Slashdot Mirror
Post-Suicide Account Cracking?
An anonymous reader writes "A good friend of mine had her younger brother apparently commit suicide last week. He was a young, promising CS major who was close to being accepted into a very prestigious school. He was very into Linux as well as PHP/MySQL coding. He left absolutely nothing behind for the family as far as a death note or explanation, and there is some possibility that this was all somehow a tragic accident. The family is in a situation where proof of accidental death would change how this was viewed in terms of paying for parts of the funeral. More importantly, some members of the family are hoping to find something, anything, that might explain why this all went down. Since I'm the most computer-skilled person the family knows, they have asked me if I could help them try to find some information. My possible approaches are: his Linux laptop, his university, Gmail And Hotmail email accounts, and a second MySpace profile that apparently has been tagged as private. How ethical would it be to, say, try to crack his root password in a situation like this? I wouldn't attempt to crack a man's account for his wife because she thinks he is cheating on her, as his life is his own business. In death, would you have the same respect for a person's private thoughts? Secondly, If I contacted places like Google, MSN, the university, and MySpace, what are the odds that they would give me access to any of his accounts? I have links to obituaries and such to prove that he is indeed gone. Would it be a matter of not giving it to me (maybe only to the family), or is this something that they would not do at all? Any opinions on if I should do this and if so, how I should go about it?"
dead people don't really care, one way or another.
His laptop is one thing, but I seriously doubt that Hotmail, Gmail, MySpace, or even his university are going to open access to his accounts for anything but a police investigation.
You. Don't.
a court order will streamline all this for you
This is really sad to hear.
A death certificate from the next of kin opens many doors.
They're not likely to help you since you're not a relative and certainly if all you do is point them to a link to an obituary.
Your friend is gone; he no longer owns anything. His worldly possessions, including his accounts and passwords, belong to those he left behind. They have asked you to open the locked box, open it.
There is no ethical delimma. You are being asked to open something by that something's owner. NOT cracking passwords would be wrong.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
If you have physical access to his laptop, you can just boot with any linux live cd and mount the partitions without any access control. This will not work if he is using encryption, but unfortunately, few people do.
c++;
"I don't know, therefore Aliens" Wafflebox1
I'd not try to crack online services. His Linux laptop is fair game though. In fact, probably not that hard to crack. Just boot it in runlevel 1, then change the password.
XML is like violence. If it doesn't solve the problem, use more.
How ethical would it be to, say, try to crack his root password in a situation like this?
Take 5 seconds to boot into single-user mode, or mount the disk elsewhere sans password.
Interested in open source engine management for your Subaru?
A good friend of mine had her younger brother apparently commit suicide last week
You do realise that, in English, this sentence means the brother committed suicide at her behest, right?I'd say yes... but with sharp conditions: the *only* thing you look for are his words that might relate to his death. No just wandering around, looking for pr0n, or anything else. Intimate talk with someone... that's a *very* gray area, since loosing someone could have pushed this... or not.
You, personally, should you take this job, should *only* tell *anyone* what you found that was relevant, and nothing else.
Ever.
mark
There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
I've experienced something similar, and all I can say is that your privacy dies with you. Anything and everything you ever wrote, thought, or believed is now the property of your heirs (along with your other assets and debts). So good hunting, hopefully you'll find something that'll convince the insurance types this wasn't done on purpose (at least not by him). But make sure the family understands they may not like what they find out.
As for getting access to his accounts, links to obituaries are useless, you'll need an actual death certificate, and possibly either a will or a ruling from a probate court stating that a certain person is to be given access to his stuff. That's how it works with banks, I imagine it's the same with email providers and such.
God invented whiskey so the Irish would not rule the world.
What if I were to die in an accident or by my own hand or someone else?
So many of us have our thoughts, feelings and memories digitally tied up in text, chat logs, emails etc.
Is it ethical for someone else to have it? Yes it was meant to be private but that person is now gone, you could lose valuble memories for the rest of the family if pictures are not found.
Example, I'm 30 and obviously a dork / geek (look where I'm posting) - the number of analogue photos of me after the age of 10 are slim at best, the quantity of digital photos of me that family and friends (which family know well!) have is pretty slim too.
To be honest, in death I don't think I care who finds what in my stuff, I'm gone - it should be there for someone to take.
Also on topic: how did this used to work previously? Lock boxes at the post office or bank, pin codes for bank accounts, car keys, safes, things like that?
I honestly think it's a little sad that if I were to die, no one will flip through a nice book of pictures or read handwritten letters to or from me, they'll just have a DVD or two with some files on it, it doesn't seem the same.
As I see things, continuing to keep his secrets would not help anyone, while revealing them has a chance of helping those he left behind. I say, go for it.
One document that's left for my family should something happen to me contains all my logins and passwords, as well as contact info for my most computer-able friends who will know what to do with it all. Your unfortunate situation would not have occurred had that person done something similar.
Slashdot Burying Stories About Slashdot Media Owned
The only thing in that list in which the root password would be useful is the laptop, which you can just boot in in single user or even init=/bin/sh. Or remove the hard drive and access the data on another machine.
His next of kin should be able to get his stuff from university easily enough - the same with gmail/hotmail/myspace though I would expect it to take them forever...
If the family don't think it was a suicide, surely the authorities would be brought in to investigate further, or have they already closed the case as a suicide?
As for accessing his online accounts, again probably only the police would be able (if at all) to access that information.
I understand you need to know, but you'd be stepping into a tough area to worm your way through.
If the person was under 18, I think the parents would have better opportunity of getting access to these accounts with legal help. Probate courts might help also.
I'm sure there would be some sort of precident for this situation.
If you employ the help of hacks and get caught, even as justified your reasons are the reprecussions could be really ugly.
Good Luck.
Life takes interesting turns, but the most interest is when you're off the beaten path.
He's dead. Gone. For all human purposes, ceased to exist.
If you decide to not crack his accounts out of some sort of respect, then what you would be respecting would be your memory of him, not the man himself. He's not here anymore to care if you disrespect him or not.
That being said, if you want access to his online haunts, my guess is that you would need something more substantial than links to obituaries. You would probably have to have some documents that demonstrate you're next of kin and a death certificate, depending how bureaucratic the companies that managed his information are (my guess is very bureaucratic).
In order to rule out possible foul play (no suicide note?), I would say that you're morally obligated to do as much as you can to discover the circumstances of his death, or collaborate with the police to do it. If you find some brooding posts in MySpace, then you have good evidence that it probably was suicide. If not, get more suspicious.
If you saw your friend again, would you be able to explain why you did it? Would he agree with your reasoning or would he feel you had violated his sovereignty? You can still respect him in death, what would he say?
Happiness does not come from having much, but from being attached to little.
The deceased no longer owns anything, his heirs do. If his heirs want your help, there's no moral issue at all in doing so.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Well, if it was suicide, and there was anything he didn't want people seeing, then he had his chance to delete it. If it was not suicide then I think you have to tread more carefully, but in the end the dead have no right to privacy (or reason to care).
For FSM's sake, though, take a moment to "accidentally" delete his porn and such while you are going about this. That's just basic courtesy.
This is IMO one of the silliest questions I've read on /. in some time now. Seeking help on /. for stuff like this is disturbing.
But here is a well meant sound advice: If you don't know how to pull this off then don't even bother trying. Simply because in the process of "cracking" you might accidently destroy very precious data which another real computer expert would be able to retrieve. And should the family sometimes find out about a situation like that then you've really done some serious damage.
For the record; you don't need to "crack" his root password on that linux box. Just boot using a rescue cd (knoppix, ubuntu, whatever) and you'll have full access. But seriously: leave this to someone who knows what he's doing.
As far as the ethical situation, I think it's fine for you to go ahead and do this. Once someone is dead, their worldly possessions are handed over to their family. And since you have the family's blessing, you have nothing to worry about. This is one of the few situations where it's entirely ethical to access someone's private data.
As for whether Google, etc. will help you... well, you can try. I would be pretty surprised though. They often don't help much with normal user requests, so this sort of stuff will be way outside the usual problems they deal with. University may be different though.
...but...
The belongings of the deceased become part of the estate. The estate, with a lack of a will, can go either to the 'state' or to the next of kin (depending where you live). The 'state' usually takes its taxes and give the rest to the next of kin. This means that the laptop and accounts now belong to the family (barring the EULA on myspace and google which, correct me if I'm wrong, state that the ownership resides with them). This means that you are cracking a laptop for an OWNER that no longer has a password (forgotten it, so to speak). There is no ethical issue here.
Gregor
mail or fax a copy of the death certificate along with the police report to whomever he had an account with. Explain the situation and I'm sure they will release the account to his parents.
They're using their grammar skills there.
Boot Linux with init=/bin/sh, remount the root partition to readwrite, edit /etc/shadow to change the root password to be blank, remount / to readonly, reboot.
If you login as him (similar method to blank his password), you might find that firefox (or konqueror if he used that) is remembering his passwords and logins.
This reads as if it were an attempt by a person working a maters's thesis to determine if a pro-linux, pro-privacy crowd would stick with their principles or instead defer to the humanity of helping a family get over a tagedy. Facinating...
Cogito Ergo Sum
My gut reaction would be to check with a lawyer to see if the family can request access to these reasons next of kin. The family could have very good legal grounds to get access to this information.
I don't have a good answer to your dilemma. However, it made me think. What is the best way to implement a Dead Man's Switch on personal data (laptop, online accounts etc). I for sure have some stuff that I wouldn't want anyone to see - even if I was dead (I was young and needed the money).
BTW - Am I the only one having problems with the new Reply box? The nifty ajax based "preview post" always hangs and I'm forced to use the old one.
First off: I am a lawyer, but not admitted to the bar anywhere in the US, so things might be different there. Generally, his heirs / estate should be able to get that kind of information. It probably involves notarized letters, perhaps even a court order, but it certainly can be done.
As to his local linux box, unless he used encryption, that's fair game also. I see no moral problems with either.
"A good friend of mine had her younger brother apparently commit suicide last week."
That's kinda crazy. My sister had me do lots of things I didn't want to do when I was growing up, but she never proposed suicide.
It would be a huge invasion of privacy, even after his death, to go through all his private electronic information, he might have committed suicide for a reason he doesn't want to share with anyone else. I can't imagine losing a family member in such a way, but whatever they might find won't change the fact that he's gone, possibly even make matters worse.
Be very careful and prepared for what you might find...and let the family know, too. How will everyone react if you discover this person had a very dark-side and was into animal-sex, or gay-midget-porn? What would his mother think if there son ended up being someone they never really (or would want) to know?
