lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20050905202945.CD724379@lists.grok.org.uk>
Date: Tue Sep  6 01:11:32 2005
From: dave at isecureu.com (dave kleiman)
Subject: RE: Computer forensics to
	uncoverillegalinternet use

Saw this article just know, referencing UK law on the subject:

http://castlecops.com/article-6223--0-0.html

"Under existing UK legislation, companies and their senior managers can
already be criminally and civilly liable for illegal and inappropriate
images found in the workplace. Yet in a recent survey conducted by PixAlert
and The Chartered Institute of Personnel and Development, over 50% or
managers were unaware of this."

Dave

> -----Original Message-----
> From: Craig, Tobin (OIG) [mailto:tobin.craig@...gov]
> Sent: Sunday, September 04, 2005 11:14
> To: chromazine@...global.net; full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] RE: Computer forensics to
> uncoverillegalinternet use
>
> The following are my personal opinion, and in no way
> represent those of my employer....
>
> Actually Steve, the issue of "virtual children" never even
> came up.  The discussion has evolved from a call from the
> community for help in investigating what may or may not turn
> out to be child pornography. Based on some highly
> questionable advice from a member of this list (and I
> apologize to the list moderators, it was the decision of the
> same individual to spread the discussion here too), I and
> others have intervened to bring to focus the potential legal
> consequences of this persons dubious advice, that being the
> willful destruction of evidence which otherwise might be used
> in the investigation of crimes against children.
>
> Just my opinion,
>
>
> Tobin
>
>
>
>
> -----Original Message-----
> From: Steve Kudlak <chromazine@...global.net>
> To: 'Full-Disclosure' <full-disclosure@...ts.grok.org.uk>
> Sent: Sun Sep 04 10:51:42 2005
> Subject: Re: [Full-disclosure] RE: Computer forensics to
> uncover illegalinternet use
>
> Chuck Fullerton wrote:
>
> 	All,
>
> 	I do find this like of discussion very interesting.
> However, there has been so much discussion that it's getting
> difficult to folllow.  Therefore, I'd like to make the
> following recommendation for future posts.
>
> 	1.  Minimize the text you to which you are replying to
> the pertinent info.
> 	2.  Everyone use the same method of replying..  (i.e.
> inline, top or bottom)  I don't care which but it's really
> getting tough to follow.
> 	3.  Keep the discussion going as I'm really getting
> alot out of this.  ;-)
>
> 	Sincerely,
>
> 	Chuck Fullerton
>
>
>
> It is a pretty complex issue due to the questions raised.
> I'll try to clip things a bit. It was hard to look at it in a
> simple manner because it involves several interelated ares I
> tried to break it into the main issues. Perhaps I should have
> tried to spell out my points a little more clearly. But it
> gets down to the whole meat of all sorts of legal things,
> like the questions of knowingfully and willfully doing
> something proscribed. The attempts to seperate this from just
> overlooking of something or the concerns  of privacy. The
> interesting thing for me was when someone brought up the
> concept of  "virtual children" as that was actually legally
> looked into.
>
> What I think would be really edifying is what things are like
> in other legal systems such as the EU systems and world
> courts. I say this because one of the big uses of electronic
> evidence in prosecutions has been with the federal courts
> attempts to prosecute sex tourists and the not quite
> underground in that area. By that I mean one can buy the
> "Have Sex Fun in Asia" books on the secondary open market.
>
> My suspicion is there is convert attempt to push things into
> a more interventionist stance in the hopes that things might
> be discovered.  The problem I see in states with extensive
> privacy like California is how much one can go through a
> user's files without their leave.  As far as I can tell there
> has been no real legal precedent and prosecution on the ideas
> of that say sysadmins are overlooking something.
>
> The really insteresting issue is whether the beginning of
> thread question behavior was highly illegal because it
> involved destruction of potential evidence. That means it
> would have to be pretty egregiously say "child porn" and not
> just say soi disant 18 year olds who weren't. Curious that
> the 18 as age of adulthood allows two precious years for porn
> folks to say "Hot Teens" etc. and still be on the safe side.
>
> Now the other interesting thing and I am worrying I am making
> it more complicated than it should be is the hope by some
> prosecutors that the US would sign treaties the US might have
> to at least try to obey that would accomplish what they want
> without getting it passed or having legal precedent in the US.
>
> Note MI-6 tried this in reverse about another issue and it
> died a quiet death. There is a site on the net run by a
> certain architect and he has been a thorn in the side of MI-5
> and MI-6 and "Gardie" (sorry can'r remember real spelling) in
> Ireland(North and South). Due to the strong First Amendment
> in the US it has been impossible to block publishing in the
> US and on the Internet of this information which actually
> involved pictures of Northern Ireland's Internal Police Folks
> that work in terrorism supression. They were hoping a treaty
> would allow them to get at the US publishers and that failed.
>
