Forensic Science Notes
Dactylography History
Egyptians used fingerprints as signatures.
Herschel:
1840's
Upper-class Englishman who went to India as a contract administrator.
Started smudging people’s fingers with ink to mark contracts.
Built a record of Indian fingerprints, recognizing their uniqueness.
Faulds:
Surgeon who went to Japan as a missionary.
Studied finger and palm prints.
Shared findings with Charles Darwin, who then sent them to Galton.
Published an article claiming the idea of unique fingerprints, leading to disputes with Galton.
Galton:
Received a letter from Faulds but initially disregarded it.
Published a study arguing for individual fingerprints.
Relinquished credit for the initial idea but not for the study’s work.
Vucetich:
Read articles by Faulds, Galton, and Herschel.
Applied fingerprint analysis to solve a crime involving a mother and her children.
Developed a classification system to narrow down potential matches.
Purposes of Fingerprinting
Identification of suspects
Identification of people
Fingerprint Types
Patent: Visible to the naked eye; uses powder for enhancement.
Plastic: Impression left in a substance (e.g., blood, dirt); uses plaster or dental stone for casting.
Latent: Not visible to the naked eye; requires powder and tape to lift.
Exemplar: A print taken from a known subject for comparison.
Ridge Characteristics (Minutiae)
Ridge ending: Where the ridge terminates.
Short ridge (dot): A ridge with a defined start and end.
Bifurcation: A ridge that splits into two.
Enclosure: A circular ridgeline.
Forms in the placental sack when stuff gets on your fingertips as they form, so the ridges form around them.
Hook/Spur: A ridge resembling a hook or arrow fletching.
Trifurcation: A ridge that splits into three.
Bridge: A ridge connecting two other ridges.
Pores: Appear as small white dots on fingerprints.
Delta: Resembles the Greek letter delta and a river delta.
Core: The point where a ridge bends over on itself.
Basic Typology
Loops (60-65%): Have one delta
Ulnar: Faces towards the ulnar vein (pinky side).
Radial: Faces towards the radius (thumb side).
Arches (5%): No deltas
Plain: Relatively flat, less than 90 degrees.
Tented: Has a more pronounced peak, resembling a tent.
Whorls (30-35%): Two clear deltas
Plain: Circular pattern.
Central pocket loop: Folds over on itself with a center core.
Double loop: Two instances of folding over, resembling a yin and yang symbol.
Accidental: Irregular pattern with a core lower than the originating point.
Children’s Fingerprints
Ridges are smaller and less pronounced.
Have less oil, causing prints to evaporate more quickly.
Adermatoglyphia
Loss of fingerprints, often medically related.
Examples: Chemotherapy can cause prints to recede, burns
Positive Identification
Primary classification: Classify the type of fingerprint.
Ridge Characteristics: Use 9-13 ridge characteristics to relate them.
Relation of characteristics
Henry Classification System
Assigns numbers to whorls.
Arches and loops are too uncommon and too common respectively.
Numbers are positioned according to the system, added as numerator and denominator.
Example:
Latent Prints Collection
Powders: black, silver, Iodine Fuming
Iodine Fuming: Sublimation
Ninhydrin: Used on paper, is a fume.
Superglue fuming: Used to develop prints on skin.
Fluorescence: Can reveal oil prints due to biological discharges.
Alternate light source
Session 9: DNA and Heredity
Core Concepts
Gene
Locus: Specific location on a chromosome marking a gene.
Allele: A variant of a specific gene.
Homozygous: Having two identical alleles for a gene.
Heterozygous: Having two different alleles for a gene.
Chromosomes
Structures containing genes.
XX & XY: Common chromosome pairings that determine sex, but not always.
Genetics Basics
Dominant/Recessive Genes: Genes that express or are masked.
Egg, Spermatozoa, Zygote: Female and male reproductive cells that combine to form a zygote.
Cellular Composition
Cell/Nucleus/Chromosome/DNA: Hierarchical structure of genetic material.
