Slashdot Mirror

← Back to Stories (view on slashdot.org)

Alternative Browsers Impede Investigations

Posted by CmdrTaco on from the all-the-more-reason-to-switch dept.

rbochan writes "Allegations in an article over at CNET propose that alternate browsers such as Firefox and Opera impede law enforcement and investigation efforts because they "use different structures, files and naming conventions for the data that investigators are after", which can "cause trouble for examiners.""

68 of 720 comments (clear)

  1. It's *not* rocket science, guys... by TripMaster+Monkey · · Score: 5, Insightful

    This is one of the dumbest articles I've read in a while...

    From TFA:
    Internet Explorer hides nothing from police and other investigators who examine PCs to discover which sites the user has visited.
    Implying that 'alternate browsers' such as Firefox and Opera, 'hide' data? Shenanigans! These other browsers don't 'hide' anything...you just have to know where to look.

    Also from TFA:
    These programs use different structures, files and naming conventions for the data that investigators are after. And files are in a different location on the hard drive, which can cause trouble for examiners.
    You can't be serious. If it's this easy to thwart the authorities, maybe I should tender my resume.
    God help these 'professionals' if a suspect's computer happens to run Linux...which brings up a disturbing thought...is the presence of a 'non-standard' browser or OS now going to be 'suspicious' to investigators, because they can't seem to penetrate its 'arcane secrets'?
    --
    ____

    ~ |rip/\/\aster /\/\onkey

    1. Re:It's *not* rocket science, guys... by DrEldarion · · Score: 5, Funny

      Oh come on, it's nearly impossible to find the URL history! Ctrl-H is a very, very complex cracking method.

    2. Re:It's *not* rocket science, guys... by MyLongNickName · · Score: 4, Insightful

      Is is dumb, but not for the reason you suggest. It is dumb because software isn't to be designed with 'criminal investigator usability' as a design consideration.

      Simple as that.

      --
      See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
    3. Re:It's *not* rocket science, guys... by KiloByte · · Score: 5, Funny

      Actually, FireFox Deer Park (pre-1.1) which I am using right now has a right-in-your-face menu item to remove this kind of data. Those bad evil criminals don't even have to dig through the options to purge the evidence for their wrongdoings. Clearly, this browser must be a work of the devil and should be banned.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    4. Re:It's *not* rocket science, guys... by Anonymous Coward · · Score: 3, Funny

      Well, you just proved the authors point.

      On the BeOS version of Firefox it's ALT+H, not CTRL+H! ;)

    5. Re:It's *not* rocket science, guys... by EvilMonkeySlayer · · Score: 5, Informative

      If you're using windows (2000/XP Professional), right click on the directory you want to use encryption. Then select Properties, on the general tab click on Advanced and tick Encrypt contents to secure data.
      There you go, transparent encrypted directory.
      Also, Truecrypt is capable of encrypting stuff too.

    6. Re:It's *not* rocket science, guys... by Valiss · · Score: 4, Funny

      Oh come on, it's nearly impossible to find the URL history! Ctrl-H is a very, very complex cracking method.


      Good job. Now you've flagged yourself and the FBI is undoubtedly on its way. Giving away what is most likely a National Secrect! Please don't let them look here.

      --

      -Valiss
    7. Re:It's *not* rocket science, guys... by BJZQ8 · · Score: 5, Interesting

      This is NOT a joke. I have dealt with some state police "computer forensics" people that were little more than a rookie cop with a "Computer Forensics for Dummies" book under their arm. It was THAT bad. They used undelete utilities and such to get a file off of a ZIP disk. Wowee. They are given virtually unlimited budgets and permission to buy practically any computer item, all in the name of security...but you can't change the fact that they are LEJA majors, not CS majors.

    8. Re:It's *not* rocket science, guys... by beacher · · Score: 4, Informative

      Here's the best part - "One specific challenge with Firefox and Opera is identifying which Web addresses have been entered manually as opposed to having been clicked on in a hyperlink"..

      Cmon.. any advanced porn^H^H^H^H surfer knows to go to google, enter the url and click through google's url. That way you don't have a suspicious empty dropdown bar and you can simply delete the url and google's search url) from the history and for all intents and purposes, you never went there (just dump the cache).

      I guess these guys were never married. Simply having an attentive wife teaches you that FED defeating trick. The location dropdown bar and autocomplete can be a lot of trouble.

      Heh

    9. Re:It's *not* rocket science, guys... by Florian+Weimer · · Score: 5, Informative

      Oh come on, it's nearly impossible to find the URL history! Ctrl-H is a very, very complex cracking method.

      Digital forensics is performed offline. You don't run the browser software to read its history.

      However, I fail to see how this would create problems for law enforcement. Most of the interesting data is readily available. And the data formats haven't changed that much since the days when Netscape was the dominant browser.

