|
HEROIN - FENTANYL MIXTURES IN CLEVELAND, OHIO
[Editor’s Notes: The levels of fentanyl in these exhibits are unusually high. According to the analyst, approximately 10 recent drug overdose deaths in the Chicago, Illinois area were possibly due to similar heroin - fentanyl mixtures (not confirmed, pending autopsy results).] * * * * * - INTELLIGENCE ALERT - ECSTASY TABLETS CONTAINING CAFFEINE, MDMA, AND KETAMINE, OR CAFFEINE, MDMA, AND METHAMPHETAMINE, IN OAKLAND, CALIFORNIA
The Oakland Police Department Crime Laboratory (California) recently received a polydrug submission including marijuana, cocaine base, and six blue tablets with a "thumbs up" logo, suspected MDMA (see Photo 2). The exhibits were seized in Oakland by the Oakland Police Department pursuant to a reckless driving arrest. The tablets were round, 9 millimeters diameter x 4 millimeters thickness, and weighed approximately 310 milligrams each. Analysis by GC/MS indicated a mixture of caffeine, MDMA, and ketamine (not formally quantitated, but in an approximate 10 : 9 : 1 ratio). This is the first submission of mixed caffeine/MDMA/ketamine tablets to the laboratory. However, the laboratory has previously received several separate submissions of yellow "thumbs-up" logo tablets (8 millimeters diameter x 5 millimeters thickness, and also approximately 310 milligrams each) that GC/MS analysis indicated contained caffeine, MDMA, and methamphetamine (in an approximate 11 : 8 : 1 ratio; see Photo 3). [Editor’s Note: Subsequent to the initial submission of this Intelligence Alert, the laboratory received a plastic bag containing 24 of the blue caffeine/MDMA/ketamine tablets and 13 of the yellow caffeine/MDMA/methamphetamine tablets (no further details). The analyst in this case also suggested that the logo could be viewed as a "thumbs-down" logo. It has also been (less commonly) referred to as the "hitchhiker" logo.]
* * * * * - INTELLIGENCE ALERT - ECSTASY TABLETS CONTAINING ASPIRIN AND MDA IN FORT LAUDERDALE, FLORIDA
The Broward Sheriff's Office Crime Laboratory (Fort Lauderdale, Florida) recently received 200 blue tablets with a heart logo, suspected MDMA (see Photo 4). The tablets were seized by the Fort Lauderdale Police pursuant to a traffic stop in Fort Lauderdale. Analysis of the tablets (total net mass 50.28 grams) by GC/MS, however, indicated not MDMA but rather aspirin and 3,4-methylenedioxyamphetamine (MDA), the latter possibly as the acetate salt. A secondary analysis following derivatization with heptafluorobutyric anhydride (HFBA) confirmed MDA. The tablets were not formally quantitated, but were estimated to contain between 15 and 50 milligrams of MDA each. The laboratory has seen these same tablets on several previous occasions, but this was the largest submission of them to date. [Editor’s Notes: According to the analyst, the "acetate salt" was likely an artifact resulting from the presence of aspirin (however, N-acetyl-MDA was not identified). The analyst also suggested that the "heart" logo was a special marketing tactic, as the various submissions of these tablets occurred around Valentine’s Day.] * * * * * - INTELLIGENCE ALERT - COCAINE HYDROCHLORIDE EMBEDDED ON PLASTIC IN BALTIMORE, MARYLAND
The DEA Mid-Atlantic Laboratory (Largo, Maryland) recently received a large number of plastic strips (not counted) with a brown substance either embedded into or affixed onto them, suspected heroin (see Photo 5). The strips were mailed from Trinidad, and were seized by U.S. Customs personnel in Baltimore. The strips (total net mass 405.6 grams) were of varying sizes, the largest being approximately 4 x 8 inches and the smallest being approximately 0.5 x 3 inches. Some of the strips were partially packaged in incense packaging, but most were loose in the box, and the mailing information did not mention incense. Analysis by GC, IR, and GC/MS, however, indicated not heroin but rather 43 percent
cocaine hydrochloride, adulterated with phenacetin (the quantitation value is relative to the total weight of the strips (including the plastic)). According to the analyst, this was the first such submission to the Mid-Atlantic Laboratory.
