Re: 2002 murder suspect located via MSN Map search

[Paul Schmehl <pauls () utdallas edu>]

--On February 5, 2006 9:42:05 AM +0100 James Kehl <shykta () dione ids pl> 
wrote:
> On Sat, 4 Feb 2006, Paul Schmehl wrote:
>
> > So, even though serial murders that have "gone unsolved for a decade" are
> > now solved, and even though a school bombing case may have been solved,
> > and even though child pornographers and thieves stealing copyrighted
> > material have been busted, there's just something eeeeevvvviiiilllll
> > about IPSs just "giving away" all the "most intimate information" about
> > you.  Even though we have well-established rules for obtaining that
> > evidence, and even though the courts have established a system that, in
> > my view, protects the criminals *too* much.
> >
> > Heh.
> >
> > Apparently, in the Times' world, we shouldn't be allowed to see the
> > evidence of your crime unless it's laying out in plain view.
> So how do you know they got the right guy?
One would hope that the IP address from which the map was downloaded was 
not the *only* piece of evidence that the prosecutors had.  One would hope 
that the prosecutors were able to establish that the suspect was home and 
had access to the computer that had that IP at the time the map was 
downloaded.

> You have heard about malware, trojans, open proxies and remote control
> software?
Uh, that would be yes.

> Have the jury?
That's up to the defense and the prosecution to bring up and fight over.

> Could you explain it to them? Would they believe you?
I could.  I'm sure there are others who can.  Again, if the case hinges on 
that one single piece of evidence, it's hard for me to imagine anyone being 
convicted.  Arrested, maybe.  Harrassed, maybe.  Even charged, maybe.  But 
convicted?  Yeah, there's a few places left in America where that might 
happen, but not very many.

I've served on juries.  I have jury duty next Tuesday.  My wife has been a 
federal grand juror, as well as serving on both state and county juries. 
I'm familiar with the process.

> The fact that an IP address identifies a computer and not a person is a
> little bit subtler than the 100% accuracy with which a computer can be
> matched would indicate... and it's in one side's interest to muddy the
> distinction...
Well, sure.  And it's up to the legal eagles to sort it all out.

I see it like this.  The IP *may* have been the break in the case that 
identified a suspect.  Then the detectives start looking for corroborating 
evidence, and lo and behold, his DNS matches some found at the crime 
scenes, a partial fingerprint matches one found at a crime scene.  Trace 
evidence matches items that he wore, bought, used, etc., etc.

Now the IP is a great deal more believeable, and stories about trojans, 
etc. don't hold water.

Criminal investigations need to have more than one point of contact with 
the suspect before they go to trial, much less are able to obtain a 
conviction.

So why did the suspect hang himself in prison?  Didn't like the food?

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.