lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 4 Oct 2005 14:31:06 -0400 (EDT) From: "J. Oquendo" <sil@...iltrated.net> To: Stefano Zanero <s.zanero@...urenetwork.it> Cc: bugtraq@...urityfocus.com, Full-Disclosure <full-disclosure@...ts.grok.org.uk> Subject: Re: Careless LEO Forensics and Suicides On Mon, 3 Oct 2005, Stefano Zanero wrote: > I would add that in some cases even "sharing" these files on > peer-to-peer networks can be an innocent act, for instance if you > bulk-download them from a user, and before inspecting their content > someone downloads them from your shared folder. This seems to be one of the problems with P2P networks along with clueless (l)users who end up downloading viruses, worms, malware, spyware, scumware, INSERT_OTHER_ware. It is something that can also be used as an excuse by someone who was actually downloading something he/she shouldn't have been downloading. For one thing, P2P is still tip-toeing through legal issues here and there, but to think that someone won't use that as a defense would be moronic. In fact I wonder how many subscribers here will be looking into the legalities of this for legal matters pending. > In Italy, "trading" this type of material is a distinct charge from > "owning" it. This is both a pro and a con as well. Supposing someone visited you say an old college buddy. Let's say he didn't like you much and dropped a USB Key with 512mb of crap on it. Officials come and arrest you. Would be difficult to prove its not yours at least over here in the US it would be if that person who dropped the USB key took the time to do it right. Consider that same person now selling those USB keys. I'd prefer to see the seller (if proven to be guilty of selling that crap) have his weiner lopped off. The person in possession however is more trivial. Is it really their's? Do they have psychological problems? > > I ask you this question: why doesn't law enforcement bother to conduct > > an analysis of the computer evidence looking for indications of > > third-party intrusion and malware? > > I have asked the same question to law enforcement personnel, but with no > satisfactory answers for now. It's not in their best interest to do so. Many tend to forget law enforcement is a business just like any other. Budgets have to be met and far too often it would be IN their best interest to 1) keep their quotas in order, 2) keep their budgets met with ?Oh my gosh, we have 10,000,000,000,000,000 more cyber child porn cases this month... We're underfunded and need more money? > > There is simply no way for law enforcement to know the difference > > between innocent and guilty persons based on hard drive data > > circumstantial evidence. Actually there are ways it takes some time to sift through the garbage. I will give you an example of something I KNOW happened. In a semi-recent case concerning computer intrusion, the defendant was sentenced to prison for ?hacking into his former employer?. What the feds either didn't take time to realize was that at the time of the alledged attack, the defendant was on a plane. Defendant even had plane tickets to prove this. It never came out in court though. DA's shot it down because "after all the hacker was telekinetic anyway". Appeal? Don't bother asking. As for people committing suicide, I believe those who did commit suicide actually were in possession with intent. If not why commit suicide. I would have fought tooth and nail. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo GPG Key ID 0x97B43D89 http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x97B43D89 "How a man plays the game shows something of his character - how he loses shows all" - Mr. Luckey _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists