Commodore 64 Confuses Austrian Police

toomanyairmiles writes, "It seems that Wolfgang Priklopil, the communications technician who kidnapped Austrian pre-teen Natascha Kampusch, relied on a Commodore 64 as his primary machine. Interestingly this is presenting some problems to the Austrian computer forensics people. Major General Gerhard Lang of the Federal Criminal Investigations Bureau told reporters it would 'complicate investigators' efforts' and would be difficult to transfer the files to modern computers 'without loss.' Could this be the latest in the criminal world's security strategy? Can we expect to see Spectrums, Archimedes, and Atari STs turning up in police investigations soon?"

The Charge?

Can we expect to see Spectrums, Archimedes, and Atari STs turning up in police investigations soon?

What are they going to charge them with? Living in the stone age?

Re:The Charge?

This person was found to be connected to the terrorist Junis, a friend of Jon Katz. No doubt he is pirating movies and watching them on his computer.

Question

[daveschroeder]

Could this be the latest in the criminal world's security strategy? Can we expect to see Spectrums, Archimedes, and Atari STs turning up in police investigations soon?

Um, no. This was an aberration; nothing more, even if its use for those reasons was deliberate on his part.

But here's an actual question:

I can absolutely understand and appreciate that people value some of the features and functionality of things like the Commodore 64 and Newton, and many other machines that were considered to be state-of-the-art in their time.

But why would someone go out of their way to continue to use it? I can understand practical and pragmatic answers like "It's still functional for me" or "I just like it better and I haven't had any problems". But are there other reasons?

I mean, you can literally get systems for free (or next to nothing) that are capable of running various modern operating systems, including various versions of Windows, Mac OS and Mac OS X, myriad Linux distributions to your heart's content, BSD distributions, and so on, that would be much more functional and capable, particularly in the context of the internet and associated applications.

So what's the draw? Why keep running on something like a Commodore 64? Even considering legitimate reasons for continuing to use it, I don't see how sticking with something exceedingly obsolete can be functional when viewed alongside semi-modern systems. I understand people collect all manner of antiques for a variety of reasons, including other things that may be nearly impossible to service or repair easily; is the reason for using obsolete computing equipment the same?

Status? Hobby? Entertainment? Eccentricity? Just to "do it"?

And to reiterate, I can understand collecting pristine Commodore 64s or similar in working order, and even making TCP/IP stacks and such work, just for the sake of doing it. But using it as a primary system exclusively? Some people may own and spend a great deal of time on something like, say, a Model T, but they don't use it as their daily driver...

On another note, I do agree that his system being a Commodore 64 will "complicate investigators' efforts"; but to say that it would be difficult to transfer files "without loss" is disingenuous at best. Do they mean "transfer files" to include possibly-deleted files (in which case I agree there may be "loss")? Do they mean contextual loss, because modern applications may or may not be able to open files and represent context-sensitive features like position, text styles, and so on? Or are they talking about "loss" in that they won't be able to run their standard forensic tools that package everything up with a nice little bow? If they're talking about files representing images and text, I don't care what it is: if it's functional and intact, there's no reason for there to be "loss". I don't care if it takes resorting to eBay, digging up old company engineers, or weirdos on web forums...they should be able to recover anything they need to.

Re:Question

[MyNameIsFred]

... but to say that it would be difficult to transfer files "without loss" is disingenuous at best...

I assume that Austrian law requires some sort of chain of custody for evidence similar to that required under American law. Thus, the transfer is probably difficult because they do not have "certified tools" for the transfer. In the US, it is my understanding that simply copying the files with the copy command is not sufficient. That defense lawyers can question how the transfer was made, whether the copy is an accurate representation of the original, etc. I presume similar problems under Austrian law.

Re:Question

[capologist]

Why? Um, why not?

My guess is that he got the machine thirty years ago, it did what he needed, and he never felt a need to replace it.

I still have a Macintosh SE that I dust off and use every now and then. I played around a bit with MusicWorks back in 1988. Sure, there are much better applications these days, but they don't read MusicWorks files, and converting those files to MIDI is a major pain in the ass that I haven't gotten around to yet. MusicWorks doesn't run on modern systems, so when I want to play with one of those little ditties my friends and I created almost twenty years ago, I use my almost twenty-year-old machine to do it.

Re:Question

[homer_ca]

How about spare parts and supplies? Floppy drives and keyboard switches will wear out. How reliable are those 20 year old floppy disks? You can't exactly pop over to Office Depot for single density 5 1/4 floppies.

Re:Question

[Ralph+Spoilsport]

I have an Amiga kicking around in the garage. Why? Because I put a Time Base Corrector (TBC) in it that strips out ALL macrovision and DRM - I get pure video signal. I might get $50 for the machine in a yard sale. But a TBC of the quality I installed in it? HA! We're talking at least $500. So, that obsolete cranky POS that sounds like a snoring pig at start up saves me Serious $$$. The floppy drive in it is marginal, the video card barely works, but the TBC keeps on ticking. So every Friday I rent a few videos, run them through the TBC to my OSX G5, and burn a DVD for future reference...

And THAT'S how it's done.

