Slashdot Mirror
Vista Makes Forensic PC Exam Easier for Lawyers
Katharine writes "Jason Krause, a legal affairs writer for the American Bar Association's 'ABA Journal' reports in the July issue that Windows Vista will be a boon for those looking for forensic evidence of wrongdoing on defendants' PC's and a nightmare for defendants who hoped their past computer activities would not be revealed. Krause quotes attorney R. Lee Barrett, 'From a [legal] defense perspective, [Vista] scares me to death. One of the things I have a hard time educating my clients on is the volume of data that's now discoverable.' This is primarily attributable to Shadow Copy, TxF and Instant Search."
If one was stuck with Vista, I could see VMWare being quite popular. Just run all of your "other activities" under a VMware computer. If the computer ever falls into enemy hands, just wipe out the virtual computer and you're good to go.
Another reason I'm sticking with XP.
He who laughs last is at 300 baud.
These are all legitimate, useful features. It's the implementation that's wrong.
All potentially damaging (ie, all) data should be written to an encrypted store in such a way that recovering it from a lost/stolen/seized machine is hard to impossible without assistance from the owner. That's just good design practice in an environment where there is more than enough computing power available.
I'm aware that there are places where you have to hand your keys over to law enforcement... with which I have no real problem provided the due process of law is followed. But at least properly managed/segmented encryption can prevent a fishing trip. And in the worst case if you were being falsely accused of something really awful then you might decide that the penalties for not handing over the keys were less severe than the penalties for having the data available. At least you would get the choice.
...anti-Vista FUD.
Vista is actually selling quite well, and many people I know are using it without any complaints. Why are the good points about Vista never mentioned on Slashdot? It's always how great the Mac is or how great Compiz is...
I'll probably be modded down for this...
So now with shadow copy Vista not only saves all versions of goatse and tubgirl that I ever will encounter, I'm most likely unable to remove all traces to those pictures from my machine. And with instant search everybody can find them easily.
Now that's progress.
Microsoft is reading this article and thinking "Heh, interesting side effect..." when later questioned their response will be "Yes, we meant that."
Also one would think that one of the ways to make an OS, or anything for that matter, secure, is to not only plug possible breach points from the outside, but also not to keep detailed information on the computer in the first place. When you do it, you do it by choice, if keeping information about you is in-built into the OS, then where is the choice? Can this be turned off? (Other than hacks)
Vista is proving time and time again that it's a ridiculously stupid OS choice for any user, it's as if Microsoft is trying their best to screw themselves. Is it stupidity or is there some kind of master plan at work here that isn't clearly visible....
"we've got trenchcoats and bad attitudes" - John Constantine, HellBlazer
"And with instant search everybody can find them easily."
Of course Macs don't have anything like that.
To make sure my Windows is running at peak efficiency and performance, I got into the habit of completely reinstalling Windows every Thursday at 10am.
This habit was developed during Win95, WinSE, WinXP SP1, and WinVista Beta
What? There was evidence there? Ooops, sorry... my standard operating procedure wipes the disk once a week.
"And more importantly are they stand alone versions of Vista, or the Microsoft Tax (Bundled with your computer, even if you don't want it)?"
Well if you don't want it? Why are you buying the computer in the first place?
"As far as I'm aware most people aren't choosing Vista when they have the choice."
Talking about a stalker. Leave me alone!
Hopefully you aren't alluding to the fact that you FORMAT your hard drive every week as a good security practice. Since you didn't specify your procedure, I'm going to assume that you do at least one complete disk overwrite before reinstalling Windows
... my disks are encrypted
'dd if=/dev/urandom of=/dev/sda' FTW
So backups kept on a disk, beagle's and spotlight's indices don't help in forensic PC exam at all, but Vista's shadow copy, which can be cleaned up with a few mouse clicks, instant search that can be either turned off or reset easily and TxF being generally a Good Thing ARE BAD, 'cause they're in Vista!
