Book Review: Python Forensics

Python ForensicsI’ve been teaching myself Python because of the ease of learning, economy of syntax and relevance to law in the blockchain.  After a beginner Codecademy class, I chose Chet Hosmer’s Python Forensics: A Workbook for Inventing and Sharing Digital Forensic Technology to help hone my skills. I like Python Forensics because of its emphasis on creating software models that withstand Daubert scrutiny for scientific evidence admissibility in court.

Hosmer presents the book as an open source cookbook for financial data analysis tools. He notes that open source tools are particularly useful for litigation because they are created and tested in the public domain: sites like Github, etc. do an excellent job of peer-reviewing software. This is important because a testifying data analyst must explain not only her evidentiary conclusions but her methodology. Hosmer emphasizes admissibility by creation of transparent, explainable models for each of his programs.

Python Forensics provides recipes for creating forensic data analysis models: hashing, searching, indexing and extracting data, as well as natural language programming, multiprocessing and cloud computing. Each model includes a line-by-line explanation of the code in English and a complete version of the program. The recipes work like form litigation pleadings — copy a program and it will likely work, but it can be infinitely modified to suit the user’s purpose.

Python Forensics is beginner-friendly and includes instructions on downloading Python.

Chet Hosmer, Python Forensics: A Workbook for Inventing and Sharing Digital Forensic Technology, Elsevier, 2014.