    10. Re:It's *not* rocket science, guys... by Anonymous Coward · · Score: 5, Funny

      In related news, police are complaining that not all criminals conduct their affairs in American Standard English.

      "It's an outrage! Why do people insist on impeding our efforts to be an all-seeing eye?"

    11. Re:It's *not* rocket science, guys... by RetroGeek · · Score: 5, Insightful

      There you go, transparent encrypted directory

      Which means it is transparent to the logged in user, which means it is transparent to the virus/ trojan horse/ spyware.

      And your point?

      --

      - - - - - - - - - - -
      I am a programmer. I am paid to produce syntax not grammar. Deal with it.
    12. Re:It's *not* rocket science, guys... by Hadlock · · Score: 4, Informative

      Or in Mac OS X, go to System Preferences, click on the Security button that looks like a house with a padlock dial on it, then click the button that says Turn on FileVault. It'll take probably an hour to encrypt your hard drive in 128 bit encryption depending on computer speed and hard drive size, leaving you with a transparent encrypted directory.

      --
      moox. for a new generation.
    13. Re:It's *not* rocket science, guys... by ArsonSmith · · Score: 4, Funny

      Yea and someone with the title "Computer Forensics Expert" shouldn't have to learn all these diffrent conventions.

      --
      Paying taxes to buy civilization is like paying a hooker to buy love.
    14. Re:It's *not* rocket science, guys... by Lumpy · · Score: 4, Insightful

      I also agree with this.

      we hired an Ex FBI computer forensics expert, he "retired" 3 years ago at the age of 37. the man knows absolutely nothing about computer forensics. I started talking to him during lunch to ask him how he would recover evidence from a company PC that a user was using to surf kiddie porn with.

      He said you grab the IE history folder and temp internet folder.

      I asked so what do you do when that user uses the option to empty the contents of that folder or uses XP power tools to set it to empty it on a regular basis. or installed one of those "hide your tracks" programs you get spams about every other week?

      He responded that highly skilled hackers like that are not common in the business world and then he would have to send the drive in for electron microscope examination.

      The man shit his pants when the situation finally came around that he was unable to retrieve evidence from a ex employee's laptop. I gave them a printout of cookies to all the websites the guy visited and a detailed record of his ill-gotten web useage for the last week he was here. I used my leet haxor skillz and unleased a secret tool called proxy server logs as well in my 20 minutes. He took 7 days to retrieve nothing.

      and at that time I was a lowly know-nothing IT guy.

      moral of the story? if you have 1/2 a brain it is really easy to elude the police in "computer crime" and hide all your evidence easily. the only thing going for the police is that the typical criminal is working with 1/16th of a brain.

      --
      Do not look at laser with remaining good eye.
    15. Re:It's *not* rocket science, guys... by Shads · · Score: 5, Funny

      Sgt.Smith: "Damnit Jones, firefox. Another criminal goes free."
      Lt.Jones: "You you know Smith, I sometimes wonder if we just were competant with computers if we could well, you know, understand basic computer forensics instead of relying on software to do it for us?"
      Sgt.Smith: "Shutup Jones, theres a way we do things here, it's the microsoft way, all other ways are abhorant and methods of the terrorists."
      Lt.Jones: "Good call Smith!"

      *sigh* It's only sad because it could be true. Police forces need to hire security professionals and train them to be computer forensics. Not hire police officers and rely on them to learn the ins and outs of computer security.

      --
      Shadus
    16. Re:It's *not* rocket science, guys... by Total_Wimp · · Score: 5, Insightful

      It is dumb because software isn't to be designed with 'criminal investigator usability' as a design consideration.

      But I wish more software was designed with leaving a small or non-existant trail as a design consideration.

      When I speak on the phone, none of it get's recorded unless someone makes a special effort to do so. I would hope my computing experience could be the same.

      And I really hate the idea that a bunch of you people are thinking I'm some kind of major criminal for wanting it that way. If you happen to be one of the ones that think I should be happy to have everything logged, then please set up a web cam in your bedroom and tape everything that happens. After all, there really isn't any chance of it falling into the wrong hands and law enforcement might need to check those tapes to make sure you're not snorting coke in there. Cops are good people and none of them will laugh about what you're doing witht that banana. I promise.

      TW

    17. Re:It's *not* rocket science, guys... by SeaFox · · Score: 4, Funny

      However, I fail to see how this would create problems for law enforcement.

      Maybe their forensic tools can extract the browser history from the file and the software isn't aware a bookmarks file doesn't have to be named "favorites".

      At least I hope that's the issue.

      Tip for Kiddie Porn addicts: Keep your vids in someplace besides the "My Videos" folder. The authorities will never be able to find them if they're "hidden" in some other folder.