omg lolz Microsoft sux0rz!!!!!1111one
But if you went back in time to cover your tracks, there would be no tracks to cover in the present, therefore you wouldnt have to go back in time in the first place. But if you didnt go back in time in the first place, your tracks wouldnt be covered so you'd need to go back and cover them! But if you went back in time to cover your tracks, there would be no tracks to cover in the present, therefore you wouldnt have to go back in time in the first place. But if you didnt go back in time in the first place, your tracks wouldnt be covered so you'd need to go back and cover them! But if you went back in time to cover your tracks, there would be no tracks to cover in the present, therefore you wouldnt have to go back in time in the first place. But if you didnt go back in time in the first place, your tracks wouldnt be covered so you'd need to go back and cover them! (etc...)
Then: you are using Linux, what have you got to hide ?
The next step is: Only criminals use Linux
I have just realised: I am typing this at a Linux box. I had better go down and turn myself in at the cop shop.
There are some disadvantages to having MS (my hand writing went to hell) but I now have a script of squiggles that makes sense only to me (its not writing, its nmemonic dabbling which gives me clues as to what was happening to me [and around me!] at the time of the dabble.)
As such its as individualistic and unbreakable as a crypto "one-time-pad."
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Pah-leeze!
To date, I have made two honest attempts to switch from XP to Vista, and both times I ended up wiping the Vista install and going back to XP. First of all, not all hardware from XP is supported (I suspect the new DRM requirements in the OS for my difficulties here), and some of the hardware that is supported suffers from buggy drivers (e.g., nVidia). Then, there's the user interface. Not as ugly as XP's Fischer-Price interface, but nothing to write home about, either. I'd rather not waste the CPU and GPU cycles on it, thank you very much. Then, they *moved* everything around. I waste more time trying to find things I know are there, but which the Boys in Redmond decided in their infinite wisdom to move. The first example that comes to mind is mapping a network drive. Why the heck they moved it off the My Computer (what do they call it now, "Bill's Computer"?) window I'll never know. There are a lot of other examples. Then, there's the fact that Vista is a big fat pig when it comes to resources.
I have too much work to do on a computer to bother with this nonsense. Even if I bought a new computer, which would solve the hardware problems, I'd probably want Vista off it for something (anything) else. When XP came out, I upgraded right away, and was happy with it, even though at the time it, too, was a bloated pig. But not this time. Sorry. I gave it the old college try, but Vista's just a piece of crap.
"My country, right or wrong; if right, to be kept right; and if wrong, to be set right." --Senator Carl Schurz (1872)
> It has a resource intensive "shiny" interface.
.NET article from TWO THOUSAND FUCKING FIVE, one BY DESIGN article and one article from JULY TWO THOUSAND FUCKING SIX to say that Vista has "gaping" holes. If that's the best you can do, I think Vista has mostly succeeded. :)
# Tasks_that_trigger_a_UAC_prompt This is a perfectly reasonable list. All the points on that list deserve to be there.
s /m/30710428/search=Vista%20Ultimate/qlty=o
s /m/31221707/
FUD. Yes, the interface is "shiny", and does use resources, but the main resource intensiveness comes from the new features (like indexing) and the fact that it is a fully hardware accelerated desktop. If you actually disable these new features, Vista runs the same as or faster than XP.
> It has levels of DRM heretofore unseen in an operating system.
There's ONE new DRM thingie over XP. ONE. YOU WILL NEVER EVER SEE DRM IF YOU DO NOT USE DRM FILES. Vote with your wallet. I don't use DRM'd files either. I rip CD music. Vista WILL NOT ADD DRM TO NON-DRM FILES.
> It is claimed that it is secure, yet still has gaping security holes.
You use one
The fact is that there has been one exploit (ANI) so far, and due to UAC and IE protected mode (sandboxing) that exploit couldn't work in Vista as well as it did in XP.
> It is claimed that it is safe, yet has to be made un-safe for users to be able to do anything with it.