This reminds me of that movie with Robin Williams, where his job was to review the deceased's life images from a special implant. He would cut out material that might bring shame or embarrassment to the family.
If it were me, I would seek the advice from law enforcement and probably talk to an attorney so you can be issued some form of legal trusteeship, or something like that. Imagine if you discover this person killed someone and you were the one responsible for it's discovery. Now the family sues you for trespassing or identity theft, some something like that.
Just cover your ass and hope for the best, but be prepared for the worse.
...this kind of stuff happens all the time (maybe not the suicide aspect of it). People die and their spouse has no idea how to access their financial records, etc. I've been called upon to dig that stuff out, too. I have no problem with it.
I mean, after all, they're dead.
"I might have made a tactical error in not going to a physician for 20 years." -- Warren Zevon
The Department of Justice has everything on file...
First I would like to send my respects to you and the family. It is never easy to understand a situation like this.
You will be able to crack the root password on the linux box easily since you are local. However gaining access to the remote sites such as Google, Myspace etc. Will be a little challenging.
When you gain access to the root console try to boot x windows and see what stored passwords are available by simply visiting the sites he was a member of. If you can get into one of the mail boxes you maybe able to gain access to the rest of the accounts by sending yourself a password reset.
You can also try to go through the secret questions menu that most popular sites offer and since you know the family and his habits, filling in the blanks shouldn't be to much of a challenge.
If you would like some more help with this feel free to leave me a forwarding email address in your next post so I may contact you.
Hope this helped.
RMS
If you do contact Google, MSN, etc., don't do it through electronic means. Don't even do it over the phone. Do it in writing. Yes, actual letters on paper sent via (registered) snail mail. Include copies of the death certificate, obituaries, etc. Don't use your name and address - you are nobody as far as legal standing is concerned. Channel all the communications through one of the parents - have them sign the letters, use their name and address.
A good friend of mine had her younger brother apparently commit suicide last week.
... but that sounds like a lot of words to describe a hit job. The political correctness is awesome though!
I do not see any ethical problems her. However if you start breaking into his online accounts, you may very well be faced with a whole lot of legal problems. As for the laptop, go for it. Privacy dies with the person IMHO. Same thing as when you read a dead relatives diary or something.
Wether or not he had a will there will be someone who gains ownership of his possessions. In that case the laptop belongs to them... not to the deceased.
As for hotmail et. al. you should probably hire a lawyer to pen a letter to the companies in question describing the situation. The transfer of ownership shouldn't be too difficult.
In the military, there's the tradition of cleaning up a dead guy's locker before sending it home to his next of kin. Remove all skin mags, letters from local girlfriends if he has a wife back home, that sort of thing. Get rid of anything that might make them think less of the dead, they're already broken up about it as is. I'm sure the last thing this kid's family would want to find out about is his furry porn collection.
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
GMail Help Center: Accessing a deceased person's mail
You could take the approach of looking at this from a legal perspective. My guess is that his accounts are now the responsibility of whoever inherits him, and they should be able to get (demand even) access to the accounts.
There are various privacy issues involved, which I personally think should be respected, even if he's gone.
Protecting his secrets isn't just about him. The argument of "he's not here; he doesn't care" doesn't work. He might have wished to keep things private, not just for himself, but to protect others from getting hurt etc.
If I was in the middle of this, I'd probably hire a lawyer. Both to deal with legal issues of getting access to accounts, and also because I'd prefer it if the lawyer went through things, rather than someone closer to the passe family member.
That way, you can have your cake and eat it too. You can get access to the information, but you also respect his privacy.
There is no evidence yet that the person didn't desire to make some things private and their wish should be respected even after death.
You are making a mistake that because someone is dead (and hence obviously can't care) implies that they didn't care when they were alive.
In absence of legal will it is hard to tell what the desire of the person was, but if someone wrote in their will that they want for example their laptop destroyed after their death, it would obviously make it un-ethical to ignore that wish and poke through their laptop.
As the island of our knowledge grows, so does the shore of our ignorance.
Someone should have been made the "executor" of the estate or what not, when I had to do something very similar with my Uncle that passed away - for those that had the keys that were needed, a simple explanation of the situation *AND* the executor waiting in the wings to write a letter/etc.. is all it took. The most I had to go was one time actually having to get a letter - most places took my word on it, including a FRY's electronics store that switched the warranty and everything to my name on an expensive laptop that was purchased earlier.
Essentially - someone should have been made legal guardian, if you will, of everything after the fact. This person is who holds the keys to everything - from I understand, IANAL, this person person more or less gets the power of attorney for everything. Probably defaults to parents or something if no one was specifically stated in a will or what not.
Its not legal to meddle with evidence.
imagine if this was not a laptop but a written diary instead, would you feel different? obviously it may contain personal thoughts and ideas and reading it may change your perception of the deceased however it may also tell you why they did what they did. as mentioned elsewhere in this thread cracking the laptop will be trivial with a live-CD. as for the ethics, if it were me I would do it. especially because they did not die of natural causes. as for the online accounts a death certificate and some legal footwork might get you their account, personally I would just hope they had some cookies for those sites and could log you on automatically (or even a password document).
I don't believe you. If this is actually a questionable case, the Police certainly know people who can do this, and they have legal advice. If you are on the level, you're going to need more than a lawyer.
Don't trust anyone under thirty.
You said that the recently deceased was a CS major. If he was into cryptology, then he probably added encryption to his computer I.E. Truecrypt. If that's the case you will have a very VERY small chance of obtaining any information off of that computer.
The problem is, with free email services, there's no real proof that any given account belongs to a certain person. There are some interesting social engineering implications here...I'm envisioning calling up the Gmail people and claiming to be attempting to retrieve the account of someone who recently died ("I have the death certificate and everything!") when said account really belongs to someone else...
I'd be wary. You might find something that helps friends and family cope, but you could also find things which could cause a lot more hardships for them. People keeps things secret for reasons, and, without some type of "Data Will", they may want those things to remain secret forever. It no longer matters to the person who died, but there are dozens of things a person could keep secret that would cause grief to those around them. Is there anything on your computers that you wouldn't want your family to discover?
and make copies for his family members. After all it is possible that unsatisfied sexual desires were partial reasons for his death. The family has a right to know. Also dig up his MMOG chat logs were he used to be a great hero instead of this promising CS major No. 374229. Even mentioning funeral costs is hypocrisy. You WONT have any additional proofs for an accident if you find NOTHING indicating a suicide on his computer. It more seems like a desperate try of affecting to be reasonable while preparing to rip apart his always intended private parts.
Yes, really.
You're not going to get any advice any here that will be worthwhile, comments of course, but no proper legal advice.
If you're in Britain a Solicitor should be able to tell you.
http://www.seroundtable.com/archives/013645.html
If I were you die today, then my wife(whom is my next of kin) would take on all my legal responsibilities. Therefore, as far as ethics are concerned the next of kin, or parents in this case, have the legal right to the information they are seeking. As far as contacting Google, MSN, etc... Good luck, its hard to prove something like ownership of a virtual location, plus some sites claim ownership of content hosted on their service.
First off, sorry about the loss. Even if the person isn't close to you personally, seeing how it affects the family is bad enough.
/etc/shadow file.
My advice would be to start with the laptop. Boot it off a rescue cd or USB stick and grab all the personal account (including root) md5 hashes out of the
Then run those hashes through a rainbow crack to try and get some clear text representations of the hashes. Info on Rainbow Tables, here, here, and here.
Boot the laptop to a prompt and try all the clear text representations for the accounts and see if any of them work. If they do, then great, you have the passwords.
The passwords themselves are worthless on the laptop (you've already demonstrated you can snoop it without them, as you had to to obtain the hashes). Their value is in the fact that they _may_ have used the same passwords for their email, online accounts, etc.
HTH
I have only the briefest knowledge of the field in my own country, never mind yours, however (presuming you're in country whose law is derived from the English common law system, e.g. the USA) it's likely all property of this man, his laptop and letters particularly, are now intestate. Likely some local authority will have assigned an administrator for the estate. If the young man was still a minor, these probably will be his parents.
If you have their permission, or the permission of the person to whom the administrators have assigned the property (ie the new owners), you can do what you like. The dead have little privacy (indeed, no privacy at all in many places).
To determine what you can do about online accounts, you should talk to a solicitor (i.e. a lawyer in the USA), preferably one who specialises in these things.
I use Friend/Foe + mod-point modifiers as a karma/reputation system.
...then expect more clearings for executive action just before someone uses "they're dead anyway" as an excuse.
Anyway, the submitter had something to do with the death and is posting in this very public place to plant evidence of good intent. Let's hope the prosecution - and it will come to that, if I have anything to do about it - read this comment and find out what I'm talking about.
Just from the submitters headline it seems he acknowledges that it was suicide.
If it's possible it was a suspicious death/accident, then the Police should do an investigation for you.
Would snooping around on your laptop or rifling through your e-mail accounts allow someone to "understand" you? Are you confident that it would portray the facet of your personality that you wanted others to see?
Obviously, this is a sad situation. I lost a sibling to suicide and the bottom line is that I don't think that any satisfactory answers can be had in a situation like this.
Whether or not the privacy of the deceased should be respected might be an ethical dilemma. But I think that if we are realistic about our own selves and what we choose to share with friends, family or no-one at all, we have to admit that breaking into this mans files would almost certainly be a violation of his wishes, and likely raise more questions than it answers.
Absent some purely administrative function like settling his accounts, I would not go this route.
Gmail has a process for this, as do all other freemail services. Gmail's is Here Googling for the others policies will yield results for the others as well.
Keep on knockin'
https://robbiecrash.me
Recently, I have seen quite a few "news" that were actually Ask Slashdot questions posted as news. Why is this not on Ask Slashdot?
thomasdamgaard.dk.
Like he has been sleeping with your girlfriend in the past?
I was in the unfortunate position of recovering some passwords a few years ago -- the circumstances were different as natural causes were clear -- but the concept of the next of kin inheriting the accounts was very clear to me.
First, boot the Linux box in single user mode, or off a USB key or CD. If you have the resources, back up the hard drive before you do anything. Second, change the password of the user account to something you know and can share with the family. Third, open Firefox, and if Password Exporter isn't installed, install it. Fourth, hope that the deceased used Firefox and had it remember every password.
Having gone through this, I would worry that places like Google and Myspace would simply close the account if they found out someone was dead (and had proof like a death certificate) and not a court order to keep it open. Often they say the account and all associated IP is theirs anyway, so there's nothing to "inherit", although that's not a line of thinking I agree with. Some firms are very opposed to allowing their [property|products] cross generational lines like that. Credit cards are the most understandable example.