> Overall my suspicion is that overall this end-run technique
> will fail in general.  It is interesting because the failure
> of the Michael Jackson prosecution pretty much left the
> Federal Prosecutors as the lone rangers who seldom fail at
> these various sex crimes prosecutions. It would be their
> ability to win consistently and get people declared
> accesories that would change things.  I don't think that ios
> going to happen.
>
> Note I won't extend this because it is already longer and
> more convoluted than I intended it. I am going to kind of
> shut up now because this is sort of the state of knowledge
> and practice as I am aware of it. Again if someone knows
> about these things in other legal systems or has any insights
> into the attempts to stop people using encryption I would
> like to hear it.
>
> Have Fun,
> Sends Steve
>
> P.S. If anyone finds interesting cases or precedents I would
> like to hear of them. All that stuff of knowing the cases
> that set precedent like one knows good novels one has read or
> movies one has watched that made a tatement has finally began
> to sink in. It took a long time and a lot of reading but I
> now know why they quoted things involving Youngstown Tool and
> Die cases in Constitution Rights cases.;)
>
> Have Fun,
> Sends Steve
>
> P.S. Note I have bcc'd many recipients in case they aren't on
> the list and trying to keep the email to have get moderator
> approval...
>
>
>
> ________________________________
>
> 	From: full-disclosure-bounces@...ts.grok.org.uk
> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf
> Of Steve Kudlak
> 	Sent: Sunday, September 04, 2005 1:45 AM
> 	To: dave kleiman
> 	Cc: 'Craig, Tobin (OIG)'; echow@...eotron.ca;
> 'Sadler,Connie'; jbeauford@...htInOnePet.com;
> 'Full-Disclosure'; security-basics@...urityfocus.com
> 	Subject: Re: [Full-disclosure] RE: Computer forensics
> to uncover illegalinternet use
>
>
> 	dave kleiman wrote:
>
> 		Steve,
>
> 		Inline..
>
>
>
> 			Hate to play alwyer here but doesn't
> all of this get shot down by 3rd
> 			Circuit Federal Court of Appeals
> decisions regarding the FBI's
> 			Innocent Images project?  It basicly
> shot down the concept of  "you
> 			clicked on a chold porn link therefore
> you're guilty."
>
>
>
> 		Well that applies to when it is determined that
> it was innocent.  This could
> 		be via pop-up, trojan, or maleware of some kind.
>
>
>
>
>
> 			This is all enshired in Federal
> 			Cases. No one must admit that a good
> prosecutor can indioct a  ham
> 			sandwich and all that. But overall that
> doesn't happen.
> 			Now Federal Prosecutors and
> Investigations staffs are very  good at
> 			sort of getting warrants and raiding
> someone's house  or business and
> 			going thru everything. But if the
> person  doesn't scare and cop to
> 			something they never did, then  federal
> prosecutors generally have to
> 			back off in cases where  it is just
> things accumulating on disks etc.
>
>
>
> 		Well they do not usually prosecute ham
> sandwiches, BLT's maybe.
>
> 		I love how everyone is quick to say things just
> magically accumulated on
> 		their H/D.  However, they tend not back of when
> a file structure is found
> 		with hundreds of images, often burned to CD's.
>
>
>
> 			Futhermore in
> 			states with a high privacy expectation
> like California there is a good
> 			reason to say "We don't go through our
> customers data looking for
> 			things out of the ordinary". One might
> argue it to be different it
> 			were one's employees. However if you
> are offering a primo privacy
> 			service then you can legitimately scrub
> disks as a part of the biz
> 			plan.
>
>
>
> 		Well that may be, of course you missed the
> beginning of these threads, where
> 		Mr. Combs suggested after discovering
> contraband on and employees H/D, to
> 		make a copy of it take the copy to the
> companies attorney. Wipe the original
> 		and "best course of action is to purposefully
> falsify the record of the
> 		company's response to the incident"
>
> 		The full threads can be read here:
>
>
> http://seclists.org/lists/security-basics/2005/Sep/subject.html
>
> http://seclists.org/lists/security-basics/2005/Aug/subject.html
>
>
>
>
> 			Much of Law Enforcement and theiir
> Public Providers of services
> 			depends on scaring people and
> businesses into good behavior when it is
> 			neither necessary or ethical. My
> suspicion is that one can ignore this
> 			tactic if one wishes as one is
> reasonably careful.. I am sure that
> 			people will be offereing  "Computer
> Forensics Services" to find the
> 			scary things on your compnys disks for
> $500 a pop but no good reason
> 			one has to engage in such silliness.
>
>
>
>
> 		Yes that crazy scaring people into good
> behavior....... Oh wait that is
> 		right only reasonably prudent people follow the
> law, criminals tend to not
> 		care if there is law against something, they
> are not scared into not
> 		committing crimes, that is why they are criminals.
>
> 		Kind of like the lawlessness that is occurring
> in the situation you
> 		mentioned below.  Some people would say that
> the devastation has turned
> 		these people into criminals. Although, the
> reality is the people committing
> 		the crimes are the same ones that were
> committing them before the
> 		devastation.
>
>
>
> 			Excuse my flipness. I just got through
> friends caught up in this call
> 			people stranded and alone by the
> hurricane in the SOuthland and all
> 			these other things do ring silly right now.