FUD. FUD. FUD. UAC DOES NOT HAVE TO BE DISABLED FOR A VISTA COMPUTER TO BE USABLE. I haven't seen a UAC prompt in weeks now -- of course, it helps that I've updated all my apps for them to not require admin permissions.
Go look at the Wikipedia article to know what triggers UAC. http://en.wikipedia.org/wiki/User_Account_Control
> It is expensive
Not when you factor inflation in. In any case, a deal with Ultimate (this is the full edition) is available for US $165. http://software.pricegrabber.com/windows-family-o
Most will need a Home Premium upgrade, which starts from LESS THAN $100. http://software.pricegrabber.com/windows-family-o
> clunky
WTF?
> space consuming
Not when you factor the new things in. If you remove speech recognition, C/J/K language support, Media Center, and a few other things (eg using vLite) an install of Vista comes to around 3.5 GB. Anyway, hard drives are big enough for it, it isn't too much of a factor now.
> privacy invading
Oh dear, more unsubstantiated FUD. Why am I not surprised?
> insecure
The FUD this time, for a change, is not from you, but from Symantec. The fact is that better companies like Eset have no problems programming for Vista. Symantec uses several KERNEL HOOKS which are disallowed in Vista x64, in favour of Microsoft APIs.
> unsafe, and is more interested in protecting the interests of major Hollywood distributors than its users.
I'm tired of this BS. Look above.
Get your facts straight first before starting your standard FUD.
Following on from the runaway success of this http://ubuntusatanic.org/news/ and this http://tinyurl.com/nq9ut, I'm sure we'll soon have MAFIA, paedophile and Goatse *nix distros...the demand is there, c'mon RedHat, what are you waiting for?
Parent is trying to destroy your data
It seems the article and most slashdot users are not familiar with basic COW snapshot technology. First, most raid arrays and Filesystems, now-a-days, offer this functionality and it is a proven scheme to make revision copies, backups, or backup assistance online without wasting tons of resources. Linux has snap technology and so does a host of other OS's. None of these Technologies that I know of want or need to offer any sort of extra security. If you want that, simply turn on Filesystem encryption and encrypted data will be snapped. Vista offers encryption out of the box.
Also, you can delete the snaps if you want to through the commandline or a scheduler task or whatever in Vista. I for one think the automatic snap management was a brilliant move on Vista's part as the benefits outway the negatives. I run without a virus scanner and if I get infected, I just roll back to one of my hourly snaps as I increased the interval. I don't lose any work because my docs are snapped, but not automatically rolled back as part of the system rollback.
For quite some time, it's become easier to find out anyone's business as they used their computer, even in Windows XP. It just seems that with Window Vista, it's easier to make the discovery. Keep in mind, it's not just the operating system doing the copies, but it's also applications that do so as well.
From the "temporarily copied" documents viewed in Microsoft Outlook, to the cached images stored by Internet Explorer, and still yet to the meta-data stored in Word documents. (There have a been a few times I have read a Word document meant to be anonymous only to find the creator in the document's properties.)
While it might take the career of the computer forensic scientist down a peg and be a boon for any prosecutor, it does nothing more than make it easier to find information that hasn't been deleted by force from its owner.
Don't be surprised if the market now swarms with applications that will allow you to 'view' data while wiping all trace evidence after it's been seen; or still yet allowing you to create documents that are completely wiped of meta-data. Sure, you won't be able to find something unless the search has to delegate to its bits and bytes, but at least they can't find someone's manifesto by name. (Of course, you have to be sure that it wasn't e-mailed.)
It's encroachment on privacy like this that creates entirely new markets for people to leech from the truly paranoid; which seems to be quite a majority of the population since everyone seems to have some skeleton in their closet.
On a funny note, this one co-worker had an embarrassing image pop up every time he went to print; the image itself was attached to an e-mail from a co-worker who loved to send around joke e-mails. He wasn't able to get rid of the image from the preview, until I pointed him to the directory (which is stamped in the registry) where Outlook stores its temporary files (usually most attachments, images, etc.) Apparently this fellow never opens any e-mail from this co-worker anymore.