* * * * * - INTELLIGENCE BRIEF - FRESH KHAT SEIZED NEAR EDINBURGH, OHIO
The Ohio State Highway Patrol Crime Laboratory (Columbus) recently received 195 leaf wrapped bundles of plant material, suspected khat (see Photo 6). The exhibits were being transported in two cargo duffels, and were seized by the Ohio State Highway Patrol/Ravenna Patrol Post pursuant to a traffic stop on Interstate 76 near Edinburgh, Ohio. The plant material (total net mass 17.1 kilograms) was put on ice by the seizing officers, and then frozen upon arrival at the laboratory, to minimize the conversion of cathinone to cathine prior to analysis. Following thawing and standard acid/base workup, analysis by GC/FID and GC/MS identified cathinone and cathine (not quantitated), confirming khat. The laboratory has previously received seizures of fresh khat, which were believed to be intended for local communities of expatriates from the eastern horn area of Africa. Intelligence indicated that this shipment was enroute to the Columbus area. * * * * * - INTELLIGENCE BRIEF - VERY LARGE SEIZURE OF KETAMINE HYDROCHLORIDE AT THE BLAINE, WASHINGTON POE
The DEA Western Laboratory (San Francisco, California) recently received 50 packages of a fine, white, crystalline material, suspected ephedrine (see Photo 7). The packages were seized by Immigration and Customs Enforcement personnel at the Blaine, Washington POE, from inside the doors of a tractor-trailer arriving from Canada (further details not provided). Each package consisted of a large clear zip lock bag with clear tape around it, a FoodSaver bag, enclosing two smaller clear plastic baggies each containing the crystalline material (total net mass 49.68 kilograms). Screening by color testing (Chen’s test), however, indicated that the material was not ephedrine. Further analysis by FT-IR and GC indicated 89 percent ketamine hydrochloride. This is the largest ketamine exhibit ever submitted to the Western Laboratory. * * * * * - INTELLIGENCE BRIEF - WHITE HEROIN SUBMISSION IN PHOENIX, ARIZONA
The Phoenix Police Department Laboratory Services Bureau (Arizona) recently received a multiply wrapped bundle (18 x 10 x 2.5 inches) containing compressed and loose off white powder, suspected heroin (see Photo 8; note that the powder is whiter than it appears in the photo). The exhibit was seized by Phoenix Police Department Drug Enforcement Bureau Detectives from a false bottomed duffel bag being transported by a drug courier who was travelling from California to New York (further details withheld in accordance with Microgram policy). The powder was contained in three separate sections each wrapped in brown packaging tape, then overwrapped in black plastic and electrical tape. Analysis of the powder (total net mass 3.4 kilograms) by color testing (Marquis), microcrystal testing (mercuric iodide), and GC/MS confirmed heroin (not quantitated, but high purity based on the chromatography and intense reaction with the Marquis reagent). The laboratory commonly receives "black tar" heroin; however, white heroin is quite rare, and this was in fact the largest submission of white heroin ever submitted to the laboratory. * * * * * - CORRECTION - Sir: Concerning the Intelligence Alert entitled: "Ecstasy Mimic Tablets (Containing 1-(4-Chlorophenyl)piperazine (cPP)) in Naples, Italy" (Microgram Bulletin 2006;39(2):18), further analysis has indicated that the active component was actually 1-(3-chlorophenyl)-piperazine (also known as mCPP). That is, the meta- (1,3-), not the para- (1,4-), isomer. The original identification was based on mass spectrometry, which is unable to differentiate between the two isomers. Secondary analysis by NMR, and comparison of GC retention times against reference standards, confirmed that the compound was actually the meta- isomer. Additional quantitation work indicated that each tablet contained 22 milligrams of mCPP. This compound is not controlled under Italian law. [Editor’s Notes: For a recent update concerning the abuse of mCPP as an MDMA-mimic, see: Bossong MG, Van Dijk JP, Niesink RJM. Methylone and mCPP, two new drugs of abuse? Addiction Biology 2005;10:321.] * * * * * * * * * * * * * * * * * * * * - SPECIAL INTELLIGENCE BRIEF - KRATOM (MITRAGYNA SPECIOSA) The DEA Special Testing and Research Laboratory (Dulles, Virginia) recently received a sample of Kratom (Mitragyna speciosa) from the Bureau of Customs and Border Protection (Chicago, Illinois), for research purposes (see Photo 9). Mitragyna speciosa is a member of the Rubiaceae (coffee) family, and is indigenous to southeast Asia, notably in Thailand and Malaysia. Kratom is the original, common name used in Thailand - which has since become the predominant name used worldwide - but Mitragyna speciosa has at least half a dozen other common names (e.g., it is known as "Biak-Biak" in Malaysia).