    18. Re:It's *not* rocket science, guys... by Anonymous Coward · · Score: 3, Funny

      I wonder what they would do if they found a computer where Linux was installed and used...

      They'd give the computer back to its owner out of compassion for him being such a geek that he needed to look at pr0n all day in lieu of getting laid.

      At least, that's what happened to me...

    19. Re:It's *not* rocket science, guys... by stryc9 · · Score: 5, Funny
      hahahaha.... lol

      I found this out really quick after the SO moved in. Right after she went to check the website of her university which starts with a 'C' and the first link that pops into the autocomplete bar is Cumfiesta.

      I just bought her a computer of her own.

      --
      www.madeofwinandawesome.com
    20. Re:It's *not* rocket science, guys... by major.morgan · · Score: 4, Interesting

      I teach both networking and computer security. In my classes I have had personal experience with "Computer Crime Investigators". Most of them are officers who have gone to $20-50,000 (not exaggerating) worth of training in a few weeks that they don't understand, got a few "law enforcement only" utilities (Knoppix has better tools) that they can run. They are no better at understanding technology than your average office user. If they can't click a button in their tools and have all of the evidence discovered, analyzed and spit out in a non-technical report - they generally won't get much. Add a sprinkle of encryption and they are baffled. There are those who are quite skilled, but as with most things - they are few and far between.

      For example: I have a friend who works in IT for a law enforcement agency. He constantly gets calls from their computer forensics specialist asking for help on why his station won't boot. Usually it's because he overwrote his boot sector while ananyzing a drive (I don't understand either).

      Unfortunately the prevailing opinion is that teaching a street cop technology is easier than teaching a tech the intracate details of law enforcement. The higher ups don't realize that any IT persons job is basically an daily investigation. I think the answer is to pair up the two, but again, none of these agencies has asked me.

    21. Re:It's *not* rocket science, guys... by zerblat · · Score: 5, Interesting

      The problem is that Mozilla uses Mork to store the history, and Mork databases are more or less impossible to extract usable data from. So you don't really have much of a choice ;)

      --
      Please alter my pants as fashion dictates.
    22. Re:It's *not* rocket science, guys... by Irish_Samurai · · Score: 3, Funny
      I keep all my kiddie porn in C://ROOT on my Windows box. Keeps the FED's out. I Also run a skin that makes windows look like OS X and an IE skin that makes it look like Firefox. My firewall/routers pass is Login/Password - they never guess that

      The Spooks are confused as hell. In fact, the last time I was investigated, one of the Detectives said "Fuck this!", whipped out his own high powered magnet, and aced my computer.

    23. Re:It's *not* rocket science, guys... by Low2000 · · Score: 3, Interesting

      If you are using windows (2000/XP Professional, 2003, Vista), and your a digital forensics professional, and you come accross 'encrypted' NTFS data that has been encrypted using the parents encryption method, do the followign.

      Right click the directory you want to un-encrypt, select properties, security, and press teh advanced button.

      Select the 'Owner' tab, then add your user account and administrator as owners. Remove all other owners.

      Check Replace owner on subcontainers and objects

      Switch the the Permissions tab and select 'Replace permission entries on all child objects with entires shown here that apply to child objects'

      Select 'OK' and go grab a doughnut... ... in a few minutes you should be done.

      I'm honestly not trying to aid would be 'hackers' or anything. I mostly just worry people use windows encryption thinking it's useful if their system has been compromised. It's not...

      There is actualy a MS KB article out there that explains this process a little better then I did but I'm a bit lazy today.

    24. Re:It's *not* rocket science, guys... by k12linux · · Score: 5, Informative

      Yep, you're right zerblat. I went to search.cpan.org and did a search for Mork. And I have to agree law inforcement couldn't possibly come up with a perl prog like this one:

      ------------
      #!/usr/bin/perl -w

      use File::Mork;

      my $mork = File::Mork->new('history.dat', verbose=> 1)
          || die $File::Mork::ERROR."\n";

      foreach my $entry ($mork->entries) {
            while (my($key,$val) = each %$entry) {
                  print "$key = $val\n";
            }
            print "\n";
      }

      ------------
      BTW, I do realize that your post was sarcastic... as is this one.

      Works perfectly if run in the same directory as history.dat and produces output like:

      ID = 388D
      URL = http://www.google.com/
      Hostname = google.com
      LastVisitDate = 1125064549
      FirstVisitDate = 1125064549
      Name = Google

      It should be left to guru perl coders making $500,000/yr or more to do fancy things like convert timestamps to dates.

      I guess it's a good thing that there are no tools available for Windows that auto-clear IE history, cookies or cache files! What would law enforcement do??

