The impact of Microsoft´s Windows 7 on computer forensics examinations

Windows 7 is a new operating system and, like any new technical environment, it has notable implications for computer forensics examiners. The impact of this new operating system will not be as dramatic as the move from Windows XP to Windows Vista. However, changes to this operating system mirror many changes in consumer usage of technology and present both opportunities and challenges for investigators. Arguably, the most important challenge to computer forensics examiners is access to the suspect´s files on a computer. The introduction of BitLocker, which debuted with Microsoft´s Vista operating system, provided a major barrier to investigators because this encryption tool could encrypt at the file, folder or drive level. Further advances to this tool in Windows 7 create even greater barriers to access; Microsoft´s BitLocker To Go now goes beyond just hard drive encryption but also encrypts a system´s associated devices. This research will also identify changes, which were introduced with Windows 7, and in response to a shift in consumer demand. The most notable shift in consumer demand, found by the authors of this research, is in Microsoft´s integrated touch-screen capabilities.