My brother committed suicide.
If this is anything like what happened in our case, the family is probably grasping at straws right now. It's not just a financial question -- it's a deeply emotional question. The result of a devastated family looking for some small glimpse of hope; trying to find some way to keep sane.
Many people associate suicide with weakness and a state of permanent depression. Just 'giving up' on life. Families don't want to believe this about their loved ones, and will struggle to find some other way to frame their death.
So -- cracking his accounts is not just about finances. It's very possibly about hope, whether false or not.
The problem is the grief is the same no matter what the reason. The guy is still dead, and the family will still have to go through the grieving process.
I ended up examining the contents of my brother's computer three years after he died. Even then it was difficult to see (for me and my parents), and I did come across stuff I didn't particularly want to know about. I decided not to tell my parents about the stash of photos downloaded off p2p, but I did share the essays and documents he had worked on in his last days.
Legally I believe you have every right if you have the parents permission, but in doing this you have a certain emotional responsibility as well. That's where it gets fuzzy. Do I share everything I find? Do I know what I'm getting myself into? Is evidence of suicide just going to hurt the family more?
It's been four years for me. I've since learned that suicide occurs in cases where one's problems outweigh the facilities to deal with them. That sort of realization along with lots of counseling have helped me. I wish all the best to your friends.
1. Your full name and contact information, including a verifiable email address.
2. The Gmail address of the individual who passed away.
3a. The full header from an email message that you have received at your verifiable email address, from the Gmail account in question. (To obtain the header from a message in Gmail, open the message, click 'More options,' then click 'Show original.' Copy everything from 'Delivered- To:' through the 'References:' line. To obtain headers from other webmail or email providers, please refer to http://www.spamcop.com/help_with_headers/)
3b. The entire contents of the message.
4. A copy of the death certificate of the deceased.
5. A copy of the document that gives you Power of Attorney over the Gmail account.
6. If you are the parent of the individual, please send us a copy of the Birth Certificate if the Gmail account owner was under the age of 18. In this case, Power of Attorney is not required.
The problem will be proving that John Doe is the same as rarbazzle@gmail.com to get the contents.
Way back in the day (90's) I worked at AOL. What you would need to get account access for a person who has died is the death certificate and power of attorney. They should have their lawyer handle this and call Google/Yahoo/MySpace whatever. These companies will have a policy in place just like AOL. You will have to jump through some hoops to get access to those accounts but it's doable.
If you don't want to hack in, get the parents to contact the places they want to access and they may have to send a copy of the death certificate to validate the reasons, but I had to do this for the wife of a friend who passed to get access to files online that were important to the family. Once they received the paperwork the places she needed reset the passwords so she could log in and get what she needed.
This happened to me 2 years ago and in the end I couldn't crack any of his passwords in a reasonable amount of time so I went around and contacted each site i needed access to. He put his going away note on myspace and i found the only way to get any account access (not passwords) was court order. I went for 2 of his emails before using them to recover all the other info
The administer/executor of his estate has the legal right to conduct business in his name for the purpose of settling his affairs. I would present the paperwork from the propate court to all those places you mentioned and procede to settle his affairs as you see fit.
You may discover something that he did indeed mean to keep private. And, if there is an afterlife, he may care. If so, be like an ethical telephone engineer and behave as if you have no knowledge you aren't supposed to have.
If you must moderate, please moderate as irrelevent, not something bad, because I'm sure someone will find this interest
I don't know anything about the "how", as its thankfully never come up in my life. But asking if you should do it or not, I say yes.
He's dead, unfortunately. Dead people don't care about privacy. His family however is alive, and going through a very difficult time. If something is in those accounts/files that can provide some answers about what happened, it would help them.
That makes it worth at least trying.
-- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
However, this would not hold true for any material the deceased attempted or intended to delete. Deleted files and sectors are a clear example. History and cache are a grey area -- many people do not know they exist, so cannot make an intelligent decision.
You do realise that without a court order, what you're suggesting is illegal?
Family of deceased military members in Iraq and Afghanistan deal with this all the time. Kid gets killed and nobody knows how to get into his Yahoo (or whatever) email. From what I've read, with very very few exceptions, the service providers will say that they are truly very sorry for the loss, but there is nothing they can do to help you get into the account if the deceased did not tell you how to get into it. Unless maybe you can get a court order somehow ordering MSN, etc. to help you get into the accounts, expect no help there. The university might help you, maybe, with proof of death if a family member (not you) asks to get into his accounts there, but expect commercial companies to refuse to help you because of confidentiality policies they have in place. I'd politely suggest that you think about why you felt the need to ask a bunch of strangers, including me, whether it's ethical or not to crack the accounts. My personal feeling is that since the guy is dead, it's OK, but if you are old enough to post here intelligently about the situation, you should have enough of a sense of ethics to decide this kind of thing on your own without having a bunch of strangers tell you whether it's right or wrong.
The good news is, you can!
There would always be the possibility of putting those wishes in one's actual will. That would give a lot more legal "teeth" to those requests, and make it much more likely that they will indeed be carried out. It also allows exact specification of what is to be done in the "killswitch" process ("professionally wipe the hard drive of any computer I own without accessing or allowing access to any of the information on such drives, delete unread all data in the online account X with service provider Y, then close the account...") Especially with online providers, an actual request in a will would make them much more likely to comply.
Putting it in the will also does make it a legally binding request, so that you do not have to rely on the goodwill of someone after your death but have made your wishes clear and binding. That is, after all, the purpose of a will.
To fight the war on terror, stop being afraid.
I imagine every aspect of dealing with the affects of a loved one who (may have) committed suicide is torture. As others have suggested, you are in the position of determining what aspects of his digital life will be shared with the family, so good luck with figuring out that whole ethical issue.
I don't think there's a moral dilemma with regard to examining his computer. If he left a note requesting a wipe of his system, or destroyed the hard drive, or encrypted anything he wanted nobody to know about, it might be another matter. But there is no such sanctity given to any physical items he had in his position, and comparing digital to physical security matters his family could access any safe deposit boxes, warehouse storage, bank accounts, etc... so, ethically speaking, privacy is for the living.
I don't know what you'd have to do legally to access his online accounts, but ethically, I'd feel no particular compunction regarding accessing those either.
It's a bit of a bummer to be giving this perspective, given my normal beliefs on privacy, but isn't computer-based information a vital part of a programmer's legacy? I don't know how much insight my own computer use would be into my personality, other than demonstrating a refreshing degree of normalcy yet to be suspected by the people around me, but wouldn't scrubbing it on my unfortunate demise be similar to tossing out unfinished drafts/unreleased poetry from an author, sketches from an artist, or such?
just pay technorati a fee and get all this old blog posts.
You finally dreamed up something you think will "make it on /."? Why else would anyone start here instead of with an attorney?
Suicide is ugly. It tears the victim's survivors to pieces. They don't know what to think, what to feel. They want to be angry that the person would do this to them. They want to be sad that the person is gone. They feel guilty because they think there is something they should have done, should have noticed. Most of all, they want it to never have happened.
Ask yourself if you really believe his death was an accident, because anything else you find is only going to hamper the family's pain (not just grief, pain. If you find an explanation it will only breed guilt or anger, they will take even longer to move through those emotions that they would have otherwise.
I was married for two months when my father-in-law commited suicide last December. My wife still cries herself to sleep about once every other week. I understand that they want closure, but they aren't going to find it; and anything they do find will only make acceptance harder.
Seriously. Speak to a lawyer, and then recommend a professional data recovery company to the family. You do not want to get involved with this. Best case, it turns out there's proof it was accidental. I'm not sure how that could be proved, but let's assume it was.
Worst case, you find evidence of... something. Drug use, criminal activity, involvement with a cult, something like that. Whatever it was, it drove him to suicide. Now you're in the position of telling the family that their son/brother was doing something they wouldn't have approved of. Yes, they may be glad to know what really happened, but you'd better believe that things are going to be awkward with the family from now on.
Or, possibly even worse than that... what if it turns out it was something the family did? Even if it wasn't anything illegal or even dishonest... do you want to be in the position of telling the parents that something they did caused their son to kill himself? I wouldn't. I wouldn't want to do that to my worst enemy, let alone people I liked.
Speak to a lawyer to find out the legal issues and what is needed to get information from various hosting services, then suggest that the family contact a good data recovery firm. Have them hire a lawyer to get the data from the hosting services. No matter how much you want to help, restrict it to helping them find professionals to get the data, don't try to do it yourself.
But also I consider myself a decent person. I don't live up to some high standard, but if someone close to me were to find out my darkest secrets, I really wouldn't care.. There's no dirt on me.. There's nothing I'm ashamed of. What I also feel the need to mention is some of my best friends (whose passwords I know) have some very strange fetishes, and sure some of them initially shocked me once I found out, but you soon get over it, especially when you realize they are your best friend and it doesn't change that. Even though it my not be my "thing," I respect them and their enjoyments in life.
I haven't done it yet, but I keep planning to put together a document containing a list of my usernames and passwords so that in the event that I die, my family can do what they want with them.
One other matter is, what is the "being-online-while-dead" protocol.
Do you answer incoming messages on IQC when you're reading the old chats, do you send a mass-message to everybody in the list? Same goes for e-mail.
Privacy is terrorism.
Dear anonymous reader,
Your "good" friend may have murdered her brother as well. From what you say, a suicide is unlikely without some strong reason and without death note. If some information related to such crime is to be found on his account, not only you could be involved in murder case, but you may be in life danger yourself knowing some key information about it, just in case your "good" friend wants to clean up all traces.
There you are, staring at me again.
The current title doesn't follows the great /. tradition of nice, misleading, news titles. I suggest "LAMP may have lead to suicide of CS major"
Boot from a Knoppix or Ubuntu live CD /hda1 /dev/hda1 /hda1 /hda1
sudo su
mkdir
mount
cd
explore away...
Gaining access to the laptop account should be fairly easy and straight forward. While most of us do have e-mail accounts from major public providers (Gmail, MSN, Yahoo!, Hotmail, etc.), they're all normally registered using an e-mail account from our ISP. With the permission and aid from his parents, you could contact said ISP and have his password changed. This can be done with you portraying to be him (The Wrong Way), or being honest with the ISP and informing them of the situation (The Right Way). The Wrong Way would probably yield better results with less hassle. Once you have access to his personal e-mail account supplied by his ISP, you can most likely gain access to the public accounts by going through the automated password reset feature (The Wrong Way), or you could contact the respective providers, inform them of the situation, and hope for the best (The Right Way). In this case, again, The Wrong Way will most likely yield better results. Gaining access to his university account will probably have to be done The Right Way only.