Spoken like a true totalitarian. What happens when the laws change and the perfectly legal and moral things I do on my computer become immoral and illegal according to the government? Sorry bud, but I'll hang on to my privacy.
No, we need a government that is more honorable that doesn't engage in unconstitutional search and seizure, that respect privacy, that doesn't go on fishing trips in your data storage. Crypto is there to protect you from this, use it.
PS: the "if you don't have anything to hide.. blah blah" argument is a load of horseapples and only a MORON doesn't know that.
If you cannot keep politics out of your moderation remove yourself from the Mod Lottery.. NOW!
... my disks are encrypted
'From a [legal] defense perspective, [Vista] scares me to death. One of the things I have a hard time educating my clients on is the volume of data that's now discoverable.'
.. educate your miscreant clients on how to safely violate the law. What's the best way to commit your crimes while leaving the fewest traces. "This is how you murder someone, and here's how to make a silencer, and here's how to make a car bomb."
...
Soooo
Sigh
First, let's kill all the lawyers.
http://sourceforge.net/project/showfiles.php?group _id=37015
Not sure if it helps in this case, though.
Bypass Compulsory Web Registration -- http://bugmenot.com/
I'll assume you're using internet explorer under Vista?
There should be a "-1:Groupthink"
My bigger concern is what happens to the excess (not admitted into evidence) data. IE, almost all of it. That really needs to be kept confidential. I'm not sure how it can be protected? Something like "fruit of the poisoned vine" for criminal cases is probably too extreme.
I do all my illegal activities on an Abacus.
Red bead attempting to slide right.
Cancel or Allow?
Please stop stalking me, bro.
Why is noone mentioning that features like Shadow Copying, Instant Searches and such are among the most requested in the Linux world? (Beagle, anyone? Or Quicksilver for OSX, anyone?) I for one think that the Vista Shadow Copy is a useful feature, both for my grandparents and for me and my colleagues at work. Not that I use it, since I'm an Ubuntu convertee, but the concept seems good. Not EVERYTHING Microsoft creates is done by pure evil.
What is forgotten here is an OS really should be an OS - designed to run the computer and what not.
Now, when that OS has deliberate code to track and monitor a users 'usage', it really is no more a tool to run a computer, but rather a tool to watch a user. The main job of that code is absolute control of the computer taken away from the user.
MS have been trying to do this for years, and now it looks like they have succeeded ~ and the sheep follow and buy the crap.
It is pretty scary that this succeeds at all. I mean, nobody in their right mind would buy a car that recorded every single journey and 'phoned home' every time you exceeded a speed limit, or the car stopped at changing traffic lights, even though you didn't need to... the world would be in uproar and the car would most definitely not sell at all.
Yet the sheep still but this crap...
Ummm. Yeah. But when MAC has Shadow Copy it's the coolest thing under the sun. WTF!!? What a lame-ass article.
Whenever there is an article on Privacy, or the article a few days ago on the humans need for privacy, slashdotters come out in droves to state why privacy isn't important or why privacy is already gone deal with it, or all information should be free,etc.,etc.
:)
Those same people come into these articles and comment about how security choices allows information to be free. Geez, make up your minds
yep, it's very insecure because the unsafe mechanism in Vista is not safe !
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..
The Mac it the criminal pc of choice.
The cops don't know even how to turn one on.
Security thru Obscurity works at the local level.
Secondly, the mac was the FIRST with full disk encryption.
.... recovering all the spam mail you deleted, when the lawyers want to prove you to be some sort of pervert on perscription drugs.
Seriously, this seems to contridict recent reports that linux is less secure then Vista.
So when is all the MS promotional hype going to be exposed for what it really is, a bunch of contradictory lies.
Is anyone keeping an accounting of all the Bull Shit coming out of Mircosoft promotion?
So it can be added up to find MS OS is ad promoting spyware that takes up resources that can better be used in user productivity.