    25. Re:It's *not* rocket science, guys... by smeenz · · Score: 4, Funny


      Now THIS is funny - from the File::Monk man page:


      THE UGLY TRUTH LAID BARE ^

      Extracted from mork.pl

      In Netscape Navigator 1.0 through 4.0, the history.db file was just a Berkeley DBM file. You could trivially bind to it from Perl, and pull out the URLs and last-access time. In Mozilla, this has been replaced with a "Mork" database for which no tools exist.

      Let me make it clear that McCusker is a complete barking lunatic. This is just about the stupidest file format I've ever seen.

                    http://www.mozilla.org/mailnews/arch/mork/primer.t xt
                    http://jwz.livejournal.com/312657.html
                    http://www.jwz.org/doc/mailsum.html
                    http://bugzilla.mozilla.org/show_bug.cgi?id=241438

      In brief, let's count its sins:

              * Two different numerical namespaces that overlap.
              * It can't decide what kind of character-quoting syntax to use: Backslash? Hex encoding with dollar-sign?
              * C++ line comments are allowed sometimes, but sometimes // is just a pair of characters in a URL.
              * It goes to all this serious compression effort (two different string-interning hash tables) and then writes out Unicode strings without using UTF-8: writes out the unpacked wchar_t characters!
              * Worse, it hex-encodes each wchar_t with a 3-byte encoding, meaning the file size will be 3x or 6x (depending on whether whchar_t is 2 bytes or 4 bytes.)
              * It masquerades as a "textual" file format when in fact it's just another binary-blob file, except that it represents all its magic numbers in ASCII. It's not human-readable, it's not hand-editable, so the only benefit there is to the fact that it uses short lines and doesn't use binary characters is that it makes the file bigger. Oh wait, my mistake, that isn't actually a benefit at all.

      Pure comedy.

  2. Dear god no! by Rei · · Score: 5, Insightful

    Heaven forbid that they have to learn to deal with a different file layout. I mean, it's not like these are supposed to be skilled professionals practicing their trade here...

    --
    sed "s/SJW.*$/... never mind. I was about to say something stupid, and also, I'm a troglodyte./Ig"
  3. If you use Firefox... by 1zenerdiode · · Score: 4, Funny

    ...the terrorists have already won.

    1. Re:If you use Firefox... by kfg · · Score: 4, Funny

      I'm afraid I do worse than that. I encrypt all of my text files with something called "Pig Latin."

      The poor bastards in law enforcement are powerless against it, and I am evil, evil, evil for not living my life with an eye toward making it pathetically easy for any traffic cop to fully investigate me for anything, as any good PATRIOT should.

      Muuuuuuuhahahahaha!

      KFG

  4. In other news... secret hideouts by Anonymous Coward · · Score: 5, Funny

    In other news, bad guys hide in secret hideouts, which makes it hard for the Police to do their job.

  5. TOR by IAR80 · · Score: 3, Funny

    Damn I have deployed TOR for nothing. Installing Firefox was enough.

    --
    http://ebgp.net/ccc/
  6. Professional white-hat script kiddies by Kelson · · Score: 5, Insightful

    It sounds like a lot of the people doing this kind of investgation aren't actually computer experts, but using pre-packaged software or following a list of directions someone has tailored for IE.

    Effectively, they're professional script kiddies working for the common good instead of against it.

    The lesson? Training. You wouldn't put a detective in the morgue and hand him a scalpel, and you wouldn't drop him in a science lab. You'd hire a coroner, you'd hire someone trained in forensic science. If you're going to search someone's computer for evidence, hire an expert or train someone to become an expert.

  7. Profit! by pwnage · · Score: 3, Funny
    I have decided to submit a patent for this. "A Method of Obfuscation of Law Enforcement Data through the use of Better Internet Browsing Software."

    Help me out, /.!!!

    1. Submit patent.
    2. ???
    3. Profit!

    --
    Reminder: Apple owns 1/255th of the internet.
  8. Um, Duh? by NorbMan · · Score: 5, Interesting
    From TFA:
    Firefox and Opera store information on typed URLs in a different file than IE does, and the files are somewhat tough to decipher

    You would think since Firefox is open-source, it would be a trivial matter to determine the format of the cache files by examining the source code.

  9. I laughed by Approaching.sanity · · Score: 5, Funny

    And then I realized that they were serious.

    Now I weep for them.

    --
    RTFA again for the best results.
  10. Wait a second! by Brandon+K · · Score: 4, Funny

    So with a few low-res pictures of some metal objects in Iraq we can determine they have biological weapons... but the 'trained professionals' working for the police can't figure out how to find Firefox's internet logs?

  11. Totally hose 'em up... by JackTripper · · Score: 5, Funny

    ...Firefox... on Linux! "Find what they've been browsing? Hell, we can't even find C: !"