I don't recommend trying to crack your way in to any of the public accounts. If you're caught, you'd have a hard time explaining it all to the authorities and his family will not be able to help much once the law is involved.
It says very good things about you that you even stopped to ask the question. Many would not, either because they wanted to be a "hero" or because they were overwhelmed by the grief of the survivors. That being said, my bias would be to uncover as much information as could possibly be uncovered, especially seeing as how the circumstances of the deceased's passing are not yet entirely clear. As the attainment of said clarity is paramount for legal, moral, and psychological reasons (IMHO), I would view any action taken toward that goal as entirely appropriate.
If you can get access to his laptop - and from what I've seen in this thread, that should be easy, then in Firefox - which, being a Linux user, I'd guess he was probably using - there's a way to get all of someone's saved passwords very quickly and easily. You just go to Tools -> Options -> Security -> Show Passwords -> Show Passwords, and there they all are, in plain-text. To be honest, I've always wondered about this option. Seems like a big security risk, on shared computers. Anyway, hope it's helpful for you.
You'll just invite delay and trouble by contacting service providers. Instead, change his laptop's root password (it's easy: at grub edit the default stanza and set init=/bin/bash and then boot; once in, use "passwd" to change the root passwd; next use "passwd username" to change his user's password; using the rescue environment is slightly more complicated). This assumes he is not using an encrypted FS, which is likely.
Once you can boot into his user account, run the mail client(s) he has setup. They likely have the passwords stored. Voila, no need to contact the service providers.
Ethical? Well, you'll want to check with his heirs, first, but assuming there is no resistance on that front, go for it. It's called archeology when we do it to the Pharaohs.
-- @rjamestaylor on Ello
How would anything that he wrote before it happened prove that it was an accident? It's much more likely that you'll find proof that it was a suicide.
Break into the computer if finding the reason for the suicide is important for the family, but be aware that finding his darkest thoughts (that weren't meant for anyone to read) may completely spoil the memory of their brother/son.
If the police/coroner have already ruled the death a suicide, you are unlikely to find anything on the laptop or in one of his emails that would help overturn the ruling. If it's still under investigation, the family should talk to a lawyer about whether it's OK to do this, and what their responsibilities are, based on what could be found.
The unfortunate truth about suicides is that it's rarely one thing that pushes someone to commit the act. It's an act of depression and desperation that was brewing for a long time.
If you do decide to help, you need to realize that this could be very difficult for you, and depending on what you find, could severely strain your relationship with this family. Is this something you are prepared for?
Your ethics in this case extend to the living, not the dead. "First, do no harm..." might be a good motto here. You are going to be mucking about in some content that might not be what anyone is expecting, but there is a story there and the living want it told-- at least to them.
So long as you are discreet and have the consent of the family, do what you need to do to bring them closure.
I've lost a child. I can assure you that it is important to the family that the tragedy not be a pointless one. A tragedy happened, and at the very least they want to know that they handled it well, that perhaps they are wiser for it, SOMETHING. It's called closure, and it doesn't ease the loss but it does help with the frustration.
My old college roommate also committed suicide last year, and I found myself in a similar situation, as the most computer-literate of his friends and family. I didn't think twice about helping his wife and family get into his accounts, his private server, and his email. There was a lot of stuff in there, such as work for his consulting clients, family photos, etc that were important for them to have, and it was good for everyone.
Yes, getting a court order, death certificate, etc can help - but as far as getting into a computer that you've been given by the family (or a privately hosted machine), you should go ahead so long as you have the family's blessing.
I did something similar for a friend of the family. In my case the family approached me and extended a legal umbrella in the form of a power of attorney from the family lawyer in order to assist me in dealing with sysadmins and such. The family issued a limited POA that allowed me to access and view all computer related accounts. Hope this helps, sorry about your loss.
his wife and family asked me to get into his Yahoo account and ICQ account. There was a secret answer that either resets the password or reveals the password. This was in 1999 so maybe security has changed. The user sets the secret answer. His was the original middle name of his mother. His family gave me a copy of his birth certificate and I got the answer off of it and got into his account on Yahoo and gave the password to his wife and reset his ICQ password and gave it to his wife as well. We couldn't find anything that triggered the suicide. But on his computer the police found in his web cache that he visited web sites about suicide and got an idea from one of them to use a shotgun on himself. He bought the shotgun, and left a credit card receipt in the box, according to his wife who told me what the police found.
He was a brilliant C++ programmer and I had forwarded emails to him about jobs, and found that a year's worth of job possibilities and recruiter email hadn't been opened up and looked at by him. He just moved it to a different folder. Had he responded to any of them, his chances of finding another job would have been better.
I'd explain more but it is too painful to talk about. There were alcohol and drug related abuses as well in his life. He drank a whole bottle of vodka before killing himself. He ignored phone calls and emails for months, and I couldn't contact him.
Oh yeah if he uses Firefox, there is a reveal passwords option in the tools/options/security/show passwords box. You might be able to see what passwords he used, unless he wiped them out and also cleared his password history.
Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
I don't understand how you could prove that it truly was an accident.
If it was suicide, you may be able to find some evidence of this, if he left a note, plans, etc behind in his accounts.
If it truly was an accident, you'd find no such thing. However, it would also be possible for this to be a suicide, and he simply didn't commit any of his plans to electronic media.
I doubt that gmail/hotmail/myspace etc will give you anything, tho if the death is suspicious the police could contact them.
You wouldn't need to crack his root pass, you could just mount his drive in another machine and read his data from it, or change the password, assuming he hasn't encrypted the drive.
You might be able to get into some of his accounts using information pulled from his laptop, and once you have one of his email accounts you might be able to get into other things using reset password links etc..
Also, since you're working for his family, if he's used typically lame "security questions" like mothers maiden name and first pet etc, you should be able to get that information trivially.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Never underestimate the usefullness of an drive image, and therefore the ability to put the machine back exactly as it was.
I have determined that my sig is indeterminate.
Ethically, I don't think it's much of a problem. There has never been much issues with relatives breaking the locks of a dead guys house, locker, or safe deposit box. I see no reason a gmail account should be more secret than private letters in a drawer.
As for the ethical aspect...
I would suggest his computer, the data on it and his online accounts etc, now belong to his family along with the rest of his belongings, in the absence of any will saying differently, so if the family want you to look at it that's their right.
It's no different to someone who maintains a paper diary, it falls to their family after death who may or may not read it at their discretion.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
But that's an asshole thing to do.
Just because you can, doesn't mean you should.
Dickhead.
Last year, one of my roomates died of an accidental medical overdose and since I didnt know any of her distant family I had to go thru the process of getting information from other sources. I had to get this in order to work with the Funeral costs and details. I needed to get access to her contacts and Emails from HOTMAIL and had no clue to her password. I contacted the Hotmail support and explained my situation. They asked me to provide a copy of her death ceritficate (as I was the one that handled the police / hospital / coroner aspect) I was deemed her legal representation. After supplying the document and proof of identication for myself, I was given a copy of her information and emails. It's not as complicated as it sounds, but whoever will ask a provider for the information also needs to be the person on the legal documentation otherwise the provider (most probably) refuse to supply the information. Hope this helps, Doug!
Please never get married - at least not until you understand why "his life is his own business" is so terribly wrong.
Do you have ESP?
As the parent said, booting the system from a live CD will let you in. If this person used Firefox's password manager (and assuming he didn't set a master password), you can reset his account's password from the live CD, then log into the laptop as him, and use Firefox to connect to hotmail, gmail, etc... You could even use Firefox's "Show Passwords" to recover the passwords, if needed.
I think the real question is do you really want to know? does the family really want to know? Having this question answered could cause more harm than not knowing and allowing the family to come to their own reasons as to why. if he has attacked his family at all in any letters or posts there is no way for them to be able to fix what he may have felt they did wrong. personally I would let it be.
Don't just blank the password, save it for cracking. Even if you have access to the system, the password might be the same one used for online services.
I got depressed a bit after every graduation. I evaluated myself on my academic prowess and graduation was the end of a stage. Fortunately there was soemthing new around the corner. I wonder if other nerds experienced this?
A cousin of mine that I was very close with committed suicide in January. It was absolutely heart wrenching. I had no clue she was in that much trouble (she had tried a year prior, but all indications from what I knew was that she was doing much better). I still wrestle to this day with the guilt of not being more involved. Which is why I helped in the situation below...at least I could say I did something.
My uncle (her father) called me 2 or 3 days after she died and in a very rough phone call asked for my help (me being the computer guy in the family). He had literally just found out she had a myspace account, which had contained several recent blog posts regarding her struggles finding a job and some of her issues she had been dealing with. Nothing about her suicidal thoughts were written though.
He had also heard she had wrote on her myspace blog really nice things about him and he wanted to read it with his own eyes. He also wanted to post a comment on her page, as in the days immediately after her death it became quite a memorial for all of us who knew her.
The issue was she didn't allow comments without that person being a friend on her myspace account
He had figured out how to create an account, so I had to break him the news that without my cousin's password, he wouldn't be approved to post on her myspace. Luckly, we figured out her password thanks to help from her partner and was able to get into my cousin's account to approve him.
For me, the ethical thing to do was to allow her loving father to send one more message to her, to read about the love she had for him, and perhaps find some answers as to why she did what she did.
Luckily it didn't have to get to the point of slaving the hard drive and hoping she saved the passwords in IE or Firefox. She had apparently shared some of her passwords with her partner. However, I was fully prepared to go all the way to requesting help from MySpace itself it that was what it took.
She would have wanted it that way, I know it.
I'd suggest something similar. Ask the probate judge to release the computers to a designated consultant, maybe a family friend, who has the technical chops to bypass the passwords (which, as others mention here, is not that big a job) and whose judgment they trust to preserve the decedent's privacy while he digs out anything that might help them.
rj
The easiest way to obtain passwords from websites, email providers and services in this case (and many other cases;) would be to hijack the Firefox and Thunderbird profiles, or equivalent, if the subject used something else for browsing/email. That way you not only get the stored passwords (most of the people store their passwords in these apps without a master password), but you also hijack their active sessions and cookies. Even if he didn't store his passwords, he probably didn't bother to clear all cookies before committing suicide. That being said, I think it's pretty ethically correct to do the family's will and give them the access they want to their son's information. Still I'm not sure how much his family will benefit from this information and if they're not better off without digging through his personal stuff now.
The ethics are the guy has passed, all his personal property now belongs to his next of kin. If they have given you their permission then you have the ethical go ahead to proceed. I think you should in all likely hood prepare the family members before hand and inform them that in all likely hood you may find nothing more to give them closure.