Molecular Components
Nucleic Acid/Protein/Carbohydrate: Key biological macromolecules.
DNA Structure
Polymer: DNA as a long chain molecule.
4 Nucleotides: Adenine, Cytosine, Guanine, Thymine.
Average human chromosome has 100 million pairs of nucleotides
3 Billion pairs per human total
99.9% same Genomes
23 chromosome pairs
DNA Testing and Profiling
DNA Profiling/Genetic Fingerprints
Biologics have DNA, waste like urine and feces, typically do not.
Testing Methods
RFLP (Restriction Fragment Length Polymorphism): Creates a stopping point to measure it.
PCR (Polymerase Chain Reaction): Amplifies DNA, creating many copies.
STR (Short Tandem Repeats): Short repetitions of nucleotides indicating DNA mutation.
AmpFLP: Same as RFLP.
Y-STR: From Y chromosome, passed from father to son.
Mitochondrial: Passed to you from your mother
Applications
Paternity: Original use of DNA testing.
Advanced Genetic Analysis
Mitochondrial Molecular Clock: Used to estimate the age of human populations by examining mitochondrial DNA.
Haplogroups: Genetic lineages traced through maternal (mtDNA) or paternal (Y-DNA) lines to understand population history and migrations.
DNA Databases
CODIS (Combined DNA Index System)
Uses 13 STRs to minimize false matches.
National Database
Uses 11 STRs to align with international standards.
Touch DNA
DNA transferred by touch (Locard’s principle).
Requires an exemplar sample for comparison.
Sample Collection
Buccal Swabs: Used to collect confirmation samples matching a prior DNA analysis.
Legal and Ethical Considerations
Prosecutor’s Fallacy
Misuse of statistics in court (e.g., overstating the significance of a DNA match).
Interpretation of Mixed Samples
Common in rape cases, involving mixtures of different DNA products.
Chimeras
Individuals with two sets of DNA, often due to twin absorption in utero.
Privacy Issues
Expectations of privacy concerning DNA left in public areas (e.g., discarded items).
Landmark Case
Maryland v. King (2013): Ruled that DNA collection is constitutional as part of routine booking procedures, without requiring destruction of the DNA post-trial.
Lecture 10: Forensics
Fire and Explosions
Fire Basics
Exothermic: Heat/energy is expelled.
Endothermic: Warmth is being absorbed rather than expelled.
Oxidation: Element absorbing oxygen molecules.
Ignition Temperature: Lowest temperature for sustained combustion without an external stimulus.
Fire Dynamics
Physical State, Temperature of fuel, Physical State of fuel: Gaseous
Flash point: Lowest point an item ignites with an external stimulus.
Pyrolysis: Heat causes object to decompose.
Flammable range: Volume of chemical, everything from the ignition temperature to the maximum temperature, lower and upper levels.
Glowing combustion: Flame isn’t there but it is still hot.
Spontaneous combustion: Chemical reaction in combination with temperature causes a spontaneous fire.
Fire Evidence
Packaging: Put fire evidence in a glorified paint can
Substrates: Undisturbed samples of the evidence, so same wood type as what was burned but was unaffected
Fire Analysis
Headspace: Fill can with ashes, seal it, then put it through a machine to read the chemicals in it, a version of chromatography.
Vapor Concentration: Use a charcoal strip to gather evidence and it is considered superior
Explosions
Explosions: fire
Deflagration: fire
Detonation: sound waves
Types of Explosives
Low Explosives: Subsonic, typically deflagration more common
High Explosives: Sonic or Supersonic, typically Detonation, highly controlled
Primary: Easy to set off, ie gunpowder, black powder
Secondary: Require a primer so need another explosion to set it off, dynamite or C4
Tertiary: Fairly modern, really big explosions, Anpho that is packed with dynamite to make it go boom, difficult to ignite
Computer Forensics
Hard Disk Structure
Partitions: Different parts of the hard drive are used on different things to prevent the whole hard drive from being used
Bits: 1s and 0s
Bytes: 8 bits
Sectors: 32 bytes
Clusters: 8 sectors
FAT/MFT: Master File Table or File Allocation Table, directs things to different sectors.