RS

Re:Question

[Ucklak]

I used my C64 in college and used some free word processor that came in COMPUTE! magazine. I used to put my 'papers' on disk and I had a roomate that would load it up and copy what I wrote. I ended up using a sector editor to hide my papers on disk. I still have my boxed C64, Vic-20, 1541 Drive, and 2 cassette drives. I always thought I would fire up the old C64 but I never had. I did set it up about 5 years ago to see if it still works, and it does, but to go through the monumental task of reviewing all my disks just seems like a waste of time today to me.

I've always wondered if I could remember how to unlock my files if I could find them.

Re:Question

[MyNameIsFred]

I assumed that the police are looking at this to see if he had an accomplice and/or other victims.

Re:Question

[Arakageeta]

The guy kidnapped a little girl and kept her for 8 years. He's obviously a nut case. I don't think you can back his choice to use a Commodore 64 with reason.

Re:Question

[smilindog2000]

But why would someone go out of their way to continue to use it?

Are you kidding? Obviously, because the hottest geek chick on the planet is into them! See:

"Super-hot super-smart geek-chick"

Re:Question

[bar-agent]

It may be that he was just a generally all-round weird guy.

The whole "girl-in-a-dungeon" thing is certainly indicative.

Re:Question

[carnifex0]

The computer crimes unit in the department that I work for (as an IT flunky) seized a C64 about 2 years ago in a kiddie porn case, along with a good number of 5 1/4" disks, but no working drive. They send a global email looking for anyone with old C64 hardware, and I donated my 1541 drive to the cause.

I'm not sure what the outcome was, but I know they still have the C64 up and running in their office.

It does present some interesting complications, from what (little) I know about the forensic examinations they do, they go to great pains not to alter the contents of the original media, using apps like EnCase to snapshot drives they're working with.

homer_ca How reliable are those 20 year old floppy disks?

I'm not sure, but I have an unopened (still shrinkwrapped) box of 10 5 1/4's in my office that I've been considering tossing on eBay just for fun. Buy 'em and find out!

Re:Question

I can't speak for C64 users, but as an ex-Amigan, I can tell you that I could have easily lived the past decade with one. Frankly the only reason I got rid of mine back in the day was to afford a 486 so I could play Doom. ;-) But I quickly got tired of PC games, DOS and Windows, hence went playing around with Linux soon after. And then the upgrade bandwagon started, with the p120, the AMD K6, etc. Good old AmigaDOS+Workbench ran fine one a 7.15MHz 68000-class CPU with only a couple megs 'o ram. Meanwhile on Windows or Linux/X11 I needed gobs 'o ram to make the system not swap when I started the BIg Ass Application of the day (Netscape, Office, whatever.) whereas in Amigaland the apps were much more efficiently coded.
So basically I wasted a lot of money and time, and if I could go back I'd keep the A1200 (and just run Linux on that if I really wanted to at some point).

Re:Question

[dfghjk]

I guess if I wanted to pirate VHS movies I might see the use of that.

Re:Question

[Grishnakh]

In Austria, yes. But I wouldn't be surprised if defense attorneys are required for dead people in the USA soon. It's almost to the point where you need to consult an attorney before you flush the toilet.

Re:Question

[soft_guy]

The guy kidnapped a little girl and kept her for 8 years. He's obviously a nut case. I don't think you can back his choice to use a Commodore 64 with reason.

On Slashdot, we don't think he's crazy for hideous crimes. We think he is crazy for using an old computer.

Re:Question

[nizo]

Plus you can make them double-sided with a simple hole punch! Don't try that with your usb thumb drives kids.

Re:Question

[radish]

Or you could just, you know, do what the rest of us do and dupe netflix discs with DVD Shrink. Considerably simpler, quicker, and produces much better results. Oh, and there's no DRM on a VHS tape - it would have to be called ARM.

Re:Question

[Scrameustache]

My guess is that he got the machine thirty years ago, it did what he needed, and he never felt a need to replace it.

Exactly.
Coincidentally, he did the same with a girl, 10 years ago.

MY questions are: Why are people questioning the hardware choices of a psycho kidnapper? Are they actually looking for a coherent thought process they can relate too? Do they want to find one? Should they turn themselves in the nearest psychiatric ward if they do?

Re:Question

[TheoMurpse]

You sir are the Steve Wozniak of the using-Amigas-to-pirate-movies scene.

Re:Question

[identity0]

WTF is wrong with wrong with using an old computer?! I'm typing this on an old 386 right now, in fact.

In the basement, I have an Altair that I kidnapped from the local uni 25 years ago, that I've been teaching to read Perl and play with Lego Mindstorms. I've named her "nappy", because she likes the nappies and ice cream. I feed it to her on punch cards. We are such a happy computer family together, I don't have to hit her much anymore. I love you, you love me, lalalalaOH SHIT THE COPS ARE HERE@!^&@!!

+++ATH
NO CARRIER

Re:Question

[Reservoir+Penguin]

Please help!!! I was kidnapped by Moodie-1 20 years ago and forced to port Linux to his collection of obsolete computers!

Re:Question

[hab136]

In Austria, yes. But I wouldn't be surprised if defense attorneys are required for dead people in the USA soon. It's almost to the point where you need to consult an attorney before you flush the toilet.

They are required, since both the state and the victim may try to recover money from the dead person's estate.

Re:Question

[BoogieChile]

Yes, for security, one.

Money, for two.

Yes, you can get the operating system to run on all this lovely modern hardware for free, but you don't get the hardware for free, do you? Well, obviously not you personally, possibly (being a geek an' all), but for the average guy. Not saying that this kidnapper guy is average, obviously...but if you had a computer that did everything you wanted, you didn't care about the fancy pictures and graphics, 40 columns of text in two colors is fine for some people.

So, all you spend money on are cassettes and disks - can you even BUY 5+1/4 inch floppys anymore?

For twenty years.

Rather than spending between oh, say from 500 up to 2 grand (on average) what, three, four years?

I could guess that if you're such a tightass that you have to steal a girlfriend, brainwash her into loving you rather than do it proper and spend money on diamond rings and things, it's probably not such a far step to never upgrading your computer. what say that he was obsessive over it? He might have kept it immalucate, and there you go, folks! A computer that lasted for twenty years!

What else...As far as why this particular guy stuck with his old crumble-door, well, given the state of his mind to do what he did in the first place, there could be aaaaaaaalll sorts of reasons why..SOme of them you may well REALLY not want to know about.

And finally, if they really want the data that bad, they have the resources (and the technology) to rubuild it. If they really want the data, they could even break out the electron microscopes (I reckon the grains in a floppy disk woudl make this a non-trivial task - the disks were only 170KB, you know...

Why go that far?

[Locke2005]

Any box that doesn't run Windows confuses most investigators. Yep, all their tools are Windows-specific.

Re:Why go that far?

[Marxist+Hacker+42]

Two words- Null Modem and Hyperterminal will transfer all the files stored on 5.25" floppies for that Commodore 64 (or even stored on cassette tape) to their Windows machines just fine. It's just ASCII after all, no big problem.

Re:Why go that far?

[iluvcapra]

Quickly becoming a meme:

Only a terrorist wouldn't use Windows.

Re:Why go that far?

[Morphine007]

Because in most forensic investigations, they remove the hard-drive from the PC and then perform the investigation using another operating system guaranteed to not have any nasty surprises built in. They're not going to run the risk that buddy has a small script that deletes his entire hard drive if he doesn't hit ctrl-a-s-d-f-enter within seconds of booting up.

There's likely more to it than that as well, but the point is they generally don't want to use the system they've confiscated...

Re:Why go that far?

[Danga]

Any box that doesn't run Windows confuses most investigators.

You are far from correct. A lot of forensic investigators I have talked to actually use linux at times to do things such as image drives which is safer to do on linux than Windows and they are not straight Windows users.

Yep, all their tools are Windows-specific.

The reason they do use Windows tools most of the time is because the tried and true forensic applications are developed for Windows such as Forensic Toolkit Pro http://www.accessdata.com/products/ftk/ and EnCase http://www.guidancesoftware.com/products/ef_index. asp and since they work and have been well tested on Windows it makes little sense to increase the likelyhood of problems by porting these applications to other OS's. The other big reason most tools are Windows centric is obviously because Windows is the most widely used OS and people like to use what they already have and know.

Windows may not be the greatest OS, and I know people love to bash it, but that does not mean the Windows tools developed for forensic investigations are of low quality. I work as a software developer in this field so I have a decent view on what the situation is and your comment was way far off.

Re:Why go that far?

[Sathias]

Quickly becoming a meme:

Only a terrorist wouldn't use Windows.

One man's linux zealot is another man's freedom fighter?

Re:Why go that far?

[Dun+Malg]

Two words- Null Modem and Hyperterminal will transfer all the files stored on 5.25" floppies for that Commodore 64 (or even stored on cassette tape) to their Windows machines just fine. It's just ASCII after all, no big problem.

Hah. It's amazing how modern computers have made us forget how little we used to have, and how much of it was proprietary as well. First, it's not ASCII, but PETSCII. Granted, the only serious difference is that lower and uppercase are swapped, but it's still worth noting. Second, The C64 User Port is capable of serial communications, but it isn't RS-232. It requires a level converter to bring it up from the simple TTL signals it puts out. Third, the C64 has essentially no significant operating system functionality upon powerup. It's not a simple matter of typing "cat PERVFILES > /dev/UserPort" or some such. You have to either find someone who knows how to write a disk-to-serial dumper, or maybe find a terminal program you can do a text send with. Do you know how to access a file on a C64 disk?

Re:Why go that far?

[MajroMax]

Actually, we're smart enough to mount read only.

What, using Linux? Here's a clue for you:

EXT3-fs: INFO: recovery required on readonly filesystem. EXT3-fs: write access will be enabled during recovery.

Not if you use an IDE cable with the write pins removed.

Re:Why go that far?

[dougmc]

What, using Linux? Here's a clue for you:

EXT3-fs: INFO: recovery required on readonly filesystem.
EXT3-fs: write access will be enabled during recovery.

And here's a clue for you ...