As for his gmail, and myspace accounts you would have a better time hacking them than getting permission from either to access the account, this may include the family. You would have the burden of proof to prove that user is deceased, and even then with a million or so users would they really care about that 1 account, since you aren't law enforcement or anything.
My condolences on your loss.
I am Bennett Haselton! I am Bennett Haselton!
/. is notoriously full of atheists. You might get a bias sampling of answers. I'm not an atheist, so maybe I can balance it out.
Many people use myspace as a kind of diary, and I think it is clearly immoral to read someone living's diary without their permission. As for a dead person, we read Anne Frank's all the time; you have to make the call as to whether they might want have wanted you to. Since you are sharing it to help those who he loved and who loved him, it would be difficult to believe he wouldn't.
Best of all, your secret: nothing extant could extract it.
By 2025 a children's Speak & Spell could crack it.
You can't hide secrets from the future with math.
You can try, but I bet that in the future they laugh
at the half-assed schemes and algorithms amassed
to enforce cryptographs in the past.
My daughter was murdered by her ex-boyfriend two years ago. I had recently given her a laptop in preparation for college and after the police were finished inspecting it for clues it was returned to me.
Fortunately she had stayed logged in to her myspace account and I was able to use the "reveal asterisks" hack to reveal her password. That password led to other accounts & email accounts which then led to more passwords.
Eventually I could access everything - to include the killer's accounts. It was very helpful for me to be able to know that my daughter was exactly who I thought she was and at the same time gain insight into the punk that murdered her.
If there is the opportunity to give your friend some closure then I don't feel that a moral dilemma exists. The dead are just that... dead. The ones that are grieving and in pain are the living. If you can do something that may assuage their grief I feel you should.
Just be aware that what might be revealed has the potential to cause more pain - but that's really your friend's decision.
Good luck, and my condolences to your friend.
JAGga.me ----> Producing video games addressing emotional health and wellness issues affecting teens.
Since the stated purpose is to determine whether or not this was a suicide or an accident, and since the cause of death is not described, and since the payment arrangements are not described, let me start with some assumptions.
1. Death was by traumatic injury.
2. Payment from some third party (generally an insurance company) would depend on whether or not the cause of death was suicide.
There is a rebuttable presumption in many states that death by traumatic injury is accidental, which shifts the burden of proof to the third party. If, in the course of litigating the claim against the third party, the third pleads/brings facts sufficient to overcome the presumption, you should get a subpoena that will open all the accounts for you. I'd avoid cracking the laptop myself if you're going to take this route: you want someone who appears unbiased to be looking through the files. Any destructive change may be considered destruction of evidence, and such would be construed as strongly as possible against the destroyer of that evidence.
IANAL. YMMV. Law may vary in your state.
Personally, I would want people to see everything of my life they wanted to, raw. If you are troubled, you are probably struggling to get people to understand you, and you would probably really appreciate people trying.
Dead people have no privacy rights.
Don't piss off The Angry Economist
--- Just say no to negativity.
There is a good chance that he recycled that password in many places. That will make it *much* easier to gain access to all of the online resources he used.
A good friend of mine died of a heart attack recently.
:-(
I contacted an online directory that was listing him and asked that they took down his profile because he had died. "Sure", they replied, "just give us his password and the answer to his secret question"...
Anything you find in his computer will likely be inadmissible if you have to take a company to court. My advice would be to hire a lawyer before you even touch his computer. If they feel it's appropriate, they can hire a licensed expert to search through that information. With the nature of digital information, anything you find on his system could just as easily have been forged by you as found by you.
The other thing to consider, is what evidence could you find? If he did in fact commit suicide, you may find a suicide note, that he visited suicide related websites, or some kind of correspondence with someone regarding suicide. He also might have covered his tracks.
If this turned out to be an accident, what evidence could you possibly find on his computer? You may find a calendar indicating he had plans for later in the week, but it's my understanding that when men commit suicide it's often a compulsion, and not something they planned out very far ahead of time.
If the family simply wants to know, you can find quite a bit of information on someone's computer. If this is to try and claim money in a court of law, the search needs to be done by a professional, but I have my doubts that a professional could prove anything other than suicide.
Dont take this things in your hands. If you have to ask Slashdot to determine wether to break into the accounts or not, then you are not the right person to do the job. You obviously have no experience in forensics (not computers) or investigations. And obviously it's neither your profession nor have you been involved with suicide cases regularly. There is no way you can handle this, get the right conclusion, stay within the correct legal procedures and not get hurt emotionally at the same time.
Ask yourself: let's say you break into one of the accounts, the bring the evidence to court/the insurance etc. i can tell you, if you did it, it's most likely not to be used as evidence any more. Let's say you find it out. Are you trained in handling relatives? Let's say you find it out but don't want to tell it to the relatives? Do you know how to handle that? What about you? are you emotionally firm enough to really search for something like this?
I actually had to do this for a family one time. The local police department didn't want anything to do with it -- the young man was in the armed forces and died in his residence due to a drug overdose. His parents knew he had been going through a divorce and wanted closure to make sure it wasn't because of his ex wife. As it turned out, he had been dabbling a lot in illegal drugs (as I found out through discovering lot of emails he had between some friends of his). It had apparently been going on for a while and they were satisfied knowing it wasn't his ex wife that had driven him to do a one-time overdose.
"We owe respect to the living. To the dead we owe only truth." Voltaire
The way I see it, if this guy really didn't want people going through his computers after he had died, he would have wiped his MySpace profiles and overwrote the drives on all his computers with zeros in order to wipe out all data. He would also have done everything he could to get rid of anything he might have left behind on Google, MSN, etc.
I write sci-fi for metalheads
Use a boot cd, or add a '1' to command line arguments.
If one has physical access to a machine, it makes little to prevent access at boot time, as you can boot from a rescue CD, or remove the hard drive and read it yourself.
As for the google and hotmail accounts, email the admin there.
No hacking required.
... he'd better start worrying because it means his friend is a resurrected zombie! Run!
Seriously , if someone is dead they're dead. Gone. No more. And don't give that "soul gone to heaven" nonsense. If their left no will then any attempt at second guessing their wishes is a waste of time and effort.
He's dead. He has no rights.
I fail to see where the dilemma is. Is he going to get mad at you? Is he going to sue you? Is he going to press charges.
If the estate says yes, which it appears to be doing, then there is no problem.
This whole thing seems foolish.
I find being offended by me offensive.
If he has an estate (assets to pass to others), the attorney handling it can issue a subpoena to the service providers. (Getting them to comply may be another thing, but it's worth a shot).
Sent from my iPhone
A safety deposit box isn't a bad idea for keeping your important records. In my safety deposit box, I keep the title to my house*, the title to my car, my will**, extra checks, passport, birth certificate, etc...
Having a password list in there, in a sealed envelope for your executor isn't a bad idea. They're going to need a death cert and key to get in there anyways.
*Yes, I'm unusual, I own my own house in the free and clear.
**I have extra copies with my executor and in my house, in my records box.
I don't read AC A human right
When doing this you have to be ready for what you might find and how to handle it. It's likely that there's some stuff that his family would rather not know existed, like porn. There may also be evidence of some illegal activity, which may implicate people besides himself. How might you handle that? As far as actually doing the job, don't start with his accounts on sites. Start with his laptop and school accounts. You can ask the school for assistance and even if they have a policy against it if you ask they should make a backup and let a court decide if his parents get the data. If he's a minor this should probably be a sure thing. On his laptop, make a backup of the harddrive image. Then always work with a copy. It's likely that if you can run a web browser with his config files it might remember his passwords for the sites you are interested in, which would save you a lot of work. If he's uber security minded you're in for some hard work. With the sites he has accounts on you can try figuring out who else might have some sort of access already. If you found one MySpace friend on the private account you might persuade them to let you look at it through their account. Or maybe just give a summary of some stuff on it that they think might be of interest if they feel like some of it is secrets that should die with him. As far as trying to crack passwords for accounts, I have no suggestions. Try to work around having to do this.
"proof of accidental death would change how this was viewed in terms of paying for parts of the funeral"
nice family. tons of unconditional love, clearly.
I don't know if anyone mentioned this first because of all the ajax hoopla we have in /. these days but for the love of god:
*** Make a backup of everything before starting ***
No matter what, these are the last things his family will have of him, and even if its painful to the level of not caring right now, they will want it in the future.
On a personal note. If I were to die, even more so if I were to kill myself, my passwords and permanent digital signature left behind for all time I consider to be a treasure hunt or challenge to those who are left with the ability to hack a password. And just to add to the trail. Some of my passwords have characters like "âOE" (homeplates) somewhere in the range of extended characters and behond in them. Good luck brute forcing those ones hackers. I will be laughing from beyond at anyone who tries to brute force any of my passwords... Laughing! Of course in 500 years brute force & other methods will probably have advanced guess them in milliseconds.
As much as I hate to say it, some of this will require an attorney. To get access to his Gmail, MySpace, etc. you will need to have his estate contact the operators of those services and explain the situation and make it part of an investigation. They may be understanding and cooperate, they may not in which case you'll need to get a court order.
His PC, on the other hand, I would make an image of the HDD (ghost, acronis, etc.) and make a working copy to try to crack - if he was as good as he sounds, he may have experimented with countermeasures, and you wouldn't want one of those triggering a reformatting.
Define up front who you're doing this for. Get written permission from his estate/family to break into his PC. Get written requirements on what you're to look for (which could include "everything") and find out what their limits are for disclosure. Example: if he was from an ultraconservative family and you found emails indicating that he was gay, would they want to know or not?
The business you're stepping into is a dark one. This isn't a "cool" or some type of novelty. Trust me, dealing with secrets loses a lot of its appeal when the realization of the responsibility sets in. Be professional, be discrete and be honest.
Oh, and another thing - just a personal note - I wouldn't take payment for these services.
I hope this helps.
DISCLAIMER: This post was not checked for speling and grammar- if you complain- you're a whiner
Why in the world would you go to the trouble of brute-forcing the passwords when you can simply pop an ubuntu CD in the drive, mount the filesystem and bypass the passwords entirely?
It's something that's got me slightly puzzled, to be honest, but you can chroot into someone's root user account just by popping in any live cd. Short of having your root / home folders in a cryptoloop, any physical access to your machine can reveal all your files to someone stubborn (and smart) enough to want them.
As far as ethics, what's the difference between looking through a deceased's computer files versus looking through all of his stuff in his college dorm room, finding the key for that safe-box he had? Just pop in the CD, hook an external drive, and backup all the files to it so the family can sort through it.
---- I am certain of only one thing : I know nothing else.
