| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 26 Jan 2010 10:24:02 +0545 From: Bipin Gautam <bipin.gautam@...il.com> To: "Thor (Hammer of God)" <Thor@...merofgod.com> Cc: full-disclosure <full-disclosure@...ts.grok.org.uk> Subject: Re: Disk wiping -- An alternate approach? Could DIGITAL FORENSICS be fundamentally FLAWED ( and they dont explain more?) Think : http://en.wikipedia.org/wiki/Chain_of_custody Main Point: The keywords and texts found in a suspects harddisk is by NO guarantee belonging to the OWNER OF THE COMPUTER instead it could be leftover chunks from the internet written by someone and lands on your computer's in disk-fragments as found dormant on your free-space as browser cache is flushed ? On top of that FAT32/NTFS fs has high fragmentation rate than EXT*. The problem is: "Possession is 9/10ths of the law" -- but ANY texts they find, if questionable can also very likely come from the internet while you browse online and NOT your own possession and someone typed it from online,webpage you viewed etc and it lands on your disk while you browse it and is left as fragments? How does the law sees such a situation? (and except the possibility of linguistic analysis to prove guilty) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists