Security Basics mailing list archives
RE: Computer forensics to uncover illegal internet use
From: "dave kleiman" <dave () isecureu com>
Date: Tue, 6 Sep 2005 17:26:14 -0400
Steve, Inline..
Hate to play alwyer here but doesn't all of this get shot down by 3rd Circuit Federal Court of Appeals decisions regarding the FBI's Innocent Images project? It basicly shot down the concept of "you clicked on a chold porn link therefore you're guilty."
Well that applies to when it is determined that it was innocent. This could be via pop-up, trojan, or maleware of some kind.
This is all enshired in Federal Cases. No one must admit that a good prosecutor can indioct a ham sandwich and all that. But overall that doesn't happen. Now Federal Prosecutors and Investigations staffs are very good at sort of getting warrants and raiding someone's house or business and going thru everything. But if the person doesn't scare and cop to something they never did, then federal prosecutors generally have to back off in cases where it is just things accumulating on disks etc.
Well they do not usually prosecute ham sandwiches, BLT's maybe. I love how everyone is quick to say things just magically accumulated on their H/D. However, they tend not back of when a file structure is found with hundreds of images, often burned to CD's.
Futhermore in states with a high privacy expectation like California there is a good reason to say "We don't go through our customers data looking for things out of the ordinary". One might argue it to be different it were one's employees. However if you are offering a primo privacy service then you can legitimately scrub disks as a part of the biz plan.
Well that may be, of course you missed the beginning of these threads, where Mr. Combs suggested after discovering contraband on and employees H/D, to make a copy of it take the copy to the companies attorney. Wipe the original and "best course of action is to purposefully falsify the record of the company's response to the incident" The full threads can be read here: http://seclists.org/lists/security-basics/2005/Sep/subject.html http://seclists.org/lists/security-basics/2005/Aug/subject.html
Much of Law Enforcement and theiir Public Providers of services depends on scaring people and businesses into good behavior when it is neither necessary or ethical. My suspicion is that one can ignore this tactic if one wishes as one is reasonably careful.. I am sure that people will be offereing "Computer Forensics Services" to find the scary things on your compnys disks for $500 a pop but no good reason one has to engage in such silliness.
Yes that crazy scaring people into good behavior....... Oh wait that is right only reasonably prudent people follow the law, criminals tend to not care if there is law against something, they are not scared into not committing crimes, that is why they are criminals. Kind of like the lawlessness that is occurring in the situation you mentioned below. Some people would say that the devastation has turned these people into criminals. Although, the reality is the people committing the crimes are the same ones that were committing them before the devastation.
Excuse my flipness. I just got through friends caught up in this call people stranded and alone by the hurricane in the SOuthland and all these other things do ring silly right now.
Regards, Dave
Current thread:
- RE: Computer forensics to uncover illegal internet use, (continued)
- RE: Computer forensics to uncover illegal internet use dave kleiman (Sep 06)
- Re: Computer forensics to uncover illegal internet use Jason Coombs (Sep 01)
- FW: Computer forensics to uncover illegal internet use dave kleiman (Sep 01)
- RE: Computer forensics to uncover illegal internet use McKinley, Jackson (Sep 01)
- Re: Computer forensics to uncover illegal internet use spyros (Sep 01)
- Re: Computer forensics to uncover illegal internet use spyros (Sep 01)
- RE: Computer forensics to uncover illegal internet use Billy Dalud (Sep 01)
- Re: Re: Computer forensics to uncover illegal internet use ardean (Sep 06)
- RE: Computer forensics to uncover illegal internet use Jude DaShiell (Sep 06)
- Re: RE: Computer forensics to uncover illegal internet use pro_logos (Sep 06)
- RE: Computer forensics to uncover illegal internet use dave kleiman (Sep 06)
- RE: Computer forensics to uncover illegal internet use Craig, Tobin (OIG) (Sep 06)
- RE: Computer forensics to uncover illegal internet use Craig, Tobin (OIG) (Sep 06)
- RE: Computer forensics to uncover illegal internet use Craig, Tobin (OIG) (Sep 06)
- RE: Computer forensics to uncover illegal internet use dave kleiman (Sep 06)
- Re: Computer forensics to uncover illegal internet use Jason Coombs (Sep 06)
- RE: Computer forensics to uncover illegal internet use dave kleiman (Sep 06)
- Re: Computer forensics to uncover illegal internet use Craig, Tobin (OIG) (Sep 06)
- RE: Computer forensics to uncover illegal internet use Craig, Tobin (OIG) (Sep 06)
- Re: RE: Computer forensics to uncover illegal internet use ardean (Sep 06)
- RE: Computer forensics to uncover illegal internet use Hindle, Dallas (Sep 07)