I think the ethics of this situation are debatable, and they're actually being debated in a few threads. Mostly, though, I see people here saying "the legal owner of the property said you should do it, so it's okay." If you said or thought that, I think you need to take a hard look at your mind and figure out why it is that you think that legality is the same as, or more important than, being ethical. These answers actually help me to put into perspective the way laws are presented in corporate environments, where they are typically called ethics but are anything but.
"I zero-index my hamsters" - Willtor (147206)
If he has ANY Windows computer, you should run Cain and Able on it to see if he stored any passwords, even by accident on that machine. Or on any family member's computers.
.conf files, and see if there's plain text passwords in any of those. Any password has a likelihood of being used for multiple accounts.
:-)
MSN log files, IRC log files, all that shit is gold.
Ignore anyone here who suggests what you're doing is wrong. You're helping a friend out in a difficult time, bust out the l33t skills and crack this shit.
Look for random scraps of paper around the desk, there might be passwords written on that. Especially if it's a worn looking piece of paper.
Look in
Go through his browser's cache, history and cookies.
Watch the movie Hackers, and go into his Garbage folder.
Run an undelete application that looks for files that he may have deleted, but only the reference data got removed.
Get password files off that computer, and get them onto your computer, and run a brute force cracking app against it when you get desperate.
Then try variants of the passwords that you do know. So if the password is "elephant", try "Elephant", "ElephanT", "3l3ph4nt", "3l3ph4nT" in other cases.
If you can get into his email, you can probably get the passwords for accounts like MySpace by doing the "I Forgot my Password" option...
Good luck, may the force be with, live long and prosper, in Soviet Russia computers hack you, a naked petrified hot gritted Portman welcomes the overlords, hack the planet!!
Take an image of the harddrive, before making any changes. There's just so many ways to lose information (browser cache etc) when you're trying to do something like this.
Derek K. Miller on digital executors "Derek blogs about all aspects of his life, from his hometown of Burnaby B.C., to his kids, to his cancer. At the beginning of 2007, he was diagnosed with cancer and he's currently fighting stage 4 metastatic colorectal cancer. One of the things that Derek has been thinking about his digital legacy, and what should happen to our web presence when we die. Do we need to appoint a digital executor to oversee our online belongings? Someone who would know all of your passwords and keep up the payments for your domain name, for example, so your site would live on even after you have gone?"
I know it sounds like a strange thing to say, but as a former PHP/SQL programmer myself, programmers put much of who and what they are in their actual code. I have, on more than one occasion, vented about the frustration of work and even life in general inside of my actual scripts and code using comments (that are generally for helping other people understand your code). It is almost as if I thought that whoever was going to come behind me and work on my project might just understand my problems better than the average person (computer-geek elitism/isolationism). So, if I were you, thumb through his code comments - it seems like the least intrusive start. After all, code comments are meant to be read.
Dead think? Has anyone gone, AND returned AND provide irrefutable, non-faith-based PROOF. Some deaths are violent, some peaceful. Death is a transition of SOME sort, and we don't know WHERE the soul/spirit/mind will go. Some believe untimely or painful or wrongful deaths cause the sould to be "hungry", evil, or grounded to Earth. So, depending on the cause of this person, he may or may NOT want people rifling through his computer.
For legal, and mamby-pamby-assed humans-on-Earth reasons, it's either said, "Don't disrespect the dead", don't speak ill of the dead, or dig DEEP for whatever information can be found.
NOT ONE OF US alive knows what the dead/departed/physically-separated think, know, or are located. NONE of us. But, human laws on privacy will generally prevail based on the locality.
In some countries, suicide is (no disrespect intended) a grave insult, and the surviving family members are faced with the bill for dealing with processing the body, recording any facts, and so forth. So, the family may get more than they bargained for. Who knows what family secrets or privacy revelations may occur if information is leaked?
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
...in one column he talked about what he wanted to happen when he died -screw the $$, the house, the cars, he couldn't care less about those: JUST WIPE HIS LAPTOP PLEASE before it's given to any next-of-kin.
-Styopa
Disclosure: I have nothing to do with them apart from being a very satisfied customer.
You don't have to discover his root password, just set it to whatever you want, or remove it.
My brother died the day after this past Christmas. While organizing his things, I had to shut down his internet account, his XM radio account, etc. It's a hard thing to do emotionally, but from a customer service perspective there was very little resistance from the service providers for this.
What I would recommend is to protect their dignity, whatever you decide. If you find pornography, delete it. If you find sensitive documents beyond a possible suicide note, use your better judgement or let the family decide. But regarding your question about accessing their accounts, I feel it's okay to do so provided you're doing it for the family and not to be invasive.
Darryl L. Pierce "What do you care what people think, Mr. Feynman?"
A quick way to grab all of his saved passwords:
.mozilla/ directory .mozilla directory to .mozilla.bak/ or something .mozilla dir into your homedir
1. mount whatever device his homedir is on
2. copy off his
3. back up your own
4. copy his
5. open firefox
6. edit > prefrences > security > saved passwords > show passwords
That should give you a good enough head start to look into whatever websites he frequently visited. Also might be good to dump his entire homedir just to poke around for notes or papers he may have written recently. Using cp -p will preserve timestamp information.
Also, to get access to his university accounts, if the password isn't in his list of saved web passwords, it should probably be in whatever email client he was using.
Also, as a side note. Fuck ethics and morality. Any confusion or uncertainty over something like that has the potential of causing even worse long term damage to family members. Good luck.
If you do this to somebody dead 50,000 years, it's called paleontology.
If you do this to somebody dead two thousand years, it's called archaeology.
If you do this to somebody dead a hundred years, it's called historical research from primary sources. (Letters to and from dead folks are found and auctioned, or donated to museums or estate, all the time.)
Vintage computer games and RPG books available. Email me if you're interested.
Should have used this service.
The executor or administrator of his estate has the right to gain access to his accounts. A court order from the probate court may be required to convince the service providers to cooperate.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
If it were me, i wouldnt mind. I would actually have left a bunch of carefully crafted trails, so you can deduce why everything happened. Unless I died by accident. Then you would have to do with my "If you are reading this and you are not me, then I assume you have cracked up my e-mail password" e-mail. Quite fun to write.
While there have been multiple instances in the past of providers such as AOL and MSN refusing to give passwords to next of kin under the auspices that the account was licensed to the deceased, and the license does not survive death; you can always bring up that the deceased was a minor, therefore the account is legally licensed to the parents, not to the minor, so the parents, being the licensee, should be able to get the passwords reset.
Another non-functioning site was "uncertainty.microsoft.com."
The purpose of that site was not known.
totally unethical If the person had wanted you to have the data they would have given it to you. Most email providers have clauses in their user agreement that the accounts are non-transferrable upon death, as they should. This is to protect privacy. Of course if you are a soldier killed in war, yahoo will happily ignore its privacy policies. http://yro.slashdot.org/article.pl?sid=05/01/12/1513231&tid=158
I wouldn't try to "crack" the root password exactly. I'd pull the drive out and mount it externally in a USB chassis to another system running Linux, and access the contents of that drive from there.
This will work as long as he didn't use whole-disk encryption...which is unlikely.
If he kept his EMail archives locally in Evolution, Thunderbird or similar, getting to it will be fairly simple.
You'll get this done faster if you have a Linux geek help you out. Try his school's Linux club, or a comp sci professor.
As to data held in something like GMail or other online accounts, you might need to have somebody declared executor of his estate and then apply for access in writing to the data from the providers...suing if necessary I guess.
Lots of options here.
first try to crack the passwords on his machine. If you can get any passwords in plain text write them down. He may have reused them. If you can get into his profile, its possible he set his cookies to auto login to his websites.
Next try to get into his email. Call the provider and ask about your situation and find out what the rules are with out ever telling the operator your name or the account name. If the info they give you will not help you, hang up and call back pretending to be the deceased. They dont know he is dead yet.
Get the birth cert, social security number, phone numbers and addresses (current and past), birthdate, drivers lic, mothers maiden name. Try calling from his home phone, or be near that phone when you make your call. Just pretend to be an average user that cant get into your email. Reset the password.
Once you have the email account under your control you can just request a password reset from most of the other services.
Basicly steal his identity, if they cant prove you are not him its hard for them to not let you in. Just play dumb. Dont say you forgot your password, tell them that your email is broken because your account won't work.
Im a gamer, not a grammer major. This post is full of spelling and grammer mistakes.
For the linux box you don't need to "crack" anything.
/mnt/systemdrive or whatever) then: /home
Boot to linux rescue mode, mount the system drive, chroot it (# chroot
# passwd
and set a new password,
cd to
ls to get a list of accounts
reset the password for the rest of the accounts.
then reboot and remove cd.
It should take under 4 minutes (for 2 accounts) and require nothing more than a distro's install cd. You can do this using knoppix as well.
Physical access pwns all.
-AC
With a death certificate and whoever was designated as the executor of the estate, they should be able to contact any of the services(hotmail, gmail, etc), and get the passwords reset. Probably not a typical hotmail request, so it might take a while, but I would imagine this would work. It really will depend on your states laws though.
His parents can work with each site to obtain a password. Most will do so with a death certificate and proof that you're the parents, like a birth certificate and a drivers license.
-- botsex is {grep;touch;strip;unzip;head;mount}
I am not a lawyer but my advice to you is to very methodically contact any companies involved.
You should identify yourself in any communications as "Joe Blow acting at the request of the executor of the estate of John Doe." Don't expect an e-mail to customer service to gain you access to accounts. Ask what you need to do. Most likely they'll want you to mail or fax a copy of a death certificate to a specific group within their company.
If they stonewall you, then go to a judge and get a court order. Keep in mind that in this particular case you are investigating whether or not he killed himself. This means that a subpoena would be very appropriate and should be very easy to come by. If you have money but not time, hire a lawyer to do this. If you have time but not money then do a little preliminary research on how to file a subpoena then go to your local courthouse during a down time and chat up the clerks. Most of the time they are nice middle-aged to older ladies. Dress appropriately. That means at least a shirt and tie, maybe a sport coat. If you do not keep facial hair, be clean shaven. If you do keep facial hair, be sure it is cleanly trimmed. They should be able to help you file the documents with the court and have a judge consider them. It is very likely that the judge will issue the subpoena after reviewing your brief.
Remember that at this point the wishes of your dead friend are determined by the executor of his estate which is most likely one or both of his parents. So if they say to do something then what they say is considered to be his wishes.
logging into his laptop directly, while extremely convenient, is just asking for evidence distruction!! you could squish SO MUCH -- the real password (should you choose to crack it later and find that it's something like "ihatemylife"), his browsing history, atime on files, etc. you've only got one copy... instead, why not just mirror the hd somewhere first and mess with that? if you've got a Unix-like OS, just (dd if=/dev/[hd] of=~/localfile && losetup /dev/loop0 ~/localfile) as root and then poke around all you want. (you could use Qemu to run the disk-file as a virtual machine.)
