Slashdot Mirror
Alternative Browsers Impede Investigations
rbochan writes "Allegations in an article over at CNET propose that alternate browsers such as Firefox and Opera impede law enforcement and investigation efforts because they "use different structures, files and naming conventions for the data that investigators are after", which can "cause trouble for examiners.""
This is one of the dumbest articles I've read in a while...
From TFA:Implying that 'alternate browsers' such as Firefox and Opera, 'hide' data? Shenanigans! These other browsers don't 'hide' anything...you just have to know where to look.
Also from TFA:You can't be serious. If it's this easy to thwart the authorities, maybe I should tender my resume.
God help these 'professionals' if a suspect's computer happens to run Linux...which brings up a disturbing thought...is the presence of a 'non-standard' browser or OS now going to be 'suspicious' to investigators, because they can't seem to penetrate its 'arcane secrets'?
____
~ |rip/\/\aster /\/\onkey
Heaven forbid that they have to learn to deal with a different file layout. I mean, it's not like these are supposed to be skilled professionals practicing their trade here...
sed "s/SJW.*$/... never mind. I was about to say something stupid, and also, I'm a troglodyte./Ig"
It sounds like a lot of the people doing this kind of investgation aren't actually computer experts, but using pre-packaged software or following a list of directions someone has tailored for IE.
Effectively, they're professional script kiddies working for the common good instead of against it.
The lesson? Training. You wouldn't put a detective in the morgue and hand him a scalpel, and you wouldn't drop him in a science lab. You'd hire a coroner, you'd hire someone trained in forensic science. If you're going to search someone's computer for evidence, hire an expert or train someone to become an expert.
This is going to be moot if the law enforcement is dealing with people who are serious about what they're doing. I'm sure that if someone is planning an elaborate high-profile attack, they would have the sense to be careful as well, so it won't matter if you use IE or if you use Firefox or if you use Lynx--it's not that hard to wipe out all traces of activity from your computer no matter what browser you use. So I doubt that this is going to be of any help in dealing with smart criminals.
;)
And if the law enforcement can't figure out how to write a simple tool to decipher the files that are left behind from alternative browsers (especially one like Firefox that is open-source, meaning that the format of such files would be easy to determine), then that's just, well, pathetic.
And finally, I think that this is a good thing. Most people in this world will probably never ever have to deal with law enforcement. But they do have to deal with snooping parents, snooping friends, snooping girlfriends, snooping spouses, snooping bosses, etc., so I welcome this as good news.
In other words, they seem to be slamming Firefox, but actually it is pretty good advertisement for Firefox. They should put on their front page.
"Even the brightest police investigators can't look at your browser history! Get Firefox today, the most secure browser."
I question the trust that slashdotters seem to have in this new story. Why should we believe it?
The general police forces have managed to get a new story published on how they can not deal with any sort of semi-modern technology. Why should we believe it?
If I were the police, and I'm sure the police have at least one or two people smarter than me. then I would go to great lengths to get this story published. Why? Not because I can't figure out Firfox, be because I -can- figure out Firefox.
If my suspect thinks that I am too dumb to understand Firfox, then my suspect is far less likely to use powerful encryption. Without the powerful encruption, I -can- read Firefoxes files, and a significant proportion of criminals will think they are safe when they are not.
Hell, I'm not even law enforcement but I still find it obvious how this story is a great advantage for the law enforcement community.
to accept the praise of personal wisdom is an affront to the very ideal i hold dear.
I guess those people locking their door are all bad guys as well. After all, the fact that they lock the door shows clearly that they are thiefs, and just want to protect those things they've stolen. So the result of more people locking their doors will be an increase of stealing from those good citizens who leave their door open.
The Tao of math: The numbers you can count are not the real numbers.
Nobody should ever make it easy for script kiddies (especially because they have a Chicken Inspector Badge).
Sorry about the writing. Robot fingers, you know? Cliff Steele in DOOM PATROL #23
Boo Hoo!