As of March 2006, Kratom is not a controlled substance in the United States. However, it is controlled in Thailand, Malaysia, and Myanmar (Burma). In 2004, mitragynine and Kratom were both placed in Schedule 9 (the most restrictive level) of the Australian National Drugs and Poisons Schedule. An Internet search confirmed a large number of Kratom vendors in the United States. Kratom is delivered to the U.S. both from Asia and from western European countries, and shipments commonly pass undetected through U.S. Customs. It is sold in various forms, including leaves, extracts, and powders. Vendors also promote the use of Kratom and provide detailed instructions on its preparation, use, and effects. A large and growing number of personal testimonials are also available on the Internet, describing the various effects of the different Kratom based products.
References 1. Takayama H. Chemistry and pharmacology of analgesic indole alkaloids from the rubiaceous plant, Mitragyna speciosa. Chemical & Pharmaceutical Bulletin 2004;52(8):916-928. 2. Shellard EJ. Ethnopharmacology of Kratom and the Mitragyna alkaloids. Journal of Ethnopharmacology 1989;25(1):123-124. 3. Hendrickson, JB, Sims JJ. Mitragyna alkaloids - The structure of stipulatine. Tetrahedron Letters 1963;14:959-963. 4. Suwanlert S. A study of Kratom users in Thailand. Bulletin on Narcotics 1975;27:21-27. 5. Jansen KLR, Prast CJ. Psychoactive properties of mitragynine (Kratom). Journal of Psychoactive Drugs 1988;20(4):455-457. * * * * * * * * * * * * * * * * * * * * SELECTED REFERENCES [Selected references are a compilation of recent publications of presumed interest to forensic chemists. Unless otherwise stated, all listed citations are published in English. Listed mailing address information exactly duplicates that provided by the abstracting service. Patents are reported only by their Chemical Abstracts citation number.] 1. Bartlome R, Fischer C, Sigrist MW. Vapor-phase infrared spectroscopy on solid organic compounds with a pulsed resonant photoacoustic detection scheme. Proceedings of SPIE - The International Society for Optical Engineering 2005:5864. [Editor’s Notes: Presents the title technique; applications include mephentermine, methylephedrine, ephedrine, and pseudoephedrine. Contact: Swiss Fed. Inst. Technol., Inst. Quantum Electron, ETH Zurich, CH-8093 Zurich, Switz.] 2. Bell DS, Cramer HM, Jones AD. Rational method development strategies on a fluorinated liquid chromatography stationary phase: Mobile phase ion concentration and temperature effects on the separation of the ephedrine alkaloids. Journal of Chromatography A 2005;1095(1-2):113. [Editor’s Notes: Presents the (in-depth) title study. Contact: Penn State Univ, Dept Chem, University Pk, PA 16802.] 3. Bossong MG, Van Dijk JP, Niesink RJM. Methylone and mCPP, two new drugs of abuse? Addiction Biology 2005;10:321. [Editor’s Notes: An overview. "Methylone" is 3,4-methylenedioxymethcathinone. Contact: Drugs Information and Monitoring System, Trimbos Institute for Mental Health and Addiction, PO Box 725, 3500 AS Utrecht, The Netherlands.] 5. ElSohly MA, Slade D. Chemical constituents of marijuana: The complex mixture of natural cannabinoids. Life Sciences 2005;78:539. [Editor’s Notes: A review. Contact: National Center for Natural Products Research, School of Pharmacy, The University of Mississippi, University, MS 38677.] 6. Gambaro V, Arnoldi S, Casagni E, Dell’Acqua L, Fare F, Saligari E, Valoti E. Analytical approach for the identification of impurities, intermediates and precursors of the entactogen synthesis. Bollettino Chimico Farmaceutico 2005;144(1):1. [Editor’s Notes: An overview of analytical techniques used for impurity profiling of Ecstasy tablets (MDMA and PMMA are specifically mentioned in the abstract). Contact: Instituto di Chimica Farmaceutica e Tossicologica, Facolta di Farmacia, Universita degli Studi di Milano, 20131 Milan, Italy.] 