There was a time when memory, storage space and megahertz were valuable resources.
And now we know why Vista required such resources yet performs from a user perspective, slower.
Because its spying on you and dumping garbage all around your hard-drive.
So does a marriage.
How about that "restore previous versions" feature of Vista. You can bet that isn't going to cause some embarrassing moments.
I assume something like wipe would do a unrecoverable delete.
Does anybody know. If a program does fopen("myfile.txt", "w+") is a backup made?
Arthur Dent: Is it safe? Ford Prefect: It's perfectly safe. It's just us who are in danger. -- Douglas Adams (HHGTTG)
I can see it now, late-night home shopping channel ads
"Protect your computer! Buy our software!"
"Getting divorced? In a lawsuit? About to be? Buy our software!"
"Save thousands in legal fees or worse!"
"How much would you pay for all this?"
"For not $1000, not $5000, $200, not even $100, but for only $99.95* you too can have our amazing software*!"
*Plus $5.95 shipping and handling. Vendor support not included.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Unfortunately, this technology is very likely to be misused by uninformed people in the legal profession. The example of the school teacher accused of spreading porn come to mind. http://arstechnica.com/news.ars/post/20070214-8850 .html
Some prosecutors are likely to take the evidence from Vista as proving a person did something very bad. The evidence only the computer did something very bad. A rogue third party could have hijacked the computer and planted the data there. With current spyware and adware, the attack may simply be an effort to drive traffic to certain websites. Having a school teacher's career destroyed is just a side-effect of a rogue third party trying to make money.
EVERY time I rob a liquor store I create detailed plans on my laptop running Vista, which I keep in my getaway car.
I hate slashdot
The Republican's sure aren't going to want to upgrade...
I read this fascinating article (probably a /. story) about how anti-computer forensics (the art of manipulating computer records and files and any and all data to hide evidence or forge false evidence) can beat computer forensics every time, because the whole idea of computer forensics is to trust what the computer says as truth. The only problem is, someone with enough knowledge of a computer can easily change any and all data... and leave no evidence of tampering. Date and time stamps can easily be manipulated with free tools or even just by changing the system clock time. Files can be encrypted, or overwritten multiple times with random data to be completely lost. The article writer believed that computer forensic evidence should be deemphasized over the much harder to tamper with physical evidence. I concur with his assessment.
Basically... people who don't know how to do this anti-computer forensic stuff... computer forensics can be a huge evidence gathering tool. But the problem is the people who know how to cover their tracks, or even worse decide to forge evidence to frame someone else. I personally already know how to disable Shadow Volume Copy and Instant Search... the options are just in the Windows GUI somewhere (not sure what Transactional NTFS is, but if I cared enough I could probably figure that out too with a quick Wikipedia trip).
I suppose what I'm trying to say is that this will only change things for the computer users or the computer clueless... not for those who already practice anti-computer forensics, or even just use such techniques to ensure their privacy.
That is correct. AME, FileGuard, and other utilities gave System 6 and 7 full disk encryption.
/tmp (which is not protected), or brute-force the .dmg encryption if a person does create a disk image.
Problem is that OS X is unsecurable in this manner. Yes, you can "encrypt" your home directory, but all an attacker has to do is look in
Wow someone else uses the same procedure as me. What's so great about this is it allows me my weekly scheduled evil session for about a half and hour before 10am on Thursday and I trust the authorities(even after having read this post) aren't smart enough to arrive at 9:55am on Thursday.
This is called the grandfather paradox. ...and if you went back into the past, you'd probably step on an ant and destroy the world anyway.
Um, OS X apps don't use the /tmp directory in the way most unix machines do. It's manly there as a compatibility thing for BSD apps...
/tmp, the X11 socket under my user-id directory:
/tmp/ .. .X11-unix /tmp//.X11-unix: .. /tmp//501: ..
