Slashdot Mirror
Vista Makes Forensic PC Exam Easier for Lawyers
Katharine writes "Jason Krause, a legal affairs writer for the American Bar Association's 'ABA Journal' reports in the July issue that Windows Vista will be a boon for those looking for forensic evidence of wrongdoing on defendants' PC's and a nightmare for defendants who hoped their past computer activities would not be revealed. Krause quotes attorney R. Lee Barrett, 'From a [legal] defense perspective, [Vista] scares me to death. One of the things I have a hard time educating my clients on is the volume of data that's now discoverable.' This is primarily attributable to Shadow Copy, TxF and Instant Search."
These are all legitimate, useful features. It's the implementation that's wrong.
All potentially damaging (ie, all) data should be written to an encrypted store in such a way that recovering it from a lost/stolen/seized machine is hard to impossible without assistance from the owner. That's just good design practice in an environment where there is more than enough computing power available.
I'm aware that there are places where you have to hand your keys over to law enforcement... with which I have no real problem provided the due process of law is followed. But at least properly managed/segmented encryption can prevent a fishing trip. And in the worst case if you were being falsely accused of something really awful then you might decide that the penalties for not handing over the keys were less severe than the penalties for having the data available. At least you would get the choice.
I do all my illegal activities on an Abacus.
Mwa aha hah.
How are you going to wipe out the virtual computer once the computer is into ennemy hands ? ;-)
Everything I write is lies, read between the lines.
To make sure my Windows is running at peak efficiency and performance, I got into the habit of completely reinstalling Windows every Thursday at 10am.
This habit was developed during Win95, WinSE, WinXP SP1, and WinVista Beta
What? There was evidence there? Ooops, sorry... my standard operating procedure wipes the disk once a week.
Then: you are using Linux, what have you got to hide ?
The next step is: Only criminals use Linux
I have just realised: I am typing this at a Linux box. I had better go down and turn myself in at the cop shop.
Yes, we know it's more resource intensive, but it's not just the interface that's doing it. One article is from an Apple fansite which either fails to understand or doesn't want to and the other doesn't claim it's the interface at all. Bad start.
The DRM only applies to (shock) DRM-enabled content that you buy. It was a choice between layering in the DRM or not allowing people to view that content on the PC at all, a choice enforced by the big media companies who own the content. Yes, Microsoft could have stood up and said no, and in doing so crippled Blu-ray and HD-DVD functionality in Vista. Surprisingly, despite Slashdot's wanton hatred of it (I don't particularly care for it either), very few consumers care about DRM, so they went ahead and gave people access to that content.
For security, two of your articles were published before Vista was even released to the public, and the only relevant link just explains that if an installer requests admin mode, you can give it admin mode and it can do what it likes, citing a 'malicious freeware Tetris installer'. The article fails to mention that this happens in the same way for both OS X and Linux, instead of trying to be useful and educate readers on using their common sense when downloading software.
Saying 'security has to be disabled for Vista to be useful' is just plain bullcrap. Turning off UAC merely stops giving you the choice to run programs as admin. UAC doesn't prevent any programs from running unless you say you don't want it to run. You may want to clarify that point.
Expense (as always) is in the eye of the beholder (I paid my £70 and have never regretted it), and considering hard drive costs are down to 30-40 cents a Gigabyte, then the extra space costs are inconsequential. As most people only get a new OS with a new computer they will probably never even concern themselves with this point.
You didn't provide links to prove 'clunky' or 'privacy-invading', which doesn't surprise me.
The article you linked to for 'insecure' says "Microsoft, Kaspersky and Sophos think that you don't need kernel access to keep it safe from viruses, but Symantec and McAfee don't agree. They're bigger than the other two vendors and Microsoft is biased so they must be right".
Your final link takes the cake because it links to a list of blogs and none of them mention Microsoft at all.
So, why would you want to use Vista? You wouldn't. Nothing to do with usability, or features, but because you obviously prefer using Linux to the extent that you're prepared to parrot the FSF line without actually understanding it.
My plus points with Vista include:
- Playing MP3s and DVDs without breaking the law (fair law or not, still a law)
- Being able to play the latest games without needing a degree in Computer Science
- Being able to perform 99% of my system tasks without referring to the CLI
You'll be disappointed to learn of Microsoft's new Abacus Retentive Summation Environment (ARSE) tracking extension, which is being made mandatory for all abacuses from 2007 onwards. I guarantee you'll barely notice the performance penalty. :)
I do all my illegal activities on an Abacus.
Red bead attempting to slide right.
Cancel or Allow?
Please stop stalking me, bro.
The reality is that most users like the ability to index and search their data, and to recover previous versions of a file, as well as the better reliability offered by transactional file operations. In the general case of a non-criminal user, these features provide far greater benefits than the potential harm of having their activities more effectively analysed by law enforcement officials, in the highly improbable case of a legal order to hand over their data.
Looks like you'll be the first person Microsoft sues for ARSE-Crack.