7. Huang YS, Tsai CC, Liu JT, Lin CH. Comparison of the use of aqueous and nonaqueous buffers in association with cyclodextrin for the chiral separation of 3,4-methylenedioxymethamphetamine and related compounds. Electrophoresis 2005;26(20):3904. [Editor’s Notes: CZE and MEKC were used. MDA was also separated using the same system(s). Contact: Natl Taiwan Normal Univ, Dept Chem, 88 Sec 4, Ting Chow Rd. Taipei, Taiwan.] 8. Klous MG, Bronner GA, Nuijen B, vanRee JA, Beijnen JH. Pharmaceutical heroin for inhalation: Thermal analysis and recovery experiments after volatilisation. Journal of Pharmaceutical and Biomedical Analysis 2005;39(5):944. [Editor’s Notes: Presents the title study, using heroin/caffeine tablets. Contact: Slotervaart Hosp, Dept Pharm & Pharmacol, Louwesweg 6, POB 90440, NL-1006 BK Amsterdam, Netherlands.] 9. Kochana J, Zakrzewska A, Parczewski A, Wilamowski J. TLC screening method for identification of active components of "Ecstasy" tablets. Influence of diluents and adulterants. Journal of Liquid Chromatography & Related Technologies 2005;28(18):2875. [Editor’s Notes: The title technique was applied to Ecstasy tablets containing, e.g., MDMA, PMA, PMMA, ephedrine, and a variety of adulterants and diluents. Contact: Jagiellonian Univ, Dept Analyt Chem, Ingardena 3, PL-30060 Krakow, Poland.] 10. Krist S, Stuebiger G, Unterweger H, Bandion F, Buchbauer G. Analysis of volatile compounds and triglycerides of seed oils extracted from different poppy varieties (Papaver somniferum L.). Journal of Agricultural and Food Chemistry 2005;53(21):8310. [Editor’s Notes: The title study was conducted using SPME and MALDI-ReTOF-MS and ESI-IT-MS/MS. Contact: Univ Vienna, Dept Clin & Diagnost, Althanstr 14, A-1090 Vienna, Austria.] 11. Lowe ER, Banks CE, Compton RG. Indirect detection of substituted phenols and cannabis based on the electrochemical adaptation of the Gibbs reaction. Analytical and Bioanalytical Chemistry 2005;383(3):523. [Editor’s Notes: The title technique can be used for voltametric detection of THC. Contact: Physical and Theoretical Chemistry Laboratory, Oxford University, Oxford, UK OX1 3QZ.] 12. Lurie IS. High-performance liquid chromatography of seized drugs at elevated pressure with 1.7 μm hybrid C18 stationary phase columns. Journal of Chromatography A 2005;1100:168. [Editor’s Notes: The presented technique offers improved speed and resolution versus conventional HPLC or CE techniques. A wide variety of drug types (24 different solutes) were analyzed. Contact: U.S. Drug Enforcement Administration, Special Testing and Research Laboratory, 22624 Dulles Summit Court, Dulles, VA 20166.] 13. Noonan KY, Beshire M, Darnell J, Frederick KA. Qualitative and quantitative analysis of illicit drug mixtures on paper currency using Raman microspectroscopy. Applied Spectroscopy 2005;59(12):1493. [Editor’s Notes: Presents the title technique. The methodology is non-destructive, but background fluorescence (from the currency) is a problem, and the various corrective measures are time-consuming. Contact: Department of Chemistry, College of the Holly Cross, Worcester, MA 01610.] 14. Rudaz S, Geiser L, Souverain S, Prat J, Veuthey J-L. Rapid, stereoselective separations of amphetamine derivatives with highly sulfated gamma-cyclodextrin. Electrophoresis 2005;26(20):3910. [Editor’s Notes: Presents the analysis of 7 (unspecified) "amphetamine-type derivatives" by CE-MS in 6 minutes. Contact: Laboratory of Pharmaceutical Analytical Chemistry, School of Pharmaceutical Sciences, EPGL, University of Geneva, Geneva, Switzerland.] 15. Suzuki S. Lysergic acid diethylamide (LSD). Drugs and Poisons in Humans 2005:225. (Edited by Suzuki and Watanabe; Springer GmbH; Berlin.) [Editor’s Notes: Presents an analytical scheme using TLC and GC/MS. Contact: Germany (no further information was provided.] 