/tmp is a link to /private/tmp, and you only get the contents when you append the /] ... and I have darwinports installed, use X rather than Terminal, use X editors etc. I'm far more unix-like than your average Mac user...
My Mac has been up for 21 days, used every day for a variety of things (none of them illegal, but hey...) and there is precisely one "file" in
[mac:~] simon% ls -laR
total 0
drwxrwxrwt 4 root wheel 136 Jul 14 03:24 .
drwxr-xr-x 6 root wheel 204 Jun 22 17:40
drwxrwxrwt 3 simon wheel 102 Jun 22 20:27
drwxr-xr-x 2 simon wheel 68 Jul 12 18:57 501
total 0
drwxrwxrwt 3 simon wheel 102 Jun 22 20:27 .
drwxrwxrwt 4 root wheel 136 Jul 14 03:24
srwxrwxrwx 1 simon wheel 0 Jun 22 20:27 X0
total 0
drwxr-xr-x 2 simon wheel 68 Jul 12 18:57 .
drwxrwxrwt 4 root wheel 136 Jul 14 03:24
[mac:~] simon% uptime
10:09 up 21 days, 16:48, 1 user, load averages: 0.20 0.08 0.02
[the extra slashes are there because
Oh yeah, and "all" you have to do is brute-force the DMG encryption ? *ALL* !!!? The NIST seem to think it would take 149 thousand billion years to crack the key, *if* you used specialised hardware...
Simon
Physicists get Hadrons!
Come on, we are all adults here. We all know "homebrew" is really code speak for piracy. We all know "open source" is really a code speak justification for software piracy.
So now that Vista is the most reliable OS in history, the FOSSie crowd is up in arms and searching for fresh FUD to use against Microsoft: after all, their old saw about BSOD, and crashing, and viruses, etc, are all ancient FUD (not that it stops them from using it, but Windows users just look at FOSSies like they are nuts anyway).
I remember back when the FOSSies were trying to tell the world OpenGL was the next great wave of graphics, and how open source games were going to take over the world, etc. Kind of like Lunix on the Desktop, one would imagine. Well anyway, of course we all know DirectX took over the gaming world, and Windows continued to be the finest desktop OS on the market (and now, with Vista, the best in history).
So yeah, Lunix is a cool tech toy for tinkerers to use, but everyone knows serious IT people have very few uses for Lunix, and it's certainly not anything which goes anywhere near a desktop.
If you commit any illegal activity involving your computer, the authorities will eventually decrypt whatever illegal stuff you have eventually. That and if you don't give up your encryption keys they'll hold you in contempt of court for impeding an investigation anyway. I don't know why you all are complaining about something which will only apply to you if you do something illegal. That's like complaining that the government will search my house if I murder somebody.
Why would any computer geek take a lawyer's word on operating systems for granted?
TxF is the transactional file system that has been around ever since Windows NT (something I used to love pointing out to Linux fanbois any time their fs got corrupted due to a power failure or unplanned reset)
Instant Search is just the new marketing hype name for the Content Indexer which has also been around since NT days.
Shadow Copy was introduced on XP, which lets you install OS updates without rebooting, IF it is enabled, which it is not by default.
This is all just a bunch of stale, moldy FUD.
I'd hate to break it to everyone but these technologies have been around for quite some time already before vista ever existed including XP.
:)
:)
Shadow copy for sure.
TxF is new (and very cool I might add) and I doubt very much its currently used much at all. Concidering NTFS is a journaling file system the journal is where you'll be gathering most of your incriminating evidence anyway with or without TxF
I don't know the specifics of any search enhancements made but I do know that XP included the microsoft search service to create indexes of local files and directory information for indexed searching.
In fact if you look at the vista information page they spout a whole lot about technologies that have already existed in previous versions of their products
If only my ancestors had truly understood the horrible dangers of "pads of paper", whose insidious nature permitted forensic recovery of exact handwritten correspondence. The prosecution needed only a #2 pencil to reveal damaging evidence by merely wiping the edge of the pencil "lead" across the page whose surface had been silently altered to store the impressions of the writer's penmanship.
Besides, I much prefer to use an operating system that not only doesn't keep shadow copies of my work, but rather, in a heroic effort to safeguard my privacy, quickly loses the originals ("file not found", "seek error at track nnnnn", etc.).
I say "boo" to Windows Vista. We don't need no stinkin' backups of our data.
The reason the job is made easier is that Vista's file copy moves at the speed of the court systems.
Bah-dum-ching!
Have you read the moderator guidelines? Well, have you, PUNK? (and I want a Karma: Gnarly option)
Interesting, must have a look at EnCase, just out of curiosity (I banned anything with copyright problems years ago so I'm not worried - I don't even use Office anymore, but OO).
However, I am not sure you could consider the artifacts evidence as they point into space if you load up the 'regular' Truecrypt drive. All that you can prove is that the data may have been present at some time, but the hard evidence is missing, it's as if you erased it. Forensics could never get further than a reasonable suspicion, but there would be no proof unless you're so dumb to admit to a hidden volume.
A decent interrogator will probably trip you up on that (yes, even without Guantanamo Bay) but as long as they don't have a password they have zip, I think. Of course, IMHO, IANAL.
I personally think you're dumb if you're doing something illegal. Hide data for privacy reasons, yes. But there's little reason to be on the wrong side of the law these days, IMHO.
Just my two cents..
Insert
If Microsoft were to tell the MAFIAA that DRM was a no-go, the MAFIAA would be screwed in their attempt to control digital content. So M$ is certainly enabling the MAFIAA.
OK, so the emergence of digital distribution is going to screw the MAFIAA anyway. But DRM enables them to hang on a few more years.
PS - characterizing something as "clunky" or "privacy-invading" is an opinion and as such needs no links. Why do you seem to have a need to have opinions validated by others?
Sorry, I couldn't even read the whole article without freaking. I work in Electronic Discovery and am an expert in this field, large collections focus on data and data-ownership. Operating system files are removed from this process as irrelevant only user data is of interest, machines seized in this process are shipped to facilities that catalog relevant files in a much larger review system. Anybody who desires to 'fire the machine up' also desires to deal with OS security and trusts that technology to not mask anything of value. Terabytes of data are filtered through in sets that span many fileservers and clients alike. Mac, Win, *nix it doesn't matter. Suggesting Vista will help with this is a complete joke, all OS's are equally irrelevant. And regardless of what people might think Lawyers are not valued for their technical competence by anybody but other Lawyers. Anybody who wants to deal with systems on a host by host basis will never finish reviewing all their material and will loose their case.
Not that dumb ideas don't get passed off as brilliance.
Ah, I feel better now. Well its back to crawling 12 million Tiff files of OCR paper documents for me, and no I'm not using freakin' Vista.
Since things like computers didn't exist back when the Constitution was written. You can't just say "no" to anything that might convict you. For example you can't refuse to hand over a key to your house (not that they can't break the lock anyhow) or refuse to give a blood sample. So an encryption key is a real grey area. On the one hand, it isn't really testimony per se, it is more akin to a physical key and thus you should have to hand it over. On the other hand it is something that is stored solely in your head, and the intent of the 5th is that you could keep your mouth closed if you wanted to.
Something like this would probably have to be argued in court if it came up. There is probably some precedent both ways, and I don't think there's any rulings on this specific topic.
If you haven't tried it yet do the following: corrupt the networking part in VPC (or disable networking in VMWare), then load Windows Vista or XP SP2 and use it on a regular basis (you don't even have to load anything, no updates or so), never allowing networking and since it's a corporate version you don't need to activate.
I think after about 90 days (more or less, I don't use it that much) I have noticed the Windows installation corrupts itself everytime with the same error (blue screen on startup saying it can't find a specific file in the \system folder), call Microsoft and all they know is that you should apply the latest patches (but I'm not on the Internet, I'm in a controlled environment)
I have had it with different systems (Mac, PC, Linux) and there was no special software running on the virtual machines and all networking and file transferring was blocked.