Do NOT boot your friend's machine. Make a full binary copy of the disk and then use that as source of forensic information.
The swap area and free blocks may contain old and precious information. I've extracted account information from discarded disks which didn't live in files.
Heck, your friend could have decided to write a suicide note and then deleted it.
quite clearly that no online accounts should be accessed.
They don't need access to my personal correspondence and there will be zero confusion or ethical dilemmas. If they ignore it they will flat out know they are doing wrong and cannot justify it. I don't expect anyone to do that because I trust them, the point was simply to make my wishes clear.
The police would of course be okayed to look at the info (they wouldn't need my "permission" anyways) if there was an investigation.
But I simply do not like the idea of anyone rummaging through my personal contacts, there simply is no need (outside of a criminal investigation)
Of course I am not going to commit suicide so that is a stipulation I suppose.
you should bang her
His private e-mails / blogs / documents may very well contain a will of some sort, or perhaps a note that contains his preference of burial/cremation/etc.
It is your ethical and legal obligation to make a good faith effort to review his private documents.
I agree with the parent.
I would think that all possessions, physical and intellectual, go to the next of kin. So if they WANT to crack the password encrypted files they should be able.
Of course, if they decide not to in honoring the person's wishes, then so be it.
..........FULL STOP.
My thought when I first read the original poster, was how do you prove "not suicide" ? ... I had not considered the foul play option... If that is a suspected possibility then he should not play Scooby-Do, but give the job over to the cops... If that is not a consideration, then basically he can only "prove" support for suicide with evidence, he can not prove "not suicide" by lack of evidence (he already has that)
waiting for ad.doubleclick.net
"happy successful people don't just off themselves for no reason and without any sort of note or indication that things were not going quite so peachy as believed"
Ok, some corrections here:
1. Happy people, successful or not, probably won't be committing suicide. Am I a happy person? As much as you might think you can deduce, no matter how well you know me, you cannot tell. So, the crux is that obviously, he wasn't happy and just put on a good show to make those around him comfortable.
2. The vast majority of suicides leave no note. Of those who do, a very large percentage of those notes are attack notes meant to hurt those around them. If you've ever read one, the last thing they do is bring closure.
3. If someone genuinely wants to die, they won't give a call for help. More likely, they'll just give it a go.
4. If someone is depressed, they do indeed off themselves for no reason -- that is unless you count, "I have enough energy today to actually do something about it" as a reason.
Suicide isn't like some movie story. It isn't romantic at all -- there is often no cry for help, usually no note, and almost always no closure for the victims (those left behind).
I say go for it wrt cracking his passwords and such. I see no moral issues as your intentions are noble and you were asked by his family. As for myspace et. al. giving you his password, definitely not going to happen. You need to be a Chinese government official to pull that off :)
I've been in the unfortunate position in my proffesional capacity of having had to deal with similar circumstances. This advice pertains to the UK and milage may vary and IANAL...
A member of staff committed suicide with little clue left as to the reason for the family. We were approached to see if they could access the persons e-mails and files to see if there were any clues - more for their peace of mind, but there was also a question mark over the case from the police for a while.
The police never needed to approach us for access in the end, and the family were also satisfied without it, but we had to carefull examine to situation to be ready before that.
The conclusion reached (after legal advice) was that the "appropriate authority" in the circumstances to decide on access or not was the executor of the will, pending the formal handing over of the persons effects to the people listed in the will or next of kin as appropriate. At which point the relevant authority would be passed on at the same time as part of the 'belongings' of the person.
We therefore advised the executor of this and if it had been requested, access would have been arranged in "suitable circumstances" for the relevant authority to have access to the files. The "suitable circumstances" would have varied depending on any pending legal investigations and various other issues, but could have included a designated impatial witness to the access and/or copying the relevant content to a separate Read only media before making it available to the appropriate authority.
In summary - tread VERY carefully, get legal advice, respect the wishes of the living, and be prepared for any access opeing a pandora's box which the family may prefer not to know about after all - and don't put yourself in the position of knowing something but facing the moral question of if to pass the info on or not!
It was more entertaining to assume that it was a suicide.
I write sci-fi for metalheads
With my brother - it was a tragedy for sure, but my advice would be to hire and retain a lawyer. You pretty much need one to sort out all the things he left behind anyhow since some debt collectors would love to have other family members pay off their debts.
I get the feeling that most people here have never faced one of their friends or loved ones committing suicide. Unfortunately, I have experienced the former, and I can't imagine what it must be like for the latter.
Suicide is the worst type of death to have to deal with, as it leaves everybody around the person in limbo. At least with an accidental death or a death by illness there is some comfort, either that the death was not intentional, or that the person went out fighting. But suicide, particularly when there is no note, leaves you none of that.
I can't speak from a legal standpoint - among other things, I don't know what country you're in. But from a moral standpoint, since you have the blessings of the family, opening up those files and passwords is exactly the right thing to do, not only for your friend's family, but for yourself as well.
In a very real way, regardless of how shocking what you might find may be, you can only make things better all round by doing this. It will bring everybody out of freefall.
Robert B. Marks
Author, Demonsbane in Diablo Archive
There's no delicate way to say this, but in cases of "apparent suicide" of young men, it's worth considering the possibility of autoerotic asphyxiation. It causes not insignificant numbers of young men to hang themselves to death each year unintentionally.
>> NOT ONE OF US alive knows what the dead/departed/physically-separated think, know, or are located. NONE of us.
Given the total lack of scientific evidence for an afterlife, I do think it's a pretty safe assumption that the dead don't care. To me, that assumption is as safe as my other assumption, that the sun will rise tomorrow. NOT ONE OF US knows for certain that it will - not for certain. But, based on the evidence available, let's just say that the odds look pretty good for sunshine.
As a bit of unsolicited but hopefully constructive criticism, I have to say, capitalizing roughly every third word or so is going to cause some people to perceive you as a raving lunatic. I'm not one of those people, but... you might want to think about going a bit easier on the caps.
My dear friend Jim committed suicide two years ago. He was the god father of my son, and a partner in work and fun. He also introduced me to Slashdot, and ushered me through my newbie days.
For some reason this thread just made me want to mention his name, so he is not forgotten.
Be kind, for everyone you meet is fighting a difficult battle. - Plato
I certainly wouldn't want anyone getting unauthorized access to my data after I'm dead. In fact, if I knew I was going to die, I'd delete all my online accounts and destroy all my hard drives, perhaps with the exception of anything that I would like to share or that others would find useful, which would be put on something unrestricted and readable, if it wasn't already publicly available. If he wanted something to be found, he would have left it where someone else could find it. If he deleted Suicide Note Draft.doc, it's because he didn't want anyone to see it.
Maybe I'm weird but I'd roll in my grave if someone pwned my files when I was dead. I don't hide things I want to share, and I don't share things that are private, this is all very straightforward to me. I'm not trying to flame or troll or anything. This is just my opinion, and I welcome any comments on it, because I really don't get the general theme of "go ahead and break into the dead guy's personal files!" in this discussion.
I'm also reading in this discussion that a relative can obtain a dead person's password from most services by submitting the appropriate paperwork. Where can I learn more about this? I will request that this not be possible for my accounts if necessary.
"When information is power, privacy is freedom" - Jah-Wren Ryel
How is booting linux single and resetting the root passwd "cracking" the root password?
How come people give mod points to IANALs who attempt legal advice?
No! I've never seen Ghost Whisperer.
Yes! When cornered I blame my extensive knowledge of the show on my wife.
So you think you don't need a WILL because you're only 18, or 30?? I had a client who was 29 and in the middle of a divorce when he stroked out. Because the divorce wasn't finalized, his not-yet-ex-wife got his money and life insurance instead of his kid!! See a lawyer and have it done right (and BTW give the lawyer a sealed envelope with all your passwords and instructions for dealing with your data).
Let's be clear - this person is dead. Any investigation of anything is only for the family(or whoever pays) and not for the deceased, so what he may have wanted is quite irrelevant *to you*. This is all about the living, not the dead.
That said, IMHO it's inappropriate for them to ask you to prod around his private affairs just because 'you know computers'. It's not like that's a rare skill nowadays. I think they should be hiring a private investigator for this if it's all that important to them. It puts you in an awkward and potentially dubious position. What if you find a terrible secret? How does this impact your relationship with your friend?
Nope. Consider doing their taxes for them perhaps. Let the professionals do their job.
DT
Think if he is a minor, then everything he had is property of the parents.
If he was not then get a court order.
I've heard of such arrangements, but they didn't involve burying it.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
you're facing a difficult ethical dilemma, so clearly you made the right decision by asking for help from a bunch of anonymous internet forum morons.
In addition to conspiracy theories about how Microsoft and the RIAA conspired to kill your friend's brother, you can expect to recieve such insightful gems on your crisis as, "in soviet Russia, myspace suicides you."
Ok, I admit I have only german law as a reference, but I can't think of any reason why this should be different in other jurisdictions. As far as I know, as long as he didn't leave a will stating that his accounts are to be deleted without anyone opening them upon his death, I think his parents are his legal heirs, provided he was not married and didn't specify otherwise in his will. So I think of they contact google, myspace and all the other places he held accounts at, and provide proof of his death and proof that they are the legal heirs, I think chances are very good they will be access to his accounts. Chances may be even better if they explain the circumstances as you did to us. I would try a few obvious passwords and ask around among his close friends if they have any suggestions, and then contact the companies as said above. As for the laptop, that's just the same. His parents inherit his laptop including all data on it and are free to do whatever they please. I haven't taken into account morality yet. From a moral point of view, if I were you (as his friend) I'd check out everything on my own first and make sure there was nothing that might make his family hold his memory in disregard but isn't really relevant, like his porn stash maybe... But don't just delete stuff, save it on a DVD, and should it become relevant you can "find" that disk later behind your desk or something. But apart from that I think it is more important to help the living cope. Your friend is dead now, no matter what, I don't think he will mind.
