lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200606291551.59035.requiem@praetor.org>
Date: Thu Jun 29 23:51:53 2006
From: requiem at praetor.org (Jeremy Bishop)
Subject: FBI Says Data on VA Laptop Not Accessed

On Thursday 29 June 2006 15:05, Brian Eaton wrote:
> Would any of the forensics experts out there care to comment on the
> claims in this story?

The story is written for John Q Public.  The claims, of course, are as 
meaningless from a forensics standpoint as they are useful from a 
political standpoint.

The safe assumption is that their statement was based on the file access 
timestamps having not been updated.  (Or even that the last person to 
log in was the person from whom the laptop was stolen.)  If you like, 
you can therefore conclude that the data was not accessed by a complete 
idiot.  The proper way of taking the data has the happy side effect of 
leaving essentially no evidence.

Jeremy

> -----
> The FBI, in a statement from its Baltimore field office, said a
> preliminary review of the equipment by its computer forensic teams
> "has determined that the data base remains intact and has not been
> accessed since it was stolen." More tests were planned, however.

-- 
Quemadmoeum gladius neminem occidit, occidentis telum est.
A sword is never a killer, it's a tool in the killer's hands.
                         --  Lucius Annaeus Seneca (4 BC-65 AD)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