
Use browsers for hiding the crimes
ü
Finds the methods to prepare the crime from web
ü
Some evidences can be found from web mails
Since most of us use emails to share the information, there is a
spot for email forensics too. Opera provides email option through Opera Mail,
supports POP3 and IMAP, has contact manager, etc. How it leads the investigation?
How Email Guides the Investigation?
Emails under the Opera Mails are stored in .mbs files and you can
see each is stored to a single file with the attachments.
Located at:
For the investigation, one has to open the MBS file and these
files are more or less similar to the MBOX file format. This enhances an easy
way of opening the file using any Mbox support application. Thus, if there are
only files left out; one can open the file.
Spam Filtering:
Opera Mail supports filtering of spammed emails and arranges the
mails in-order. It makes the work effortless. The delivered mails are stored in
a single database with automatic indexing. It automatically shows the unread
view, if any and enables you to retain the spammed mails if needed. The spam
filter checks out daily for the spammed mails by checking the name of the
company, email addresses, etc. follows Bayesian Statistics and filters the
emails. This statistics is done by regularly keeping an eye on the unread
emails, deleted mails, etc. and marks the upcoming emails as spam. But, it is
not an efficient method.
Observations
Surfing the web in phones are easy with the Opera mini. It is a
free browser seen in all phones and is the fastest browser found in Smartphones
as well. The investigation with forensics has become an inevitable part of a
case diary. You can find many tools helping in the investigation purpose in
precise manner.
No comments:
Post a Comment