NEW BRITAIN - The New Britain police department's computer crime expert was stumped. The state police's lab couldn't help. Even the FBI didn't have the answer.
But Lt. James Wardwell kept searching, trying to find some way to infiltrate a stack of erased rewritable CDs he just knew once contained evidence.
The work broke a cardinal rule of computer forensics: Don't change the original evidence. Unlike working with blood or drugs, where testing destroys a bit of the evidence, investigators in computer forensics are trained to change nothing - they make copies instead. But the computer couldn't read Kaminski's CDs, making them impossible to copy. "In this case, it was either break that taboo or not get anything," said Butler, now the president of the Connecticut chapter of the High Technology Crime Investigation Association.
This kind of hard work and perseverance can only be commended. While the technique that was developed by Special Agent Jim Butler contaminated the evidence by altering it, it did put somebody behind bars that deserved to be there in the first place.
There is just one thing that I wonder about: the article draws an analogy between this technique and analyzing blood samples or DNA material. The techniques used for doing that also destroy some of the evidence. However, a principal difference between blood/DNA sampling versus the techniques developed by Jim Butler is that (in most cases) additional DNA or blood samples can be obtained, so that counter-expertise requests can be honored. Once the CD's have been overwritten with Butler's technique, they originals are gone and unrecoverable.
I wonder if that is a valid argument, in courts.