- “Computer Forensics deals with the preservation, identification, extraction and documentation of computer evidence.”*
- “Computer forensics has also been described as the autopsy of a computer hard disk drive because specialized software tools and techniques are required to analyze the various levels at which computer data is stored after the fact.”*
- Recovering Information the naked eye can no longer see.
The description above should demonstrate that a HDD is a sophisticated software and hardware device combining electronic and mechanical parts and utilizing the most recent achievements of microelectronics, micromechanics, automatic control theory, magnetic recording theory, and coding theory. HDD repair is impossible without specialized knowledge, special equipment, instruments and tools, and without a specifically equipped location (clean room). However, an expert in computer hardware can perform primary diagnostics of HDD and repair simple failures, perform operations over BAD sectors using software offered by HDD manufacturers.
In the absence of special diagnostic equipment and software HDD diagnostics should begin with connection…
With all the complications HDD manufacturers are constantly trying to make user data storage more reliable. To accomplish that they use various methods and technologies in their drives. 
Figure 5. Control circuit of spindel of HDD (family WDAC 32500 and WDAC 33100)
S.M.A.R.T. (abbreviated Self-Monitoring, Analysis, and Reporting Technology) is intended to inform hard drive users about the status of its main parameters. Many motherboard BIOSes support analysis of those parameters at computer power-up and if some critical parameter exceeds its emergency limit an informational message is displayed during computer start-up. Of course, it does…
EnCase Forensic is the industry standard in computer forensic investigation technology. With an intuitive GUI, superior analytics, enhanced email/Internet support and a powerful scripting engine, EnCase provides investigators with a single tool, capable of conducting large-scale and complex investigations from beginning to end. Law enforcement officers, government/corporate investigators and consultants around the world benefit from the power of EnCase Forensic in a way that far exceeds any other forensic solution.
-Acquire data in a forensically sound manner using software with an unparalleled record in courts worldwide.
-Investigate and analyze multiple platforms — Windows, Linux, AIX, OS X, Solaris and more…
”Nothing is eternal” – that expression applies also to hard disk drives. No matter how reliable a HDD is still it is degraded with time by destructive processes.
First, a drive is a mechanical and electronic device but all mechanical parts gradually wear out. With time connections between mechanical parts become slack. Numerous ascensions and descents of magnetic heads which occur during each start and stop of magnetic disk rotation destroy the protective layer coating the heads. However, modern manufacturing technology guarantees rather long life for hard drives. Thus, according to the information from the…
Considerable part of disk space in modern drives is hidden from users; it contains service data and an area reserved for substitution instead of defective sectors in a HDD. In normal operation mode it is accessible by drive microcontroller only. Users may access the working area frequently called logical disk space and it is exactly the same capacity as the value indicated in the characteristics of a certain model. Access to the working area represented by a continuous chain of logical sectors is performed in LBA notation from 0 to N. Connection between the logical disk space and physical disk…
