| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue Jul 5 15:44:46 2005 From: pauls at utdallas.edu (Paul Schmehl) Subject: Re: Tools accepted by the courts --On Tuesday, July 05, 2005 02:04:20 -1000 Jason Coombs <jasonc@...ence.org> wrote: > > What I demand to hear spoken by law enforcement, and what I insist > prosecutors compel law enforcement to speak if they don't volunteer these > words out of their own common sense, is the following: > > "Yes, that's what we found on the hard drive but there's little or no > reason for us to believe that the defendant is responsible for placing it > there just because the hard drive was in the defendant's possession. We > often see cases where hard drives are installed second-hand and data from > previous owners remains on the drive, we can't tell when the data in > question was written so it's important to be aware that hundreds of other > people could have placed it there. We also see cases where software such > as spyware or Web pages full of javascript force a suspect's Web browser > to take actions that result in the appearance that the owner of the > computer caused Internet content to be retrieved when in fact the owner > of the computer may not have known what was happening, malicious Web site > programmers know how to use techniques such as pop-unders and frames to > hide scripted behavior of Web pages. Furthermore, once the Web browser is > closed and its temporary files are deleted, every bit of data that was > saved 'temporarily' to a file by the browser becomes a semi-permanent > part of the hard drive's unallocated space and we have no way to tell the > difference between data that was once part of a temporary file created > automatically by a Web page being viewed or scripted inside a Web browser > and the same data placed intentionally on the hard drive by its owner > without the use of the Internet. Also ..." > Then you obviously don't understand the adversarial nature of our justice system. It's the job of the *defense* attorney to discredit the evidence presented by a witness for the prosecution. It is *not* the job of the prosecution to torpedo its own case. Even in an ideal world where no prosecutor is ever over zealous, this would be brain-dead stupid. Paul Schmehl (pauls@...allas.edu) Adjunct Information Security Officer University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/ir/security/
Powered by blists - more mailing lists