You mount it in ext2 mode. ext3 is just ext2+journalling, and you can mount a ext3 partition as ext2. This doesn't replay the journal, so you won't get to see any data actually in the journal, but the rest of the data you can see. And there are other ways that you can ensure that Linux will not write to the disk -- for example, `hdparm -r /dev/whatever' will tell the driver to not let Linux write to the disk, no matter what. That will certainly work for IDE drives, and probably other drive types as well.

However, the police don't generally do this, as it's not quite proof against writing *enough*. Instead, they generally connect the drive to a device that is certified to make writing to the drive IMPOSSIBLE (by cutting that wire, or filtering out those commands) and use the drive that way, either to poke around it or to dd the drive to another drive where you can do your work.

Of course, in this case, the guy is dead, so the standard rules of evidence probably don't need to be applied as carefully. It's not like this data will be used to convict him or something ...

Have they forgotten RS232?

[Marxist+Hacker+42]

From the article:

There are emulators available which can make a modern PC capable of running Commodore 64 programmes but Maj Gen Lang said it would be difficult to transmit the data from Priklopil's machine to a modern computer "without loss".

What, have they forgotten how to create a DIN-5 to Sub-D9 cable? I'm sure google has several websites with the schematic of the machine (also available in the original user's manual), it shouldn't be THAT hard to construct an asynchronous serial cable.

FINALLY

[drfrog]

My Basic skills will rule them all

let me at it!!

[illuminatedwax]

I'll have that bugger fixed in no time!!! ...as long as it involves writing elementary BASIC loops, LOAD "$",8,1 or beating Space Taxi or Questron.

Followup

[daveschroeder]

I would say this does raise another valid point, though: as systems and media age, it's actually quite an interesting question how all of this data that isn't transferred to modern day systems will be dealt with, both from a technological and machine- and media-aging point-of-view. And in the context of criminal investigations, what happens if evidence is "lost" (or simply unrecovered) from a 25-year-old computer in a murder investigation which has no statute of limitations? It's an equally difficult question for governments, corporations, and academic institutions that actually *want* to keep the data but are having trouble instituting standards, policies, and mechanisms for data retention.

Re:Followup

[ShawnDoc]

It also points out one of the problems with purchasing DRM'd media files. Since you are locked into a certain format, what do you do when technology changes and you can't convert your media into the new format or the company behind the DRM folds and there's no way to port the authentication system to a new system? My parents dubbed their records onto tapes. And recently I've helped my mom convert records and her old tapes into MP3 format. Something that couldn't be done if DRM existed then.

Re:Followup

[SachiCALaw]

There may be no statute of limitations, but if the computer (and thus the evidence in the computer) is in the hands of the government, the government will be subject to statutory and constitutional limits that prohibit undue delay in prosecutions. The government would need to prove that it had just cause for failing to bring a prosecution within the time set by law, and laziness in getting the evidence from an old computer would probably not be a valid excuse.

Re:Followup

[johansalk]

What you do then is quite simple; you'll have to re-buy your media files, and I presume that's a reason why the companies seem to like it so much .

Re:Followup

[Midnight+Thunder]

It also points out one of the problems with purchasing DRM'd media files.

From the point of view of big media, this is not a problem. For them it suits them just fine. Unfortunately for the buying public this is a major issue.

Re:Followup

[NoMaster]

Unfortunately for the buying public this is a major issue.

No, unfortunately, not is . It will be , but by that time it'll be all-pervasive - basically, too late to do anything about it.

I know the common thing to do is berate corporations for having no long-term vision - but the RIAA/MPAA/??AA do. They've perfected the technique of hovering around that fine line between "too fast, and people will notice" and "too slow, and we'll be obsoleted before we achieve our objectives".

Re:Followup

[westlake]

Since you are locked into a certain format, what do you do when technology changes and you can't convert your media into the new format or the company behind the DRM folds and there's no way to port the authentication system to a new system?

You do what everyone has done since the days of Edison's wax cylinders. You buy into whatever format is convenient and practical for the moment and let the archivists worry about preservation of the analog and digital masters.

Re:Followup

[Z34107]

When a company goes belly up, the law should stipulate that copy protection mechanisms can be legally circumvented

The DMCA already does this. See page 5 of this summary, the part that talks about reverse engineering for compatibility.

Although not present in the summary, I believe (meaning I lost the original article) the DMCA also makes exceptions for cracking copy protection, such as a hardware dongle, on legitimately purchased software if the dongle no longer works and there's no real way to get another one. That section could also apply to what you're talking about.

Re:Followup

[HappyEngineer]

It's the program I need, not the files. The program will open up gif or jpg or png files and then convert them into a file format for my programmable embroidery machine. It's not a simple thing to do. It has to create a path for the thread to go which makes the resulting design look good when it's sewn out.

The file format it converts into is readable by other programs as well as my machine, so there's no problem there.

Are you saying that it's actually legal for me to buy a cracked version of the software because I already own a legal but non-working version of it?

The people doing the selling aren't selling converters. They're actually selling cracked versions of the program. The program requires a dongle to run. I have the dongle, but it stopped working when the company went under. I'm pretty sure that even if it's legal for me to buy the cracked version, it probably isn't legal for them to sell it (despite the fact that the company went under and the product isn't being sold at all anymore). But, I guess that's not my problem.

