lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 26 Jan 2010 14:22:09 -0500
From: T Biehn <tbiehn@...il.com>
To: Charles Skoglund <charles.skoglund@...sec.se>
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Disk wiping -- An alternate approach?

Unknown malware? Infections recently deleted by A/V?

The realm of data ownership is ridiculous. If I run an wifi AP with
WEP or no auth, my router keeps no logs, and my computer is a host to
malware then I would imagine that I cannot be convicted of a computer
crime without verification by physical surveillance.

If given the choice by a lawyer between pleading guilty and receiving
a lenient punishment and pleading not-guilty to certain loss for
severe punishment in the face of 'irrefutable' evidence most people
will choose to plead guilty. Prosecutors, Lawyers, and defendants are
largely either ignorant or apathetic to the issues around proving
culpability in computer-crime.

And case law would back me up.

-Travis

On Tue, Jan 26, 2010 at 3:11 AM, Charles Skoglund
<charles.skoglund@...sec.se> wrote:
> This discussion is getting weirder and weirder. If an examiner finds
> evidence on YOUR computer / cell phone / usb disks / whatever, please do
> tell me how it's not necessarily yours? By claiming your computer has been
> hacked? You do know an examiner usually knows how to double-check your story
> for malicious code right? Or what are you guys talking about?
>
> My experience is that when I find the evidence, the person/s being
> investigated confesses quite rapidly.
>
> Cheers!
>
>
>
> On 1/26/10 4:31 AM, "Bipin Gautam" <bipin.gautam@...il.com> wrote:
>
>> So to the point, the techniques of forensic examiners were flawed from
>> day one given that any text/evidence found on your computer is NOT
>> NECESSARILY yours! Does that break digital forensics........?
>> oops.................
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
FD1D E574 6CAB 2FAF 2921  F22E B8B7 9D0D 99FF A73C
http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on
http://pastebin.com/f6fd606da

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