Data Acquisition
Forensic Image Acquisition: Considered superior acquisition tool, makes an exact copy of the hard drive rather than breaking into og hard drives.
Live Data Acquisitions: Done when time is limited, ex missing child or terrorist threat, pull up social media, email, stuff like that.
Data Types
Visible Data: Stuff you can find in file explorer or finder
Data files
Swap file: Once files are saved they take up their own cluster, he more things you save the more separated your items become, this is both inefficient and ineffective because it slows the computer. Defragmentation, puts the documents together to save space. The new file created by defragmentation will be there even after you delete the og unless you delete the swap file. Longer you have the file, the more swap files you should have.
Temporary files: When you view photos and other things online it will be saved on you hard drive as a temporary file, this can be used to see what suspects had viewed recently. Stuff not formally downloaded, just viewed.
Latent Data
Slack: Data sectors that appear to be vacant but criminals use programs to hide data within the sector. Generally used by more sophisticated suspects.
Deleted files: Deleted files are still present until the deleted file has been written over again.
Shredding a hard drive: Rewrite the hard drive with noise 8 times to make it hard to see the original file. Milwaukee police found evidence on a hard drive that had been shredded so DOD decided that you need to physically break the hard drive.
Internet Searches Hardware Search
Internet Activity
Cache: Downloaded data by computer to speed up processes.
Cookies: Keep track of what you view to advertise. Phones are always listening.
History: Generally held for three weeks. Easiest to clear.
Bookmarks: Shows that the suspect wanted to be on that website intentionally.
Over the net search: Cell carriers and service providers have history of everything you view, for at least the last 6 months.
IP Address
Digital Communication
E-Mails and Messaging: Emails are mostly stored in the cloud now, as are most things.
Hacking: Sometimes police must break into the phone or computer due to carrier incompliance. Ex: San Bernadino California mass shooters, both had iPhones, Apple refused to share data with FBI despite FBI’s worry for second attack. FBI told Apple to help, or Apple would get hacked. Whitehat hackers used to gain access.
Mobile Device Forensics
Mobile Technology
Form of Usage
Analog (1G)
Digital (2G)
Broadband (3G)
Native IP (4G)
5G
Operating Systems
Vary by and within companies. Some OS’s have slack spots and deleted files and others just immediately delete it. OS impacts how forensics are done.
Faraday bag: A bag lined with metal to prevent the device to communicate with satellites and cell towers.
Extraction Methods
When unplugging a computer, unplug from the computer rather than the wall if possible. W
Physical Extraction: Get more
Logical Extraction: Get less, but is quicker
Infrastructure
Expansion Cards
SD
SIMS
File systems
Assessment
Chain of evidence
Contextual Analysis
Temporal is about time, so you can see when things are happening, such as having multiple websites open at a time.
Causal is when a chain of events causes the next and can show that other things had to occur first.
Other Devices
GPS: Track where the device has been
MAP Apps: Track where the device has been
EZ Pass: Can see when tolls were paid for that EZ Pass account.
Law Enforcement Technology
Toughbooks: Computers within a car, can track car’s location. Generally Employer-owned data.
IMSI Catchers: Often called stingrays, fairly small, fake cell phone towers that can be driven around by a van and attach to phones to identify devices within a small location. Need a warrant to access the data gathered by it.
Geofencing: Uses cell phone towers to narrow down who is in an area. Can set up a perimeter that will ping if specific devices go within that area.
Biometrics Overview
Biometrics: A concept of anthropology, using unique individual identifiers to identify people.
Anthropology is the study of humans as a species
Historical Context
Alphonse Bertillon: French Anthropologist who came up with a system of identifying individuals by studying different parts of the human body. One of these was earlobes. A bunch of different measurements used to be used to identify different people. Biggest issue is that measurements change over time. Bertillon was admired by Sherlock.