  12. Guilt by association... by amcdiarmid · · Score: 3, Funny

    Let me see now (Jon Stuart grin), the police haven't learned how "alternative" browsers store data. Users of these "alternative" browsers even have been known to "flush" their data caches. This , um, "flushing" is a suspicious behavior - AND these "alternative" browsers are resistant to spyware that we normally use to "spy" on our "citizens."

    I say, if these "citizens" don't want to be "spied" on, they are SUSPICIOUS! SEND THEM TO GUANTANAMO!

    Meanwhile, in Soviet Russa...

  13. It's not the software . . . by crimguy · · Score: 5, Informative

    As a criminal defense attorney specializing in computer crimes, I can say authoritatively that the investigators are typically poorly trained. Most that I have dealt with are not IT or CS degree holders. In fact, the norm is for it to be a police officer who has taken a 2 week course in Encase, nothing more. Their knowledge of operating systems is lacking to say the least. Of course, this can result in some poor schmuck being convicted for something he didn't do, both because the cops don't know any better, and the juries - who typically take the word of the police as gospel down here in Arizona, know even less and rely on the uninformed testimony of law enforcement.

  14. "you want to frustrate law enforcement, use a Mac" by Anonymous Coward · · Score: 5, Interesting

    http://www.theregister.co.uk/2004/01/28/a_visit_fr om_the_fbi/

    A visit from the FBI
    By Scott Granneman, SecurityFocus
    Published Wednesday 28th January 2004 13:05 GMT

              [snip]

    I teach technology classes at Washington University in St. Louis, a fact that I mentioned in a column from 22 October 2003 titled, "Joe Average User Is In Trouble". In that column, I talked about the fact that most ordinary computer users have no idea about what security means. They don't practice secure computing because they don't understand what that means. After that column came out, I received a lot of email. One of those emails was from Dave Thomas, former chief of computer intrusion investigations at FBI headquarters, and current Assistant Special Agent in Charge of the St. Louis Division of the FBI.

    Dave had this to say: "I have spent a considerable amount in the computer underground and have seen many ways in which clever individuals trick unsuspecting users. I don't think most people have a clue just how bad things are." He then offered to come speak to my students about his experiences.

    I did what I think most people would do: I emailed Dave back immediately and we set up a date for his visit to my class.

    It's not every day that I have an FBI agent who's also a computer security expert come speak to my class, so I invited other students and friends to come hear him speak. On the night of Dave's talk, we had a nice cross-section of students, friends, and associates in the desks of my room, several of them "computer people," most not.

    Dave arrived and set his laptop up, an IBM ThinkPad A31. He didn't connect to the Internet - too dangerous, and against regulations, if I recall - but instead ran his presentation software using movies and videos where others would have actually gone online to demonstrate their points. While he was getting everything ready, I took a look at the first FBI agent I could remember meeting in person.

              [snip]

    Dave had some surprises up his sleeve as well. You'll remember that I said he was using a ThinkPad (running Windows!). I asked him about that, and he told us that many of the computer security folks back at FBI HQ use Macs running OS X, since those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line. And they're secure out of the box. In the field, however, they don't have as much money to spend, so they have to stretch their dollars by buying WinTel-based hardware. Are you listening, Apple? The FBI wants to buy your stuff. Talk to them!

    Dave also had a great quotation for us: "If you're a bad guy and you want to frustrate law enforcement, use a Mac." Basically, police and government agencies know what to do with seized Windows machines. They can recover whatever information they want, with tools that they've used countless times. The same holds true, but to a lesser degree, for Unix-based machines. But Macs evidently stymie most law enforcement personnel. They just don't know how to recover data on them. So what do they do? By and large, law enforcement personnel in American end up sending impounded Macs needing data recovery to the acknowledged North American Mac experts: the Royal Canadian Mounted Police. Evidently the Mounties have built up a knowledge and technique for Mac forensics that is second to none.

              [snip]

  15. Another article with the same logic by baryon351 · · Score: 5, Interesting

    It's the silliest thing I've read about non-IE browsers, and how they're BAD since I read this one.

    1. Re:Another article with the same logic by maxwell+demon · · Score: 4, Insightful

      I guess those people locking their door are all bad guys as well. After all, the fact that they lock the door shows clearly that they are thiefs, and just want to protect those things they've stolen. So the result of more people locking their doors will be an increase of stealing from those good citizens who leave their door open.

      --
      The Tao of math: The numbers you can count are not the real numbers.
    2. Re:Another article with the same logic by WiFiBro · · Score: 3, Informative

      site /.-ed.
      google cache: http://66.102.9.104/search?q=cache:JMB0PlWzQEUJ:ww w.danaquarium.com/article.php%3Fstory%3D2005020905 570523+

  16. Dumb law enforcement vs. dumb criminals by code65536 · · Score: 4, Insightful

    This is going to be moot if the law enforcement is dealing with people who are serious about what they're doing. I'm sure that if someone is planning an elaborate high-profile attack, they would have the sense to be careful as well, so it won't matter if you use IE or if you use Firefox or if you use Lynx--it's not that hard to wipe out all traces of activity from your computer no matter what browser you use. So I doubt that this is going to be of any help in dealing with smart criminals.

