RE: guilty until proven innocent?

["Gary Funck" <gary () intrepid com>]

I realize that we've run this one fairly solidly into the ground, but I
have a semi-serious question:  the teen age blogger mentioned that the
school administrator had apparently displayed screen shots showing
not just the web page page that he allegedly browsed, but the actual
browser that was in use at the time.   Most content filtering systems
that I'm familiar with would simply record the web sites visited,
perhaps capturing/caching the page for further review.  Is it
commonplace to record a full screenshot?  How would the screenshots
be cataloged and correlated with the content/URL? What value would
a screen shot have versus a more exact record of the sites visited?
Might that screen shot have been extracted from an in-room surveillance
camera instead (this could explain the day/two delay)?  This would introduce
a completely different line of reasoning and different take on the stated
facts in this incident.

- Gary

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.