Microsoft Helps Police Crack Your Computer
IGnatius T Foobar writes "Microsoft has developed a small plug-in device that investigators can use to quickly extract forensic data from computers that "may have been used in crimes." It basically bypasses all of the Windows security (decrypting passwords, etc.) in order to eliminate all that pesky privacy when the police have physical access to your computer. Just one more reason not to run Windows on your computer."
Anyone can boot from a Knoppix live CD and mount NTFS drives in Linux and poke around. NTFS security is not applied under Linux so you can have a look at anything you want. I don't see how this is a big deal.
The only thing that might be a problem is browsing the registry, but I wonder if wine's regedit can load native Windows registry hives. If so, then all Microsoft has done is taken existing Linux functionality and made it user friendly for the police.
Speaking of which, anyone wanna place bets as to how long it takes for this tool to spread across p2p and torrent sites?
Police over here in WA have a special distro designed for forensics.
"I've got more toys than Teruhisa Kitahara."
I'd just boot knoppix and mount the partition. There, I have access to all the files. That goes for windows AND unix/linux.
If you really depend on the password for anything other than stopping casual or remote access, you're just fooling yourself. I just bought a Mac laptop and one of the things I ran across while I was reading about it was the File Vault. According to the really really enthusiastic article I read about it, it'll encrypt all the data on my home folder based on my login password. In theory, it sounds like even if somebody mirrored the drive, they'd have trouble (assuming the password is good...) getting at my data. I just wanted to ask: From a practical point of view, does this offer me much more protection? Or is there still some braindead easy way (short of beating the password out of me
"I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
From what I understand, No. There are ways, but nothing this simple. Your home folder is actually one massive 128bit AES disk image. So to crackers it just looks like one big file. You could do what I do and keep stuff 'private' (Tax Returns, financial stuff) on an encrypted disk image and have the OS NOT remember the password. Plus if you forget the password you don't lose all your music and other petty stuff.
http://en.wikipedia.org/wiki/FileVault
I was in an Apple store once when someone brought in their file vaulted laptop computer. They had 'forgotten' their password (Their actual story was that the OS changed the password on them). Apple Genius told them they were SOL. There are ways, but none of them are easy and most require something like cooling the RAM immediately after shutdown or catching the computer when it is sleeping.
Wow. Just fucking wow.
So, either an AC is trolling by claiming to be a police officer who abuses due process. In which case I'm feeding trolls, and it's my bad.
Or, an actual police officer is pointing out how he can basically stomp over the intent of the law and your rights by pulling out an unsubstantiated claim of obstruction of justice.
If so, you're a perfect example of what is wrong in law enforcement, and why people have come to believe the cops are just thugs with authority. No wonder you posted anonymously. Thank you for demonstrating a new reason for increased cynicism about such things. No wonder people hate cops.
Cheers
Lost at C:>. Found at C.
The article says It also eliminates the need to seize a computer itself, which typically involves disconnecting from a network, turning off the power and potentially losing data. Instead, the investigator can scan for evidence on site. Which implies that it can break in without cycling the power. That sounds more like password extraction rather than resetting. I can only go by what the article wrote, rather than speculating about what they might have meant.
God is imaginary