Even Better

[coop247]

I also hear they are having trouble getting information from his IBM typewriter. Apparently he used White Out to clear the data.

C64 Data Cassettes

[Aokubidaikon]

In my mind I see the secretaries at the Austrian police station behind their typewriters, listening hard and trying to make sense of what exactly is being said on those strange tapes...

This is retarded

[Cobralisk]

Seriously, I have a Commodore 64 sitting right next to me hooked up to a dos box as a hard drive. Data is data. You just need a x1541 cable. There are lots of free software tools to facilitate this, and the d64 and t64 formats are well supported. You can even use audio tapes and a soundcard to transfer files. Once you have the data on the PC, there are multitudes of C64 emulators to run the software directly. I've been doing this since the late '90s. Google is your friend.

Re:This is retarded

[triso]

Seriously, I have a Commodore 64 sitting right next to me hooked up to a dos box as a hard drive. Data is data. You just need a x1541 cable. There are lots of free software tools to facilitate this, and the d64 and t64 formats are well supported. You can even use audio tapes and a soundcard to transfer files. Once you have the data on the PC, there are multitudes of C64 emulators to run the software directly. I've been doing this since the late '90s. Google is your friend.

Quick! Volunteer your services as a computer forensics expert and profit at $500.00 per hour.

Re:This is retarded

[Bri3D]

One issue. The methods that the police use to transfer data off of confiscated storage must be screened before they can be used in a manner which satisfies the court. Otherwise the defense could just question the manner in which the data was transferred, claim it was tampered with by the police, and the case is blown. I doubt googling emulators is an approved or accepted method.

Simple answer

[lostngone]

We must ban all Commodores, to save the children of course. Think of the children!

Re:Simple answer

[Surt]

We must ban all Commodores, to save the children of course. Think of the children!

Thanks, that's exactly the thing that got us into this mess in the first place.

Attention perverts:
STOP Thinking of the children!

Forget security by obscurity...

[MMC+Monster]

It's now security by obsolescence!

Really, if the raid happened 20 years ago, everyone would be able to get the info off those floppy disks. Now they've got to find a C64 user group or specialty store (how many of them are there, even on the net?) to transfer the data and convert it to a usable format.

Re:Forget security by obscurity...

[loraksus]

There are still active CP/M user groups around. Why the hell? I honestly don't know, but there are. I recall selling a bunch of old equipment - 8086 boards, 10mb hard drives, etc, and the guy was overjoyed that his club got new stuff to play with. This was 2 years ago too... I guess the one man's junk saying is true.

Re:Forget security by obscurity...

[wideBlueSkies]

>>10mb hard drives, etc, and the guy was overjoyed that his club got new stuff to play with.

He was probably looking forward to undeleting the contents of the drives. How long do you figure it took him to do so?

Hope you scrubbed them first.

abacus porn?

[lostngone]

If the C64 confused them wait tell they find people storing porn on an abacus or two.

Only on slashdot...

[f97tosc]

does the story about a girl kept in a dungeon for eight years revolve around the kidnapper's computer. Tor

missing the point

[dirtyhippie]

The article, and most of these comments, are missing the point. The point isn't that you can't get the data off the hard drive - the investigators aren't that stupid - it's that they can't get previoiusly deleted or overwritten files off the hard drive using their standard techniques, because there is no way to image both a drive and the magnetic clues that these folks use.

Commodore 64 has an RS-232 interface.

The back of the Commodore 64 has an RS-232 interface. Any schmuck with a bachelor's degree in electrical engineering can hook the Commodore 64's serial interface into the serial interface of any modern desktop.

Re:Commodore 64 has an RS-232 interface.

[Dun+Malg]

The back of the Commodore 64 has an RS-232 interface. Any schmuck with a bachelor's degree in electrical engineering can hook the Commodore 64's serial interface into the serial interface of any modern desktop.

No, actually it doesn't have an RS-232 interface. It has something called a User Port, using a male card-edge connector, which can transmit and receive serial data, but it only does so at TTL levels. But yeah, any schmuck with a soldering iron and a breadboard can slap together a true RS-232 interface using a 25 cent MAX232 chip and a few caps.

Re:Commodore 64 has an RS-232 interface.

[God+of+Lemmings]

Yes, but if that schmuck had a BSEE he/she wouldn't, except in the rarest of circumstances, be a cop. The investigators would have to use their brains and find someone who can do the work.

Re:Commodore 64 has an RS-232 interface.

[LWATCDR]

It wouldn't take a BSEE to do it most hobbyists could whip one up in a few hours. However it is not really needed. You can buy a device that will allow you to interface a 1541 or 1581 to an PC.

Re:Commodore 64 has an RS-232 interface.

[Noginbump]

No soldering required. RS-232 -> user port plug-in devices were readily available for the C=64. Commodore even sold one, though I can't remember model number. There's probably one on eBay right now...

Re:Commodore 64 has an RS-232 interface.

[psoplayer]

Now see? All they had to do was post the question on slashdot as how to connect a C64 to modern machines and they could have had the files off in a jiffy. But NO... they just had to try to figure it out on their own.