    And if the law enforcement can't figure out how to write a simple tool to decipher the files that are left behind from alternative browsers (especially one like Firefox that is open-source, meaning that the format of such files would be easy to determine), then that's just, well, pathetic.

    And finally, I think that this is a good thing. Most people in this world will probably never ever have to deal with law enforcement. But they do have to deal with snooping parents, snooping friends, snooping girlfriends, snooping spouses, snooping bosses, etc., so I welcome this as good news. ;)

  17. New Firefox Ad: even the popo can't touch this by drgonzo59 · · Score: 4, Insightful
    If the police has problems looking through the firefox files, I think I'll remove all the IE browsers from my lab and install Firefox or Opera.

    In other words, they seem to be slamming Firefox, but actually it is pretty good advertisement for Firefox. They should put on their front page.

    "Even the brightest police investigators can't look at your browser history! Get Firefox today, the most secure browser."

    1. Re:New Firefox Ad: even the popo can't touch this by WiFiBro · · Score: 4, Funny

      say mrgonzo, what are you doing in your labs???

    2. Re:New Firefox Ad: even the popo can't touch this by gid13 · · Score: 4, Funny

      It's DOCTOR gonzo, he didn't spend 6 years in gonzo medical school to be called MISTER, thank you very much!

  18. In other news.... by microcars · · Score: 4, Funny
    Terrorists and Mafia switch to Macs

    Police, baffled by the lack of a blue "e" can't figure out how they used the Internet.

    "And there's no START button! How are we supposed to find anything?"

    --
    I like microcars
  19. Why should we believe this? by drrobin_ · · Score: 3, Insightful

    I question the trust that slashdotters seem to have in this new story. Why should we believe it?

    The general police forces have managed to get a new story published on how they can not deal with any sort of semi-modern technology. Why should we believe it?

    If I were the police, and I'm sure the police have at least one or two people smarter than me. then I would go to great lengths to get this story published. Why? Not because I can't figure out Firfox, be because I -can- figure out Firefox.

    If my suspect thinks that I am too dumb to understand Firfox, then my suspect is far less likely to use powerful encryption. Without the powerful encruption, I -can- read Firefoxes files, and a significant proportion of criminals will think they are safe when they are not.

    Hell, I'm not even law enforcement but I still find it obvious how this story is a great advantage for the law enforcement community.

    --
    to accept the praise of personal wisdom is an affront to the very ideal i hold dear.
  20. So what's your solution? by commodoresloat · · Score: 4, Funny

    Seriously, what do you propose? Educate them? This is national security that is potentially at stake here, people. We cannot simply turn to the logical solution. There's only one way to deal with this problem and that is to nip it in the bud. All non-IE browsers should be outlawed forthwith and anyone caught using them should be sent to Guantanamo for interrogation.

  21. Safari's the worst of them all. by tritone · · Score: 4, Informative

    From Apple's website:

    "Using Safari's new Private Browsing feature, no information about where you visit on the Web, personal information you enter or pages you visit are saved or cached. It's as if you were never there."

  22. script kiddies are vermin, Color of hat regardless by infonography · · Score: 3, Insightful
    Windows is already investigation friendly, it stores it's history in system dependant files throught the file system. If some whinner at HS is having issues about other browsers it's likely that in this administraton there is somebody paying somebody to do the whinning (i.e. M$). If somebody want's to mandate a browser then they can kiss my pucker.

    Nobody should ever make it easy for script kiddies (especially because they have a Chicken Inspector Badge).

    --
    Sorry about the writing. Robot fingers, you know? Cliff Steele in DOOM PATROL #23
  23. And In Other News by MightyMartian · · Score: 4, Funny

    Detroit, MI - The American Union of Automechanics is complaining loudly that different makes and models of cars use different parts. "It makes our job very difficult." said Winston Q. Crescenthead. "I mean, we have to work on a Vega, and then turn around and try to fix one of these new Toyota 4Runners. Some of these cars even use different kinds of wrenches. You should see the tools I have to use." Other mechanics have shared similar horror stories. "I got some little British roadster in the shop. It's taken six months of deep psychotherapy, and I think I might be up to the task of putting air in my kid's bicycle tire." The AUA is demanding that Congress pass law a forbidding the sale or use of any vehicle other than a 1972 Chevy Nova.

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
  24. In a related story ... by khasim · · Score: 5, Funny

    ... homicide investigators admitted they were stumped when a murderer used an aluminum bat to bludgeon his victim to death rather than the standard lead pipe.

