[rayiner]

To the contrary, prosecutors do (with various degrees of success) establish chain of custody for digital evidence. Moreover, no prosecutor is going to build a case on just an IP address in a log file. They will use that as evidence supporting a warrant to search a suspect's computer. At that point, law enforcement will usually collect a physical hard drive, which will be considered the "original evidence" and subject to the usual chain-of-custody protections.

[Freestyler_3]

Forensics is a way to do things (procedure) so that you can use your findings in court. It is up to the opponent to challenge certain methods, like "you used md5 hashing which is proven unreliable", or something like that.

"They will use that as evidence supporting a warrant to search a suspect's computer" Indeed, you won't be called to court just because your ip address in on a list. There will be further research which could result in: We found this video on the computer which was downloaded from [source] as shown in the logs from with this ip.

[dsfyu404ed]

The outcome is mostly irrelevant if the local news reports that "police raided the home of X.. blah, blah, blah... terrorism/pedophiles"