Custom electronics and digital signage for your business: www.evcircuits.com
You pay money for systems that track changes to certain files in specific places.
You do not pay good money to monitor every move a user makes. That puts way too much burden on computer resources, and even the decisions it requires of management is way too much of a burden, even if management makes the right decisions (the decision to turn it off).
This is in the same category as the privacy debate.
In another world, where everyone is perfect, we won't mind having no privacy. (We can stand upon the mountain with our flags unfurled, to quote Paul.) There will be two reasons for that: One, no perfect person will need room to recover from calculating blind alleys. The other, no perfect {parent | manager | police | neighbor} is going to look at data that is local to someone else's stewardship unless invited to do so.
This world ain't that, and if you think you're ready to live in that world, I hope you have the chance to get a good enough glimpse of that world before being committed to it. (We do all go there eventually, of course, in spite of John and Ono's insistance to the contrary.)
joudanzuki
Vista is storing copies to provide desirable and useful features. Point-in-time recovery. Fast search.
Boneheads will still think dragging to the trash makes their porn go away. Real boneheads will still think emptying it makes it go away. And the ones stupid enough to get caught will seize on any lame-ass excuse to blame someone else.
If you're doing something you think the hierarchy-worshipers will eventually decide is in the top 10 on the who-do-we-rile-the-sheeple-with-next list, you spend time thinking about real security and spotting agents provocateurs and how to stop the bastards sucking every part of the economy they don't own completely dry.
Vista (or Google, or Spotlight or whatever Apple's version is called) indexing your hard drive is probably more helpful than dangerous even in that scenario.
As always, all IMO. Insert "I think" everywhere grammatically possible.
Way off-topic, but: I used to work at Lowe's Home Improvement Warehouse, and this lady was looking to buy a ladder. She asked a few questions about the differences between fiberglass and aluminum ladders. Finally, after she had made her decision and she was walking away with it, she turns around and asks me, "so, is this one safe?"
Judging by the way her face turned red, I think I accidentally gave her a funny look when I said "yeah, I think so."
Unless your drug of choice happens to differ from everyone elses.
Don't do drugs, but I think theonly margin call would be the therapeutic use of something that is known to help but has been declared illegal.
Or if you're consenting adults involved in a mutually beneficial transaction.
You mean, being called George Michael and getting yourself a case of Repetitive Stain Injury in front of an appreciative audience instead of a cop? No, it's OK, I know I left the 'r' out.
Well, I wash my hands of that, cough - but that may be fixed by a geographical move. Not every country forbids making a fool of yourself.
Or maybe you just can't afford that CD.
Oh, it's OK to steal it then? You can always borrow it unless you're dead out of friends and there's no local library. Just replace "CD" with "Ferrari" and see if it still seems a sensible argument.
I can find a lot more reasons to break the law than I can to obey it.
Strangely enough, that may have to do something with where you live. If all you see is examples of people getting ahead with breaking the law, that becomes your personal profile too. Attitudes flow downwards, which is another reason I don't like Bush declaring himself above so many laws and reportedly breaking quite a few others. It creates a culture where the law no longer has a meaning.
If you instead look at other nations where laws are a little bit more democratic and fair you'll see the other side of the coin.
That does, however. presuppose a functional democracy to start with, and there are very few countries left that can name themselves that without some serious reality adjustments.
In fact, they ought to allow drugs :-).
If one would actually know something about Vista, I could see much more people praising Vista. Just use something called BitLocker Drive Encryption. If the computer ever falls into enemy hands, it's mathmatically impossible to steal any data from the PC.
Another reason I'm using Vista.
P. S.: If the computer already fell into enemy hands, how are you gonna wipe out the virtual computer, idiot?
Easy to see Jason Krause doesn't know something called "BitLocker Drive Encryption". Ah, don't you people miss those days when journalists would reasearch before saying something (I don't even talk about readers anymore)?