16. Teshima N, Fukui N, Sakai T. Reagents regeneration flow injection analysis (RRFIA) for spectrophotometric determination of methamphetamine coupled with solvent extraction. Talanta 2005;68(2):253. [Editor’s Notes: Presents the title study, using tetrabromophenolphthalein ethyl ester to form a colored complex. Contact: Department of Applied Chemistry, Aichi Institute of Technology, Yakusa-cho, Toyota, Japan 470-0392.] Additional References of Possible Interest: 1. Forman RF. Narcotics on the Net: The availability of web sites selling controlled substances. Psychiatric Services 2006;57(1):24. [Editor’s Notes: A minor overview. Contact: Treatment Research Institute, 600 Public Ledger Building, 150 South Independence Mall West, Philadelphia, PA (zip code not provided).] 2. Kreuzer MP, Quidant R, Badenes G, Marco M-P. Quantitative detection of doping substances by a localised surface plasmon sensor. Biosensors & Bioelectronics 2006;21(7):1345. [Editor’s Notes: For highly specific, highly sensitive detection of stanozolol (by immunosensor). Application(s) not specified. Contact: Department of Biological Organic Chemistry, IIQAB-CSIC, Jordi Girona 18-26, Barcelona 08034, Spain.] 3. Pitt GD, Batchelder DN, Bennett R, Bormett RW, Hayward IP, Smith BJE, Williams KPJ, Yang YY, Baldwin KJ, Webster S. Engineering aspects and applications of the new Raman instrumentation. IEE Proceedings: Science, Measurement, and Technology 2005;152(6):241. [Editor’s Notes: An in-depth review of recent developents in the title field. Applications include detection of (unspecified) "narcotics". Contact: Renishaw Plc, Wotton-under-Edge, Glocestershire GL12 7DW, UK.] 5. Talaty N, Takats Z, Cooks RG. Rapid in situ detection of alkaloids in plant tissue under ambient conditions using desorption electrospray ionization. Analyst 2005;130(12):1624. [Editor’s Notes: DESI-MS was used to detect alkaloids in various type of plant tissues, including from hemlock, jimsonweed, and nightshade. Contact: Purdue Univ, Dept Chem, W Lafayette, IN 47907.] 6. Zhao LH, Yan F, Yang LL, Xiang BG. Chromatographic separation of (-)-ephedrine and (+)-pseudoephedrine in the traditional Chinese medicinal preparation Jiketing granule. Chemical & Pharmaceutical Bulletin 2005;53(11):1494. [Editor’s Notes: The title analysis was performed using TLC, RP-HPLC, GC, and HPLC-MS. Contact: China Pharmaceut Univ, Analyt Ctr, Nanjing 210009, Peoples R China.] * * * * * * * * * * * * * * * * * * * * NEW EMAIL ADDRESSES NEEDED The email addresses for the following organizations returned rejection notices to the Microgram Editor for at least the past three issues of Microgram Bulletin, and therefore the respective organizations have been dropped from the subscription list. Note that the errors include "mailbox full", "over quota", "user not found", or "user unknown" messages, and also a variety of anti-spam/filtering messages (the latter resulting from failure to "whitelist" the Microgram_editor@mailsnare.net address). The Microgram Editor requests your assistance in contacting these organizations, determining if they wish to remain on the Microgram subscription e-net, and if so asking them to forward a valid email address to the Microgram_editor@mailsnare.net address. In addition, if the Office is closed or is no longer interested, please forward that information to the Microgram Editor. U.S. Subscribers (by State, except U.S. Government organizations): California - Bakersfield Police Department Crime Laboratory; Fresno County Sheriff’s Department; Riverside Police Department/Narcotics Unit; San Diego Sheriff’s Crime Laboratory; Colorado - Boulder Police Department; Delaware - Delaware State Police Crime