Re:Commodore 64 has an RS-232 interface.

[compro01]

Yes, but if that schmuck had a BSEE he/she wouldn't, except in the rarest of circumstances, be a cop. The investigators would have to use their brains and find someone who can do the work.

you'd be amazed how many Electronics and Computer technicians the RCMP up here is collecting. they've taken practically the entire graduating class of each (usually 20-30 people per course) for 2 years running at the school I'm at (SIAST).

but i don't have much idea what they're doing at the other 3 campuses, but I'd imagine similar things are happening, so that would be at least 150 techs they've snatched up, if not more.

Re:Commodore 64 has an RS-232 interface.

[complete+loony]

I good friend of mine (who currently lives next to me) wrote the first version of c64net which can be used to communicate directly between a c64 and a pc. One of the tests he performed showed that you can transfer data from a PC to the c64 at about 32KBps.

Re:Commodore 64 has an RS-232 interface.

[iocat]

Dude, they're in EUROPE. Someone just needs to head for the University, find the demo party, pry Dieter away from his Amiga and be like "oh qiuck, we need the data from these floppies... yes, if you want to make a mod so the data all prints out along a sin-wave line while the SID chip kicks out the collected works of David Hasselhof, that's fine... oh my, you can make the text appear on shiny spheres? So much the better!"

Re:Commodore 64 has an RS-232 interface.

Priklopil threw himself under a train minutes after the girl escaped; there's not going to be any court case.

Re:Commodore 64 has an RS-232 interface.

[pipatron]

You modded this as "Funny", but there are more truths in this text than in any of the other posts. Seriously, any C64 hacker (and there are atleast hundreds of them spread around europe that use the Commodore 64 on a ~daily basis) would know how to transfer all the bits from a C64 floppy to any other format. He would also know what tools this guy used, and how to disassemble them to see how the data is stored (if not common knowledge already). For example, there is the the XzentriX Treffen 2006, http://www.xzentrix.de/ this friday in germany. Just go there, announce a new fast-compo (hack this guys files), and be done with it.

Re:Commodore 64 has an RS-232 interface.

[complete+loony]

He wired up a cable that would talk directly to the PC parallel port, transferring a whole byte at a time. The transfer loop on the c64 was about 8 cycles per byte @1MHz (from memory, this was about a decade ago) to read the byte, increment the address pointer, and toggle the appropriate wire on the cable, so yes 32KBps was quite possible. The code he wrote impersonated the floppy controller, and would redirect and read / write requests over the cable to the PC which would read / write from a disk image. VERY fast, and very easy to swap disks.

Once while I was at his house, I witnessed him idling in a #c64 irc channel on his c64.... Though he was just using the c64 as a text console to his freebsd box, it was impressive.

Re:Commodore 64 has an RS-232 interface.

[Stormwatch]

That probably is 32KBps as in 32 KiloBits per second.

Then it's Kbps, not KBps.

Re:Commodore 64 has an RS-232 interface.

[LWATCDR]

It is true. The C64 demo scene is alive and well. Now if the cops and the courts would trust one of them is different question.
What gets me is how none of the "experts" can handle anything that isn't a PC. I wounder if the guy had been running Linux, BSD, Minix, SkyOS, an Amiga, or Atari ST if they would be just as lost.
Here is a shop that sells cables that will let you read C64 disks on a PC http://sta.c64.org/x1541shop.html
I suggest they also google PETASCII if they want to break the encryption.

Re:Commodore 64 has an RS-232 interface.

[shaitand]

Am I the only one sitting here and wondering if anyone on this forum ever used a C64? They need a 5 1/4 floppy drive and a C64 emulator. The C64 stores all the data and programs on floppies, if the system has even been powered off they aren't going to get anything from the machine itself.

Personally I suspect the investigators just have a bunch of MCSE's who run prepackaged forensic tools and have never seen a C64 and don't know how one works.

Here's how to do it :)

[mbpark]

Here's the best way to do it:

1. Use Star Commander or the equivalent program (ftp://ftp.zimmers.net/pub/cbm/archiving/c64/emuti l.prg) to make your .d64 files. Additionally, if they're feeling up to the challenge, mnib (http://markus.brenner.de/mnib/index.html).
2. Use PDS Hash Toolkit or some other approved toolkit to hash the disk images you've created.

They can also use 64hdd (www.64hdd.com), set it as drive #10, make directories on the partition they copy the files to, and then individually hash each file using PDS Hash Toolkit. You'll have to hash the 64hdd binaries as well.

If he's a really hardcore user of the C= series, I think the price of that SuperCPU on eBay just went up by a few hundred euro.

From TFA

[Per+Wigren]

Police have been digging pits and using long probes to poke around the property,

Please read this before moderating parent as troll

[Garabito]

About Jon Katz, former Slashdot editor. Taken from here:

"There was a large controversy when Katz posted an article about an e-mail he believed to be from an Afghani teenager named "Junis", writing to him via the newly-restored Internet. Katz never disclosed the original e-mail, but it was an evident hoax and probably a parody designed to fool him. According to Katz, Junis wrote his e-mail from "his ancient Commodore computer", which he had 'dug up' and was now using to download movies, pornography, and MP3s thanks to the recent liberation of Afghanistan."