>
>
>
>
> 		Regards,
>
> 		Dave
>
>
>
>
>
> 	For a long time I sysop'd an open system, I dunno how
> much time I ended up deleteing "girl with vaccum cleaner"
> pictures. This is getting weirder and weirder because with
> photoshop people can create things that do not exist in real
> reality. Of course you have really funny things like this one
> image that was from Japanese advertizing. They had a 10 year
> girl with this incredibly large pretty phallic looking squirt
> gun which she was squirting with a look of bliss on her face.
> It was pretty funny. It was funny how when showed this image
> it became a "cynicism filter". People would divide into the
> group that thought this was completely enmgineerd from the
> get-go and those who thought it was just some werid thing
> that came out and no one noticed it, or that it was the
> product of the fact that much of  Japanese Culture doesn't
> quite go looking for all possible suggestive variants.  It
> really became a filter.
>
> 	Now my suspicion about people in the US Southland is
> that it is a bit of opppurtunism in the face of despair and
> the feeling that "whitey has been shitting on us for
> centuries". Me being on the North American  West Coast
> doesn't notice that because there were no slave quarters and
> slave markets in California, Washington, Oregon, British
> Columbia and we are apt to think a "quadroon" is a small gold
> coin that would be nice to find in one's progentitors coin
> collection. I don't think it is because there is just a
> massive criminal element hidden from us. Now some of the
> behavior sounded like what I found in my tenure at a small
> residential hotel. From the last week of the month to the
> first week of the next month a number of curious items would
> end up for sale. It was always curious to imagine where these
> items came from, some were legitimatgely obtained, others
> probably not. There was always an argument among the low rent
> district types that universally almost always aligned as
> "crazy white guys accusing mexicans of shop lifting and
> reselling, whereas many of the items they had could be seen
> as coming from equally questionable sources.
>
> 	Now if one talks to Federal Proscutors they will tell
> you that they feel comfortable with their "Vacuum Cleaner"
> approach. They feel if they do go and get everyone
> questionables stuff and go through it, then one will be able
> to determine how many folks had thing accumulating on their
> disk and how many actively collected it etc. Now
> interestingly with the Third Circuit's Decision which is
> close to rock solid at this point in precdent, people like
> journalists would sort of get wide descretion especially if
> they were working on stories and doing investigations etc.
>
> 	Two other things come in here. In both the US Ninth
> Circuit and Upper Level Courts of British Columbia it has
> been held that one can not commit crimes against "virtual
> children" or "animated descriptions of children etc".  This
> means the general belief in liberal democracies that "thought
> crimes" are questionable is beginning to be enshired in code
> and precedent. I am pretty sure this is well embedded in
> North American Culture and is apt not to go away even with
> the idea, darfe I say spectre two very conservative
> reversalist judges on the Supreme Court. Note I have not had
> time to study how things work in the EU or even Australia.
>
> 	Now technoculturally want this may eventually provoke
> is the use of high grade encryption by more people. Right now
> I know even artists who hqave become more technologically
> saavy and who encrypt things even when legal code is on their
> side overall. In the 1970s and 1980s there were a number of
> legal razzlements of artists who used their children as nude
> models no matter how innocent. This went too far and
> eventaully what got established is the concept that "simple
> nudity is not obscene".  It is interesting because artists
> are not usually seen as users or consumers of secuiity
> products and things like encryption.
>
> 	Anyway this is all very interesting and we do live in
> interesting times. So it will be interesting to see how this
> will go and whether the bizness idea of trying to safe from
> all possible wrongdoing or perceived wrongdoing will win out
> overall. I know lots of vendors and security consultants have
> been hoping that "porn protection" would turn into a
> lucerative field but so far it doesn't compare to virus and
> malware protection.
>
> 	Interestingly in artist circles the whole imaging thing
> has turned into "sousveillence" and artists have been having
> way too much fun turning the cameras back on the people who
> usually use them.  It is interesting that people like Sudo
> Chiles House who was one of the first people to install a
> "cam" which in her case was a 35mm camera that took pictures
> regularly of her bedroom is all buit forgotten in the modern
> installatiion of cams in various public and private spaces.
> Note the UK and places in Florida have been very much into
> the "you are being watched" theory of crime control. I also
> have heard tales of  "spy camera destroyers" who have been
> running around spray painting cameras but I think that is not
> widespread at this point.  Hmmm, indeed these are interesting
> times. whether it is a blessing or a curse is an open question.
>
> 	Have Fun,
> 	Sends Steve
>
>
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