full-disclosure-uk January 2010 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] Disk wiping -- An alte

Re: [Full-disclosure] Disk wiping -- An alternate approach?

From: T Biehn <tbiehn_at_nospam>
Date: Tue Jan 26 2010 - 19:22:09 GMT
To: Charles Skoglund <charles.skoglund@bitsec.se>


Unknown malware? Infections recently deleted by A/V?

The realm of data ownership is ridiculous. If I run an wifi AP with WEP or no auth, my router keeps no logs, and my computer is a host to malware then I would imagine that I cannot be convicted of a computer crime without verification by physical surveillance.

If given the choice by a lawyer between pleading guilty and receiving a lenient punishment and pleading not-guilty to certain loss for severe punishment in the face of 'irrefutable' evidence most people will choose to plead guilty. Prosecutors, Lawyers, and defendants are largely either ignorant or apathetic to the issues around proving culpability in computer-crime.

And case law would back me up.

-Travis

On Tue, Jan 26, 2010 at 3:11 AM, Charles Skoglund <charles.skoglund@bitsec.se> wrote:
> This discussion is getting weirder and weirder. If an examiner finds
> evidence on YOUR computer / cell phone / usb disks / whatever, please do
> tell me how it's not necessarily yours? By claiming your computer has been
> hacked? You do know an examiner usually knows how to double-check your story
> for malicious code right? Or what are you guys talking about?
>
> My experience is that when I find the evidence, the person/s being
> investigated confesses quite rapidly.
>
> Cheers!
>
>
>
> On 1/26/10 4:31 AM, "Bipin Gautam" <bipin.gautam@gmail.com> wrote:
>
>> So to the point, the techniques of forensic examiners were flawed from
>> day one given that any text/evidence found on your computer is NOT
>> NECESSARILY yours! Does that break digital forensics........?
>> oops.................
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/