During the conference of Digital Forensic Research Workshop EU in Lausanne several topics were important. A wide range of new developments was published in the proceedings. During the keynote talks also attention was given to the issues with decryption of smart phones and several solutions were brought to attention, as well as the paradox that exists between security and digital evidence. Other solutions and issues were brought forward on collecting data from the cloud as digital evidence, as well as issues with time stamps that might occur.
A nice panel discussion on the different aspects of using Bayes and likelihood ratios provided different views on using it in digital evidence. Though one would not easily use this for dictionary attacks of passwords, it is used in interpretation of the evidence. The hypothesis of the defence and of the prosecutor should be clear however. And questions rise if the defence is able to provide a good hypothesis, since education and insights on different scenarios is needed.
Also one topic of importance is that users of the reports should also understand the report and the conclusions drawn and interpret them correctly. In law systems with trained judged and prosecutors this might be easier then with a jury that is generally not trained in Bayes Theorem and the use of likelihood ratios. Some good guidelines of using this are provided by ENFSI.