Vista For Forensic Investigators
Ant writes "SecurityFocus has a two-part article offering a high-level look at changes in Windows Vista that a computer forensic investigator needs to know about. Part 1 covers the different versions of Vista available and Vista's built-in encryption, backup, and system protection features. Part 2 continues with a look at typical user activities such as Web browser and email usage."
I see from TFA that they're shitting themselves at the prospect of widespread drive-level encryption. They console themselves with the fact that only the high-end Vista versions support BitLocker.
But in the end, encryption offers only limited protection. If some well-resourced hostile authority wants to take you down, there's endless options for framing you up. For instance, they could mess with your ISP's logs to fabricate http hits to k1dd13 pr0n sites, or infect your box with a bot that hits such sites on your behalf, which will cause the hits without messing with the ISP's logs...
-- In the beginning was the WORD, and the WORD was UNSIGNED, and the main(){} was without form and void...
With Vista, the OS from MS that phones home more than any previous release, can we really trust it not to "Phone Home" the encryption keys of bitlocker once it's enabled?
You know, I have one simple request. And that is to have sharks with frickin' laser beams attached to their heads!
The defendant has no obligation to provide the prosecution with incriminating information.
Mea navis aericumbens anguillis abundat