    Said an officer who wished to remain anonymous: "We're not even sure there was a murder without some trace of lead at the scene. A bullet ... traces from a pipe ... lead is what makes it a crime scene."

  25. yes it does by commodoresloat · · Score: 4, Informative

    Actually it does suck, and I say this as an OS X fan. I don't want my home directory encrypted. Why should I encrypt my mp3s and photo collection? But I do want the option of encrypting a folder. The amount of data that really needs encryption is tiny compared to the amount of stuff on my hard drive.

  26. Ummm - it's not offline by grahamsz · · Score: 5, Interesting

    In some states, parole for sex offenders can require that they don't look at pornography.

    Their parole office will drop by periodically and check their PC. They have some sort of forensic software that does this.

    I've heard some jurisdictions require that you only run Windows on your computer as a condition of your parole. Logically this translates to going back to prison for owning a knoppix cd.

    There simply aren't the resources to train all parole officers in computer forensics, expose them to various obscure operating systems, or to perform regular offline analysis of offenders hard drives.

    The resources are (probably) there for big cases, but when there are probably close to half a million sex offenders on parole - it's just not practical.

    1. Re:Ummm - it's not offline by jonadab · · Score: 3, Insightful

      Umm, if they want to require convicted sex offenders to use only approved software on their computers, I guess I can live with that. (They let them have access to the _internet_ while on parole? Convicted sex offenders? Isn't that, like, lenient *enough*? I think that's really fairly generous, to allow them that, under the circumstances, considering that there really aren't adequate resources to monitor it very closely at all.)

      But as far as regular, non-convicted type people, I don't think it's reasonable to consider using an alternative browser to be "making trouble" for potential investigators. I mean, if having the web browser cache in a different place makes investigation hard, what would happen if a suspect had, I don't know, a Mac, for crying out loud? If the investigation doesn't warrant getting somebody who knows enough to find the browser cache in a slightly atypical place, is it even worth investigating the computer at all?

      I mean, what would happen if the suspect had an MSIE icon on the desktop, and used it for normal stuff, but for subversive or illegal activities used something else, something with *no* shortcut icon on the desktop or in the start menu? You know, like a copy of Netscape 4 tucked away in a hidden directory underneath C:\WINDOWS\SYSTEM16\ someplace?

      C'mon, either *investigate* the computer, or else don't, but just casually going through the single most obvious place, does that really count as an investigation? That's the electronic equivalent of getting a warrant, looking for stolen merchandise on the kitchen table and in the bedroom closet, and ignoring the attic and basement. What kind of investigator operates that way? Seriously, act like your job might actually matter and be worth doing, or something.

      --
      Cut that out, or I will ship you to Norilsk in a box.
    2. Re:Ummm - it's not offline by Anonymous Coward · · Score: 4, Insightful

      We show too much kindness to rapist and child molesters.

      Welcome to Oops!

      Here, we have aa drunken frat boy who took a whiz in a parking lot. Public indecency, sex offender. Over here, we've got a highschooler who mooned his principal on graduation day. Sex offender.

      So lets all say it together! "OOPS!"

      Keep that in mind while you're busy waving around your burning crosses and what not. Not everyone who is a "sex offender" is a child rapist, or even really all that offensive.

    3. Re:Ummm - it's not offline by dougmc · · Score: 4, Insightful
      We show too much kindness to rapist and child molesters.
      Well, when they start `sex offender' type registration for all serious offencers, not just `sex offencers', I'll agree with it a bit more.

      But for now, you can murder somebody, and you don't have to register, but mooning somebody, peeing outside, or being 20 and having sex with a 17 year old who said she was 19 can get you labeled as a sex offender for life (depends on the state) and that's just plain wrong.

      Did you know that a person who molests a child still has parental rights so long as it was their child they molested?
      I suspect that varies from state to state. In any event, even if you molest your child, you're still their parent, so it would seem appropriate that you should still have `paternal rights' (which is a remarkably vague concept anyways.)

      They (Child Protective Services and similar government organizations) don't generally take children away from their parents and never ever give them back except maybe in the most extreme cases. Being placed in a foster home or orphanage, especailly forever, is seriously disruptive to a child's life, so they're not going to do that if there's any other alternative. They'll have to look at each case individually and try and work out what's best for the children. In most cases, that probably involves staying with the parent(s), and instead getting counselling for the parents or something.

      Infants generally have no problems getting adopted. But once the kids grow up a bit, things change, especially if they're not white. Few people want to adopt them, and so they get shuffled between foster parents and orphanages. Not a good way to grow up.

  27. My Response by Goo.cc · · Score: 3, Insightful

    Boo Hoo!

