Re: Careless Law Enforcement Computer Forensics Lacking InfoSec Expertise Causes Suicides

[Stefano Zanero <s.zanero () securenetwork it>]

Jason Coombs wrote:
> 34 people have killed themselves in the U.K. after being accused of
> purchasing child pornography using their credit card numbers on the Web

I know of at least one similar case in Italy.

> the presence of child pornography on a hard drive owned by a person who
> is accused of purchasing child pornography is the best evidence law
> enforcement has to prove guilt of these so-called 'electronic crimes
> against children' -- crimes that are proved by the mere existence of
> data,

I would add that in some cases even "sharing" these files on
peer-to-peer networks can be an innocent act, for instance if you
bulk-download them from a user, and before inspecting their content
someone downloads them from your shared folder.

In Italy, "trading" this type of material is a distinct charge from
"owning" it.

> I ask you this question: why doesn't law enforcement bother to conduct
> an analysis of the computer evidence looking for indications of
> third-party intrusion and malware?

I have asked the same question to law enforcement personnel, but with no
satisfactory answers for now.

> There is simply no way for law enforcement to know the difference
> between innocent and guilty persons based on hard drive data
> circumstantial evidence. 

I agree, from my own experience as a forensics consultant.

-- 
Cordiali saluti,
Ing. Stefano Zanero
---------------------------
Secure Network S.r.l.
www.securenetwork.it