lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed Aug 10 05:45:36 2005
From: measl at mfn.org (J.A. Terranson)
Subject: Operation Site-Key computer forensic searches
	ruled illegal


On Tue, 9 Aug 2005, Jason Coombs wrote:

> I worked as an expert witness on behalf of the defense in a case brought
> before a military court martial under UCMJ where the defendant's name
> and credit card number was found in the site-key database.
>
> A computer forensic examination of the defendant's Windows computer
> revealed the presence of a Trojan and a keylogger that would have
> enabled a third-party intruder to intercept the defendant's credit card
> number and use it to purchase child pornography from a Web site that
> processed credit card payments using the site-key service.

As Jason is aware, I work for the #1 forensics house in the midwest, and
we also have some interesting anectdotal information that's likely of
interest here.  Jason pointed out that machines are often full of spyware
and back doors (all too true), but missed what is becoming a more and more
common side effect of this: we are seeing defendants being pulled out of
the fire by these surrepticiously installed keyloggers!  More than once I
have been able to show that significant child pornography cases were in
fact completely the work of outside intruders who had compromised the
system, used it for distribution of materials without the owners knowledge
or consent, and been able to refer to these trojans for the proof: they
logged it all!

Digital Forensics is still an emerging industry, and one with no [direct]
regulation in most jurisdictions.  Any issue which is rooted in this new
engineering/legal practiced will be a long tim awaiting foundational case
law to guide our newly exposed judges.

-- 
Yours,

J.A. Terranson, CISM
Sr. Forensic Investigator
United Forensics Corp.
alif@...tedforensics.com
www.unitedforensics.com

I like the idea of belief in drug-prohibition as a religion in that it is
a strongly held belief based on grossly insufficient evidence and
bolstered by faith born of intuitions flowing from the very beliefs they
are intended to support.

don zweig, M.D.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