Core Functions
Biometric Matching: Take biometric measurements and use previously gathered biometrics to ensure it’s the same person
Biometric Identification: When you don’t know who they are and use biometrics to identify them.
Types of Biometrics
Physiological Biometrics: Fingerprints, palm, hands, veins, iris (color), retina (nerves), facial
Behavioral Biometrics: Handwriting, keyboarding, voice recognition, gait
Enrollment and Template Generation
Use Enrollment: Capture and store biometric data. Ie taking fingerprints
Extraction: Using equations and algorithms to find this information again. Ie henry classification
Template generation: Recollecting and accessing the data, accessing the database. Ie AFIS
Iris and Retinal Scanning
Iris Scanning
Eye Color: Every eye is made up of multiple colors, iris scanning looks at the combination and location of the colors by examining the muscle definition
Muscle Definition: Colorful stripes in the iris are there to dilate the pupil, examining the muscles is a key part of the iris scan, and 10s of thousands of these muscles in the eye.
Visible light capture: looks at the eye in regular light
NIR capture (700-900 wavelength) Safe, acceptable distance:
Retinal Scan
Inside the eye, looks at the nerves, nerves within the retina get thinner with age.
Facial Recognition
Facial Recognition: Not probable cause to arrest ever, neither are finger prints, you need exemplar prints, database isn’t enough.
Ease of use: Very easy to use, many databases with faces such as DMV and Passports
Permanent v. impermanent features: Hair, weight, nose sizes changes with age, plastic surgery, all are things that affect face shape
High complexity: facial recognition is a two-dimensional measurement of a three-dimensional object. Not a perfected science. There is racial bias within facial recognition because it was not greatly tested on black people.
2D v. 3D
NGI (Next generation Identification System) Update to AFIS
Advanced Fingerprint Identification Technology (AFIT): Designed to be better than Henry Classification system
Repository for Individuals of Specia Concern (RISC): Like terrorist watchlist
Latent & Palm Prints: States would submit latent prints to the FBI, prior to 2013 did not take palm prints, now they do
Rap Back: If you have a security clearance or certain government employees and you get booked the FBI will notify employer
Interstate photo system: FBI and State police have a collection of photos taken pre-2013 it was entirely local and state.
Facial Recognition Search: Test people’s faces from booking to see if the system is accurate in a nondiscriminatory way
Cold Case/Unknown Deceased: FBI Keeps files of cold case biometrics
Iris (pilot program): A program that collects iris scan data.
Questioned Documents
Exemplars, Printing Marks, Transmitter identifiers, infrared luminescence, charred document recovery, Oligospermia, Aspermia
Scope
When a document’s validity or authenticity is under question, from wills to currency to contracts.
Common Issues
Counterfeit $20 bills are the most common questioned document in the US.
Handwriting Analysis
Styles: Used to determine authorship, focus on pressure and repeated characteristics.
Variation: Acknowledge that no one writes exactly the same way every time.
Exemplars
Gilbert v. California (1966): Bank robbery case, somebody wrote a note for the bank robbery, court order required him to write the same thing as the note 3 times for exemplars, ruled it wasn’t a violation of the fifth amendment.
United States v. Mara (1973): Kidnapping case, not a fourth amendment violation because you just need probable cause, got a court order rather than search warrant.
Authenticity
Determine if it is real, common with historical and religious documents.
Material Analysis
Typescripts:
Ink composition: Can be used to identify the manufacturer and type of ink based on composition of the ink.
Paper comparison: Paper differs in the fiber content, thickness, thread count, color.
Impact/Non-impact printing: Writing on a piece of paper is impact printing.
Printer Identification
Printing marks: Some printers have malfunctions that are unique to their printing that can help identify it
Transmitter identifiers: Can be used to identify which fax machine a document came from
Font: Font is unique
Alterations
Obliterations:
Infrared Luminescence: Can be used to find things that have been written over or erased
Charred documents: Charred stuff can be found again it will just look like black paper with white ink
Indented writings: Can do the pencil scribble method on indented paper to see what was written.
Photo editing: Can be used to brighten a photo of questioned document:
Rape Forensics
SANE (Sexual Assault Nurse Examiner), PERK (Police Evidence Recovery Kit), Time limitations with evidence recovery.
Semen
Cannot be explained away when found on a child.
In women, needs more evidence to confirm non-consensual contact.
Latest ever found in a vagina is approximately 76 hrs after the fact and that was a poor sample.
Will search in first 5 days after, but don’t expect to see it after 48 hrs though
Spermatozoa: Unique to semen in the male body. Can be found alive, but die very quickly.
Ogilospermia: Means the sperm is infertile.
Aspermia: Can occur when a man ejaculates but no sperm comes out, can also mean an extremely low spermatozoa count.
Prostate Specific Antigen: Found in semen and blood in men.
Timing: Need to collect evidence quickly because the body heals quickly, typically within a couple of days.
Absence of injuries does not imply that rape did not occur.
Collection of clothing and bedding:
PERK: Police evidence recovery kit, take a bunch of stuff like clothes, for days after the event, women expel semen even consensually.
Expect to find mixed DNA sample of both victim and suspect. Have to ask about consensual semen in a respectful way to obtain exemplars and rule out consensual partners. Bedding should be taken, dna swabs, vaginal swabs, and comb out head and pubic hair, 15-20 hairs is a good sample. Should take buccal and hair samples from suspects, handcuff the suspect before plucking pubes because it hurts.Prostate Specific Antigen: The prostate specific antigen, unique to semen in the male body.
Spermatozoa Unique to semen in the male body, Can be found alive, but die very quickly.
Crime Scene Technology
Smartwater: A nonhazardous forensic solution that will spray criminals, it is invisible in normal light but visible under UV light. It remains detectable for weeks and months after contact. Each smartwater canister contains a unique dna-like code that can be used to identify the source of the water and connect the suspect to the scene. Forensics continue to evolve and grow, and new technologies continue to develop.
Lineups and Identifications
Lineups: If a lineup has one individual who stands out, then it is not a good lineup, it is a civil rights violation.
Personal Lineup: You need people who look similar enough to be legitimate distractors rather than very different people, done in big cities because they have the diversity to create a good lineup.
Photo Lineup: Most lineups are photo lineups because it is very difficult to match people’s individual characteristics in smaller jurisdictions. Use 6 photos so one can be thrown out if they are recognized for another reason. Superior because you have more photos than people. Everything has to be similar, ie black and white, all in tuxes, all in jail scrubs.
Sequential: Show the photos one at a time and ask the victim/witness to say if they recognize someone, ensure that only one photograph is visible at a time, never two at a time and make sure they don’t know how many total photos there are.
Simultaneous: Show all photos at the same time. Illinois had two separate scandals with lineups, three different people were probably innocent on death row, in all three cases they were mistaken identifications that occurred because of lineups. A study revealed that the psychology behind mistaken identifiers, that the victim assumes one of the six is the suspect so they pick one instead of picking who they remember. Simultaneous results in most similar rather than correct.
Blind Administrator: The person presenting the lineup is unaware of which one is the suspect. Show-Ups: In a reasonable suspicion/terry stop you can do showup within 90 minutes of the stop, you can have the witness show up and look at the suspect and confirm it as the suspect. It is considered suggestive which is why it needs to be done quickly. Photo Books: Book of photographs of all the people who have been arrested in that jurisdiction to see if its a repeat offender, useable if it is randomized and there is a variety of people.
Chance Meeting: Out of control of law enforcement in the victims pov, victim sees the suspect later like at the store or see them on the news. Identification
Reliability
Impermissibly Suggestive: is it too suggestive
Substantial Likelihood of misidentification: There must be a reason for the witness to misidentify, if they are impartial and trained in identification it is okay.
Manson v. Brathwaite (1977): There is a two prong test to determine reliability of identification. Detective is under cover, identifies a person, is only shown one photo later 1) is the identification method impermissibly suggestive 2) Is there a substantial likelihood of misidentification