Umm, if they want to require convicted sex offenders to use only approved software on their computers, I guess I can live with that. (They let them have access to the _internet_ while on parole? Convicted sex offenders? Isn't that, like, lenient *enough*? I think that's really fairly generous, to allow them that, under the circumstances, considering that there really aren't adequate resources to monitor it very closely at all.)
But as far as regular, non-convicted type people, I don't think it's reasonable to consider using an alternative browser to be "making trouble" for potential investigators. I mean, if having the web browser cache in a different place makes investigation hard, what would happen if a suspect had, I don't know, a Mac, for crying out loud? If the investigation doesn't warrant getting somebody who knows enough to find the browser cache in a slightly atypical place, is it even worth investigating the computer at all?
I mean, what would happen if the suspect had an MSIE icon on the desktop, and used it for normal stuff, but for subversive or illegal activities used something else, something with *no* shortcut icon on the desktop or in the start menu? You know, like a copy of Netscape 4 tucked away in a hidden directory underneath C:\WINDOWS\SYSTEM16\ someplace?
C'mon, either *investigate* the computer, or else don't, but just casually going through the single most obvious place, does that really count as an investigation? That's the electronic equivalent of getting a warrant, looking for stolen merchandise on the kitchen table and in the bedroom closet, and ignoring the attic and basement. What kind of investigator operates that way? Seriously, act like your job might actually matter and be worth doing, or something.
Cut that out, or I will ship you to Norilsk in a box.
> I suspect it would be very hard to thwarte a computer forensics expert
An encrypted filesystem would presumably make their job rather harder.
Of course, that only works for ex-post-facto forensics. If someone plants a hidden camera where it can see your screen and keyboard for a week, your encrypted filesystem has accomplised, to a first approximation, nothing.
Of course, the *best* way to avoid having computer forensics experts crack your computer is to just be innocuous, i.e., just don't do anything that will make computer forensics experts want to investigate your computer. Granted, not everyone can do this; if, for instance, you are an executive for a major international corporation, you should probably assume that at some point someone will attempt to investigate you and/or your computers -- if not law enforcement, then the competition or a freelance information seller. So you do want to think at least briefly about the question, "Who would want to break into my computer, and what will it cost me if they succeed?" In my case I've concluded, at least for the time being, "Maybe some neighborhood kid fooling around" and "Not much if I have offsite backups." YMMV.
Cut that out, or I will ship you to Norilsk in a box.
We show too much kindness to rapist and child molesters.
Welcome to Oops!
Here, we have aa drunken frat boy who took a whiz in a parking lot. Public indecency, sex offender. Over here, we've got a highschooler who mooned his principal on graduation day. Sex offender.
So lets all say it together! "OOPS!"
Keep that in mind while you're busy waving around your burning crosses and what not. Not everyone who is a "sex offender" is a child rapist, or even really all that offensive.
But for now, you can murder somebody, and you don't have to register, but mooning somebody, peeing outside, or being 20 and having sex with a 17 year old who said she was 19 can get you labeled as a sex offender for life (depends on the state) and that's just plain wrong.
I suspect that varies from state to state. In any event, even if you molest your child, you're still their parent, so it would seem appropriate that you should still have `paternal rights' (which is a remarkably vague concept anyways.)They (Child Protective Services and similar government organizations) don't generally take children away from their parents and never ever give them back except maybe in the most extreme cases. Being placed in a foster home or orphanage, especailly forever, is seriously disruptive to a child's life, so they're not going to do that if there's any other alternative. They'll have to look at each case individually and try and work out what's best for the children. In most cases, that probably involves staying with the parent(s), and instead getting counselling for the parents or something.
Infants generally have no problems getting adopted. But once the kids grow up a bit, things change, especially if they're not white. Few people want to adopt them, and so they get shuffled between foster parents and orphanages. Not a good way to grow up.