|Main Archive Page > Month Archives > full-disclosure-uk archives|
> You are telling me "Modern forensic" examiners DRAW CONCLUSIONS
> without look it ALL possible evidence and by shifting just a few bytes
> of possible "related keywords" and draw insufficient conclusions?
No, they find the keyword in a file (or fragment thereof) and examine the resulting file or reconstruct the fragments to see if it's relevant to their investigation. Putting YOUR bomb plot amidst thousands of news articles about OTHER bomb plots won't fool them, and it'll make you look sufficiently guilty that you'll sit in jail while they waste their time.
> it like, when an forensic incident happens you take fingerprint from
> the whole house skipping a few rooms thinking there are sooooo many
> rooms to look for.....?
Depends on what they're trying to prove. In a burglary case, they might see prints on the stereo cabinet and lift those. No need to fingerprint the entire house when they've got a clear print, although they usually grab a few others just to be sure.
Apparently you've never sat through a trial .. find an interesting case and go attend, it's highly educational. Basically a jury is 12 people of the general population (in actuality, an in-depth knowledge of the subject matter at hand is likely to get you dismissed as a juror by one or both sides). The jury, having watched CSI and such will listen with utter fascination at the State's expert in computer forensics talk about how he extracted the data and it will paint a VERY convincing picture for 12 people that know nothing about computers.
> On top of that, the keywords they fish-out that way is by no guarantee
> belonging to the OWNER OF THE COMPUTER instead as leftover chunks from
> the internet written by someone and lands on your computer's in
> disk-fragments as free-space as browser cache is flushed ?
Possession is 9/10ths of the law. You can try and float your "wikipedia did it" theory at trial, but ultimately it's a matter of which theory sounds more plausible to the jury :
Quit trying to re-invent the wheel and get your crypto on and lawyer up when asked about it.
Cleveland State University