  28. Re:Yeah and then a few weeks later... by elemental23 · · Score: 3, Informative

    To counter that with my own anecdotal evidence, I've used File Vault on my laptop since Panther was released and have never had the slightest problem.

    --
    I like my women like my coffee... pale and bitter.
  29. Standardizing Bank Robbery by DynaSoar · · Score: 3, Funny

    ""Allegations in an article over at CNET propose that alternate browsers such as Firefox and Opera impede law enforcement and investigation efforts because they "use different structures, files and naming conventions for the data that investigators are after", which can "cause trouble for examiners.""

    Allegations in an article over at Police Magazine propose that alternate vehicles such as motorcycles and buses impede bank robbery law enforcement and investigation efforts because they "use different shapes, different numbers of seats, and different logos for the manufacturers that investigators are after", which can "cause trouble for get-away car examiners".

    Obviously, only Dodge Chargers, like the "General Lee" should be allowed to criminals, to make them easier to catch.

    --
    "I may be synthetic, but I'm not stupid." -- Bishop 341-B
  30. Re:What's a security expert worth? by 5um0F1 · · Score: 3, Interesting

    I spent 2 years doing electronic crime analysis, and as all law enforcement, the pay and conditions suck. Lack of resourses and lack of understanding the requirements to constantly update skills/knowledge adn training (from the non-technical bean counters ) make life difficult. Add this to report writing and presenting evidence in court to clueless laywers and all in all you have a shit-house job. But on the plus side, chicks dug it !!

  31. You gotta be kidding... by bergeron76 · · Score: 3, Interesting

    Firefox is OPEN SOURCE! That means the file formats are OPEN. Microsoft IE is CLOSED SOURCE, meaning you need to reverse engineer everything to figure out where stuff lives.

    That said, I wonder what would prevent someone from creating a wireless fileserver and embedding it behind their drywall. Using an NFSmount or Share, an evildoer's PC wouldn't hold anything evil when the FED's nabbed it.

    Realistically I bet it would though - They can do some pretty amazing things with Forensics these days, and I wouldn't be surprised if they could take a ram chip and see previous states of 0's and 1's.

    --
    Don't think that a small group of dedicated individuals can't change the world. It's the only thing that ever has.
  32. Let's Play "Follow the Money!" by Mekkis · · Score: 3, Interesting

    I work in computer forensics and it isn't that goddamned hard to develop tools to process different kinds of databases, encrypted or otherwise. Besides, I'm certain that if it were in the interests of "National Security", Federal investigators could get ensure cooperation between developers of FireFox or Opera and the contractors who actually do the forensics work.

    All you have to do is play "follow the money" and it quickly sounds like Micro$oft is using the God-and-Country argument to win by default the Second Browser War. Considering how invested Micro$oft has been in the US Justice Dep't. (one of former USAG John Ashcroft's biggest campaign contributors and still heavily involved to this date) it would be unsurprising if they were the ones pulling the strings on the issuance of a statement like this.

    What ought to happen is for the Dep't. of Homeland Security to proclaim Internet Explorer as the single largest cause of "electronic terrorism" because of Micro$oft's half-assed security measures.

    That'd shut them up real quick...

  33. evil! by cahiha · · Score: 3, Interesting

    Even worse, those non-IE browsers make it really hard for police to install spyware and keylogging software on the user's computer. With IE, they just insert a little bit of code into any web page and they are done, but Opera and Firefox put up obstacles to that kind of legitimate law enforcement activity! Evil! Terrorism!

  34. Re:I agree by jonadab · · Score: 3, Insightful

    > I suspect it would be very hard to thwarte a computer forensics expert

    An encrypted filesystem would presumably make their job rather harder.

    Of course, that only works for ex-post-facto forensics. If someone plants a hidden camera where it can see your screen and keyboard for a week, your encrypted filesystem has accomplised, to a first approximation, nothing.

    Of course, the *best* way to avoid having computer forensics experts crack your computer is to just be innocuous, i.e., just don't do anything that will make computer forensics experts want to investigate your computer. Granted, not everyone can do this; if, for instance, you are an executive for a major international corporation, you should probably assume that at some point someone will attempt to investigate you and/or your computers -- if not law enforcement, then the competition or a freelance information seller. So you do want to think at least briefly about the question, "Who would want to break into my computer, and what will it cost me if they succeed?" In my case I've concluded, at least for the time being, "Maybe some neighborhood kid fooling around" and "Not much if I have offsite backups." YMMV.

    --
    Cut that out, or I will ship you to Norilsk in a box.
  35. Bwahaha. If your a sex offender you HAVE to use M$ by crovira · · Score: 5, Funny

    I love it. Think of the advertising potential.

    Male voiceover

    "Microsoft, used by 100% of all sex offenders. Its not only the law, it their punishment."

    Oh! I just fell off my chair.

    --
    MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.