Top Ten Reasons Why Austrian Police...

[shoma-san]

Can't Transfer the Files:

10.There's no USB port
9. Austrian govenment mandate that all computers must be able to play music from "The Sound of Music".
8. Investigators were at Oktoberfest the day they taught pre Windows XP forensics.
7. Unable to install popular folk dancing software on Commodore 64.
6. Jokes about the situation being hopeless but not serious in Austria have become true.
5. Police still worried about riots after UPC Arena name change.
4. There's no USB port
3. The floppy drive is WAY to big
2. The modem baud rate is slower than pooh ...and the number one reason why Austrian Police Can't Transfer the Files:

1. Can't copy and paste without a mouse

reason to use it in one word:

[GeekyMike]

Zaxxon

Arial???

[srh2o]

Of course they'd lose information. Haven't you seen how bad Arial screws up ASCII porn... Uh Nevermind

C64 hardware

[Neo-Rio-101]

There are a myriad of other issues with this too. For one, the Commodore 64 uses PETSCII and not standard ASCII. To complicate matters more, he may have even used GEOS to store his data on floppy disks, and without the right conversaion tools, coverting that to plain text, muchless PC readable media, is going to be tricky without the right C64 hardware. If he had all that CMD hardware, or stored all his information on a hard disk or CMD formatted floppy disk, it will be harder again.

Commodore Security for Dummys

[AcidTag]

10 REM hide your stuff from the fuzz 20 POKE 53280,0 : POKE 53281,0

Forensically accurate copies should be cake.

[Myself]

This is simple. Get a Catweasel floppy controller, and use the bundled tools to make images of the disks. You don't even need any of the original Commodore hardware for this, any PC 5.25" drive will do.

If they're too cheap to do that, an X1541 cable and a copy of Star Commander will work fine, plugged between the Commodore drive and a PC. This shouldn't be forensically valid, because the 1541 is a smart peripheral and could concievably be running a modified ROM.

Re:Tag: Lamers

[oz_paulb]

Seriously: Do a block image copy of every floppy disk.

How would you suggest they go about doing that 'block image copy'? Should they use the 1541 drive? Do they understand enough about the drive to make it do the copy?

I don't believe a standard PC drive will read Commodore disks. The Commodore used "GCR" encoding, where PC drives have always used "FM/MFM". These encodings are incompatible with each other.

Also, I know that some Commodore drives would adjust the spindle speed to get more bits packed into outer tracks - I don't know if the 1541 drive did this, though.

I assume there must be a machine that'll do a true bit-by-bit copy of a disk (and, presumably one that would copy to a medium compatible with a PC).

Disclaimer: I haven't looked at PC disk controllers in years - maybe recent controllers have changed in a way that they can understand "GCR" (but I don't see why the design would have changed to support this, as it's not needed on a PC).

- Paulb

I can see where this is going...

[oohshiny]

Computer software or hardware that is not compatible with common forensic tools will automatically be deemed to be evidence of child pornography or terrorist activity.

One comment...

[ovapositor]

Dumb Asses. They just need to go to the goodwill and get a complete.. tricked out vintage system of their own. Data loss my eye.

Re:battery life?

[dougmc]

try a trs-80 mdl 100

I have one of those! Got it at Goodwill back in 2001 or so for $9.95.

Of course, here's the funny story. I got the computer, and figured `ok, what do I do with it?' ... so I tried to remember BASIC, and put in this program as soon as I got it working at the office -- 10 I = I + 1
20 PRINT "HELLO THERE # ", I ;
30 GOTO 10
(sorry if I got this wrong. This is the last time I did any BASIC, and it was years before that that I'd last done any.)

In any event, it's still running today. It's up to (let me check) 509176235. It's doing roughly 4.2 iterations/second, with most of the cpu obviously going to scrolling the display. Of course, if I do the math, that only works out to about four years, so I'm not sure what the discrepancy is.

In any event, it's lasted several office moves, and now it's in my garage, with a wal-wart transformer connected and some AA's in the battery slot. The batteries will run it for a remarkably long time, and I just replace them every year or so.

I've been tempted to pull it out and play with it a bit, but I'm reluctant to lose all my uptime ...

Re:I'll explain this one

[johansalk]

Ah but guess what they get for that fuel inefficiency; marvelous bodies. I've sometimes marveled in amazement at the bodies of those bike-riding Dutch girls; solid from the waist down.

except ...

[hany]

Except that those same media companies may in the future with high probability consider providing say Britney Spears' "tracks" (sorry, if I spelled her name wrong) for re-purchase as a "not interesting from operating profit point of view" thus consumers will be unable to repurchase thus they lose their beloved tracks. Or become criminals.

Feel free to replace "Britney Spears" with any other name from current "popular music" (or even past "popular music").

Re:except ...

[Stormwatch]

So in the future DRM will prevent people from listening to Britney Spears? This is Slashdot, damnit, you're not supposed to defend DRM here!

Re:Yes. Super hot.