Laboratory/Dover; Georgia - Northwestern Technical College/Department of Criminal Justice/Rock Spring; Indiana - Clinton City Police Department; Greenwood Police Department Crime Laboratory; Kentucky - Kentucky State Police/Central Forensic Laboratory/Frankfort; Louisiana - New Orleans Police Department Crime Laboratory; Maine - ODV, Inc./South Paris; Mississippi - University of Southern Mississippi/Forensic Science Program/Hattiesburg; Montana - Montana State Forensic Science Division Laboratory/Missoula; Nevada - Washoe County Sheriff’s Office; New Mexico - Albuquerque Police Department Laboratory; New Mexico Department of Public Safety/Southern Crime Laboratory/Mesilla Park; New York - Onondaga County Center for Forensic Sciences/Syracuse; North Carolina - Greensboro Police Department-Vice/Narcotics Unit; North Carolina State Bureau of Investigation/Drug Chemistry Section/Raleigh; North Carolina State Bureau of Investigation/Raleigh Crime Laboratory; North Carolina State Bureau of Investigation/ Western Regional Laboratory; Ohio - Cuyahoga County Coroner’s Office/Cleveland; Defiance College Chemistry and Forensic Science Department; Newark Police Department Forensic Services; Oklahoma - Oklahoma State Bureau of Investigation/Tahlequah Laboratory; Pennsylvania - St. Mary’s Police Department; Tennessee - East Tennessee State College of Medicine/Johnson City; Texas - Bexar County Forensic Science Center/San Antonio; Forensic Consultant Services/Ft. Worth; Nacodoches County Sheriff’s Office; Northeast Texas Narcotics Task Force/Henderson; Texas Department of Public Safety Crime Laboratory/Garland; Texas Department of Public Safety Crime Laboratory/Houston; Travis County Office of the Medical Examiner/Austin; University of Texas at Dallas Police Department/Richardson; U.S. Government - U.S. Customs Laboratory/San Francisco; U.S. Customs Laboratory Headquarters/Washington, DC; U.S. Department of Energy/Lawrence-Berkeley National Laboratory; U.S. Department of Energy/Los Alamos National Laboratory; U.S. Department of Energy/Oak Ridge National Laboratory; U.S. Department of Justice/CSOSA/PSA/Forensic Toxicology Drug Laboratory/Washington, DC; Washington (State) - Seattle Police Department Crime Laboratory; Washington, DC - DC Addiction Prevention and Recovery Administration. Non-U.S. Subscribers (by Country): Australia - Australian Customs/Canberra; Australian Federal Police/Forensic and Technical Division/New Sydney; Canada - Manitoba Justice/Winnipeg, Manitoba; Maxxam Analytics/Mississaugua, Ontario; Denmark - University of Copenhagen/Institute of Forensic Medicine; Fiji - Fiji Forensic Laboratory/Nausori; Finland - Finnish Customs Laboratory/Espoo; National Bureau of Investigation/Vantaa; France - Institut de Medicine Legale/Strasbourg; IRCGN/Rosny; Laboratoire des Douanes de Paris; Laboratoire des Douanes de Lille; Prefecture de Police/Laboratoire de Toxicologie/ Paris; Germany - Institute Fur Rechtmedizin/Muenchen; Institute Fur Rechtmedizin/Universitat der Saarlandes/Hamburg; Landeskriminalamt Kiel Laboratory; Landeskriminalamt Rheinland-Pfalz/Mainz; Greece - General Chemical State Laboratory/Thessaloniki; India - Tripura State Forensic Science Laboratory/West Tripura; Indonesia - National Agency of Drug and Food Control/Jakarta; Ireland - State Laboratory/Dublin; Office of the Provost Marshall and Director of Military Police/County Tipperary; Israel - Israeli Anti-Drug Authority/Jerusalem; Italy - U.O. Tossicologia Forense E Antidoping/University Padova; Japan - Iwate Prefectural Police Headquarters; Panama - Policia Tecnica Judicial; South Africa - South African Police Service/Forensic Science Laboratory/Capetown; South African Police Service/Forensic Science Laboratory/Kwa-Zulu Natal; South African Police Service/Forensic Science Laboratory/Western Cape; Spain - Laboratorio de Toxicologia/Sevilla; Laboratorio Territorial de Drogas/Barcelona; Switzerland - University of Bern/Clinical Research Department; University of Lausanne/Institut de Police Scientifique; Turkey - Department of Criminal Police Laboratories/Ankara; Istanbul University/Institute of Forensic Sciences; United Kingdom - Dundee Police Forensic Science Laboratory/Dundee, Scotland; Forensic Science Center/London, England; Royal Hallamshire Hospital/Sheffield; State of Jersey/ Official Analysts Laboratory/Jersey, England; States Analysts Department/Channel Islands; Venezuela - National Guard/Caracas. * * * * *
Tool validation testing is critical to the computer forensic examination process. Validation demonstrates that the examination tools (hardware and software), techniques, and procedures are suitable for forensic examinations, and ensure that the tools work as designed. Software tools and hardware devices should always be tested prior to their initial use in a digital evidence application. This is required under the American Society of Crime Laboratory Directors/ Laboratory Accreditation Board (ASCLD/LAB) International accreditation. Tool validation testing should be performed whenever new, or upgraded versions are introduced into the forensic process. The software tools and hardware devices should be tested against a known entity. The validation process must be documented in sufficient detail to enable an independent replication. The testing of the software or hardware should be completed by at least three different computer forensic examiners using three different computers and operating systems. Each test examiner must create a summary report of their test results. If the test failed, the examiner must annotate where the failure took place. The summary report should contain their notes concerning the tool being tested, the version, and the date in which the test was performed. The report should also state the overall pass/fail status of the tool and any recommendations or concerns regarding the outcome of the testing. Here are a few of the software tools and hardware devices that are currently used within the DEA Digital Evidence Laboratory: HARDWARE: These devices are used to protect the original or best evidence from being erased or altered. a) Guidance IDE Write Block SOFTWARE - Baseline: These tools acquire and interpret media formatted in various file structures. a) Encase version 4 a) Unix dd version 2.4.1.8 14 BROWSING/FILE VIEWING: These tools are used to view various file types (Word doc, Excel, etc.) a) Quickview Plus version 7.0 E MAIL / CHAT RECOVERY: These tools are used to recover email/chat (Hotmail, PST, etc.) a) Paraben versions 3.0 and 4.0 UTILITY SOFTWARE: These tools are used for a wide variety of purposes. a) Winhex version 9.82 PASSWORD CRACKING: These tools are used to access files that were password protected by the user. a) Access Data Stand Alone version 5.0 a) NT Backup for tape version 5.0 If a new (unvalidated) tool is needed to complete an examination during the examination of DEA digital evidence, DEA policy allows its one time use without prior validation. However, the examiner must get supervisory approval prior to proceeding. This must be documented and initialed by the approving supervisor within the examiner’s case notes. If this tool is needed for any subsequent examinations, it must be first sent through the usual tool validation method. The validation process can take from one to two days per tool. New tools are validated as needed. Current tools are re-validated when a new upgrade is acquired (e.g., version 3.0 to 4.0). However, this doesn’t mean that the tool will be re-validated if there is merely an update of the software (e.g., version 3.0 to 3.01). Questions or comments? E mail: Steven.L.Carter -at- usdoj.gov
|
