Most people believe that deleting a file means that it is gone forever; however, it is only marked for deletion, not removed from the hard drive. Until new data completely overwrites the storage areas, the original data can be recovered. In addition, all information used by the computer is stored in the computer’s main memory at some point, and this information is generally mirrored in a hard drive file called the ‘swap file’ - a valuable source of evidence. Traces of email, instant messages, chat room conversations, web browsing activities, image files, temporary word processing documents, malicious software, and even password-protected encrypted data are just some of the types of evidence that can be recovered. Digital evidence is also not limited to computers and networks. Other devices store rich amounts of retrievable data as well, such as cell phones, PDAs, GPS systems, and embedded computers in automobiles. As technology continues to advance and make devices smarter and more ubiquitous, the opportunities and techniques for finding digital evidence also increase, making digital forensics a career with continual growth potential. Simply put, digital forensic science (DFS) is the controlled extraction and analysis of legally admissible evidence from digital storage devices. The requirements are three-fold: the practitioner must have a thorough understanding of the underlying technology, a clear understanding of legal requirements and boundaries, and the ability to place a wide variety of data types in context and present them in human-readable form.