[houseofzeus]

You wouldn't call them smart just because they're hot, would you?

If it was going to get you laid.... :-p

Re:I'll explain this one

[radja]

in dutch cities, riding a bike is often faster than going by car. it's also cheaper and if you get drunk you can walk home with your bike.

Oh so very relevant...

[Phil+John]

...the police suspect that he may have had an accomplice. Apparently the normal M.O. for this type of criminal relies on having another person in the mix (lookout during original kidnap, looking after victim if other needs to go anywhere for an extended period etc.).

Marc Dutroux (the Belgian Paedophile) had several accomplices - one of whom was directly responsible for Julie and Melissa's death by not feeding them whilst Dutroux was in prison on another charge.

Re:Clues? How about relevance?

[MichaelSmith]

The kidnapper is dead. It's a little late to be looking for clues!

Its one of those "without a trace" scenarios. Maybe the dead kidnapper has girls buried in basements all over Austria. You have to crack the C64 file system before they starve to death.

Computer Forensics - clear as mud

[gsobol]

Well, I can sum up the whole article like this:
Forensic investigators = not stupid
Article author/editor = selling a story / lack of facts
Court system = flaky justice

Being a computer forensic investigator, what I can tell you is that the problem is not with extracting individual files (being current, deleted, overwritten), or even hashing the contents or drive images themselves. Although this does present a certain technical challenge, this can be overcome. Any forensic investigator will tell you that, what he/she finds during his/hers investigation rarely comes under question or scrutiny. You just can not deny the fact that this "stuff" was found on the suspects media. What almost always comes under scrutiny is the technique used in obtaining the evidence. Where the police do have the tools and techniques that have been court tested for the relatively modern machines and OSes, there is no such tool or a battle tested procedure for capturing and processing data from the Commodore 64. That's what the challenge is all about. It's all about how do you get your evidence, and prevent the defence from shooting it down on a technicality that your approach was not forensically sound, because you have not used the court "approved" forensic tools and techniques. -- a side note: there are no court approved forensic tools, at least not in the USA. There are forensic tools that have gone through court scrutiny and been found to be acceptable, but only in conjunction with a proper forensic sound procedure. The tool is only a tool, like a hammer, it can be used to drive a nail into a wall, or crack someone's skull. Define a proper and sound use :) -- It's easy for technical people to understand the realities and limitations of the technology. It's easy to understand that when you copy the contents of the files from one OS to another the contents do not usually change. But for an average person on the jury, if one computer is old and the other computer is new, and they don't speak the same language, well that means that someone had to translate it, right? And if someone translated it, could they have made a mistake? Of course they could! Of course they DID! Again, the hard evidence - the files, the pictures, the notes, etc.. - do not come under scrutiny. It's the techniques, the procedure, the competence of the investigators that get's questioned, and thanks to our "well educated" and "intelligent" jury, sometimes the guilty go free.

Fear for retrocomputing

[RomulusNR]

Could this be the latest in the criminal world's security strategy? Can we expect to see Spectrums, Archimedes, and Atari STs turning up in police investigations soon?"

No, what this means is that soon, anyone who owns or purchases an old piece of computing will either have to submit to a background check or be put on a DHS watchlist. Because there is no reason for a normal person to own an old piece of technology other than for nefarious purposes.

Yeah and why do people use analog synthesizers?

[Kodack]

Or collect antiques? And why do people pay top dollar for wine that is not brand new. Why do people spend thousands of dollars trying to replicate the sound of 70's moog synthesizers. I mean they are so analog right? This is the year 2006 people, analog is out. We need digital synthesizers that use modern wave table sampling and run Linux. They make the best music right? I mean what good is an analog filter and a bunch of patch cables and no MIDI. It can't make a piano sound like a piano right?

And the same with antiques. People spending tens of thousands of dollars on old used furniture when they can go down to the LayZboy store and get something brand new.

And classic automobiles? Don't even get me started on classic automobiles. What is so classic about something that is so old it doesn't even use disc brakes, lacks airbags, and just looks old. I mean why sink money into something so old when you can get a nice Honda Civic that is going to get you around in modern style right? Who needs a Tbucket when you can get a Civic?

All mockery aside, the obvious answer to your question is that some people "like" and or "appreciate" things that are obscure, different, or old.

Not everybody wants to compose their music on an Imac. Some people choose to do it on an Atari or on a gameboy. And they make a living off it.

We have had over 30 years to improve on synthesizers but the best sounds are still made by the old patch cord Analogs like the Moogs'.

I'm not a commodore fan boy but the C64 is a capable synthesizer and music production platform. It's cheap, and it's been reverse engineered to the point that you can actually buy or make modules that will give it network access.

Having confines on something forces you to be more creative.

I mean, this guy kept some girl prisoner for 8 years, he was F'd in the head. But your arguing that classic equipment is pointless. And that's like saying that paintings are useless because of photography and photography is useless because of film, and film is useless because of television, and television is useless because of PC's with DVD players, etc etc.

Why hasn't the design of the guitar changed in the last few hundred years? Why has the electric guitar pickup not changed in 40 years or more? Because new doesn't always mean better. And some people like the sounds and feelings of old things.