After reading the post and some of the replies I wanted to try and provide some insight on a few things. First of all I should mention that I'm a coroner in British Columbia, Canada, so not everything that applies here will apply in other jurisdictions. However I hope I can still be of some help. In regard to suicide vs. accident, there is typically a presumption against suicide and the coroner or medical examiner should have some substantial evidence if they are going to rule the death a suicide. Having said that, suicide is a lot more common than most people believe. For example, British Columbia has a population of a little over 4 million and we see approximately 500 suicides per year. Contrary to what some people are suggesting there is usualy no suicide note. Also, the person is not always known to be suicidal or even depressed. Sometimes a suicide comes as a complete surprise to family and friends. I would not say that this is the norm but it definitely happens. Evidence of a suicide can take several forms. Ideally there should be a history of some kind to support that the death was a suicide but I have had cases in which the circumstances of the death were such that it was unreasonable to conclude that the death was anything other than a suicide, even though the person had no history of depression, suicidal ideation or behaviour that suggested they might harm themselves. As far as the information on the computer, I have taken information from people's computers and in one case seized a computer to get further info from it. I do not see an ethical issue with this if it will help to determine the manner of death. My only suggestion is that the coroner or medical examiner should perhaps be contacted to see if they are willing to do this. They may not be willing to get involved if they feel that they already have sufficient evidence to classify the death. Also, I do not know if the coroner/ME in your area has the legal authority to do this. Still, if the family strongly believes that the death is an accident and not a suicide they should talk to the coroner/ME about their concerns. When family members have raised such concerns with me I have found that sometimes they have very useful information or insight that can have a significant impact on my investigation. Other times it is clear that they are just not willing or able to accept the truth. As far as legalities, I can tell you that here in BC (and I suspect in most cases) it is the same as most people have stated - the things that belonged to the decedent now belong to the estate. The executor or legal next of kin will likely have the legal authority to give you permission to do what you are talking about. Having said that, I will give the standard IANAL disclaimer along with a reminder that laws can of course vary from one jurisdiction to another. NOTE: sorry about the wall of text. This is my first Slashdot post and I haven't yet figured out how to make it appear in paragraphs the way I wrote it.
As I said twice already, I made a typo. Obviously those services do NOT ask for next of kin.
For he today that sheds his blood with me shall be my brother.
... don't do anything which could alter the drives. This means don't boot up his laptop, etc. Correspondingly, you probably don't want to log in to Myspace, as that might trigger "Oh, he was active ___" things in logs; I'd rely on Myspace (and so forth) to provide the data to you in a way which is forensically sound.
Better yet, hire a computer forensics expert to advise you. (Local lawyers may know some good expert witnesses?)
I'm not a forensic investigator, and I'm not even certain such policy as I mentioned is sufficient to prevent pooch-screwing the evidence (or lack thereof). Make sure you document everything you do, especially since if you've had access to it the insurance will question whether you deleted evidence of his suicidal intent. You, being a friend of the family, might not be sufficiently separated from the INTERESTS of the estate to be considered neutral enough.
Get a lawyer, find out what they feel you need to do to establish that it wasn't suicide, and to protect the evidence from contamination.
As for the ethics of {someone} poking in someone else's machine after death... I think that proving that there was no suicidal intent (and thereby greatly benefiting the survivors) seems like something I'd want people to do.
Strange that the inquest (if there was one?) ruled it a suicide, though.
I had a similar dilemma recently - the brother of friend of mine committed suicide, with no note left the parents or my friend, and they were in search of any information he'd posted online as to how he was, what the reason was, etc.
Being asked to hack into his computer, hotmail account, etc I politely declined - instead opting to explain to them how I would go about it. As they were family, they were best placed to answer the password-reset questions hotmail asks you when you've forgotten your password (I would usually get this through a bit of social engineering) and they managed to get access. A 'boot-and-root' linux live-cd got them access to his laptop.
I don't think they found anything which helped with their grief however - so whatever you do decide, any expectation that an answer will be found may end up hurting more.
IANAL, but do have some very basic experience. AC because I am too lazy to sign up for an account, but I'm a regular reader :)
Here in Canada, as soon as you have tampered with anything, the evidence is not admissible. When searching for evidence, the first thing we are required to do is notify the authorities, and they have a process which we follow. If you don't follow their process, any evidence you find is moot.
The only reason I'm suggesting this, is in the off chance you find a death-threat letter in his email/IM history/etc. If it were to go to court (again, in Canada), the author of the death-threat-letter has a strong case against you, that you framed him and tampered with the evidence.
What if you find out something you didn't care to know?
0. You didn't ask for technical help, so I won't offer.
1. The funeral payment help could be a relative that doesn't want to have anything to do with a suicide. That was the case with the one similar event I am familiar with. If there is no insurance that is being denied, or a murderer/negligent party, then legal issues of proof aren't necessary.
2. I would take the advice that several offered to ask the family what they would want to know and what they wouldn't, before you start.
3. Most importantly: Even if you believe that there is no afterlife and that therefor there is no privacy to intrude. Funeral rites are at least partially if not all for the living. We feel better that we will be treated properly if we see others being treated properly.
This probably will be lost in the sea of comments, but I wanted to say one thing about a possible explanation.
I am a fresh CS and Math double major from a Canadian university. I have been extremely successful in my courses, side projects, and I have landed a very good job.
I should be happy right? well no, I am not. I am lonely, socaially awkward, and I don't feel like I fit in anywhere.
To be frank, I have been fighting a depression and suicide for several years, and I have attempted to take my own life on a few occasions without explanation. This is the nature of the beast; there is no warning or explanation of why I felt this way.
If he was like me, family are oblivious or are in denial to how he felt, and to them it would seem sudden and unexplainable.
Maybe I can provide some insight, as a close colleague at work died last year in a tragic outdoor accident.
Basically, what it boiled down to was as follows: The family/next of kin have right to access all of the deceased person's personal files, emails, etc. Company property is exempt of course - for IP reasons. The system administrators should release a copy of the person's email mailboxes, and all other relevant files to the next-of-kin, after examining that no business-relevant data goes out.
They will not and should not release anything to you, you're (iirc) not related.
I am sure there's a procedure in place at Gmail, etc. to deal with such a situation, as this is not the first time something like this happens.
The more important question is: does the family really want the information? That's an ethical and moral question, and only they can answer that for themselves. So, if they ask you to hack the root account, it's OK for you to do so, but keep all you see private to the family and yourself, and don't force any information on family members who don't want to know. Let them decide.
Disclaimer: I'm not in the US, and assume you are - so the legal implementation may vary.
I fail to see how going trough his files and service accounts could prove that his death was accidental. Lack of a suicide note or plan won't convince insurance company that his death was an accident if they want to claim it was a suicide.
If anything you could find proof that it was suicide. Maybe it would be better for his family to contact some kind of counselor before deciding if knowing is better than not knowing for sure. Funeral cost come and go but knowing wrong things lasts forever. If he did nothing that seems like preparation for leaving forever, I would think that he was not planing dying.
As a strictly ethical problem, I believe that honestly questioning your moral right to see his personal information makes you a person who can be trusted with such a task. But do it only if you know you can keep his private things confidential. Nobody needs to ever know about what kind of porn he was into or if he did drugs. Those things are none of anyone's business. However, if you came across something indicating him of a crime, it would be up to you to decide if telling the police would be the only right thing to do. I would think that only violent crimes would be worth it. Broken or stolen things can be replaced, but physically hurt people deserve closure, even if their assailant was already dead.
And one day will get into trouble, or will create it for somebody else.
A person I knew was having an affair with a woman without his wife knowing anything about it. After following the respective legal procedure somebody else was named the person responsible to execute the will, pay debts, etc. on behalf of this person when he died.
Very sensibly (IMHO) he decided not to tell the wife about the extramarital life of this individual, all of which was documented to excruciating detail in one of the email accounts of the deceased person.
Thanks to this, the wife kept an unblemished memory of her husband, was not consumed by the bitterness of betrayal and had a positive role model to present to her children.
Just "hacking" (I would say cracking) the accounts would have most likely exposed a lot of innocent people to unnecessary pain (since after all knowing all this would have served no practical purpose).
There are legal procedures in place for a reason. Only somebody monumentally careless can suggest to do things without weighing carefully the possible consequences.
IANAL but write like a drunk one.
... and don't get on the way of complex ramifications of legal, moral and emotional character.
IANAL but write like a drunk one.
I'm evil (not really). Please tell me how to do the same stuff you're telling the parent. I PROMISE, PROMISE I'll only do good things with it. Sincerely, Script Kiddie
I wish I could think of a modification of this that I could turn off (and save my data) if I ever got locked in a mental hospital for more than 7 days, but that didn't require me to tell anyone else about the server's existence. As I see it, I might have to be physically away, unexpectedly, and I'd want the option to risk exposure and save my data. That way, if I silently let it be deleted, I do so knowing that I'm saving my ass, rather than wishing I could stop it. Perhaps something like a modem/telephone based abort option, on the existing in-wall telephone wiring.
There's no way to gain anything from this scenario. Tell them to pay an unbiased, uninterested professional to do it. Imagine they give you the disk(s) and, however unlikely, it breaks while you're copying it. Imagine you find something really unflattering about the person. Imagine you find something that you think is relevant, but you're unsure of whether to tell them about it. There is nothing you could find on that disk that results in a positive outcome. Someone who does data recovery for a living will have the tools and experience to provide the best chances possible of finding what the family wants, _especially_ if they are going to use the findings for legal reasons/money.
OK, *don't* mean to sound *like* Willaim *SHATNER*... I *might* get *used* to your sugg*estion*..
*STILL*, *old friend*... *you've* managed to train just about everyone *else*, but you *KEEP* missing *the* *TARGET*....
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
i *don't* mean to sound like William 'billy' 'bill' 'willy' 'shat', *SHATNER*, and I *might* be able to follow your sug*gestion*...
*But*, old *friend*... *You've* managed to *train* just about everyone else, but you keep *MISSING* the tar*get*...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Back in 2004 a family tried to get access to their deceased sons account, he died in the line of duty as a marine.
based on the actions taken by Yahoo at the time, i would assume any other business would also not give you access.
here is reference to that story
http://www.news.com/Yahoo-denies-family-access-to-dead-marines-e-mail/2100-1038_3-5500057.html
I've thought about it before. I've debated the ethical issues with a far more disturbing post-death act: (http://rabidrabbits.baywords.com/2008/04/09/ok-i-get-organ-donors-but/). As a general rule though, providing comfort or, at least, truth to the living should always trump the "rights" of the dead.
Rabid Rabbits Sing of Portugal
Hehe, I was literally LOL at this. Good one!
You will probably need all of this done in a manner acceptable to a court of law or whoever would be paying the funeral fees or both.
Contact an attorney and have them do the paperwork correctly to get access to the websites. If a website fails to yield the data your attorney should be able to get a court order releasing it.
On the linux issue if encryption was not used it's trivial to mount the drive on another linux box and search for relevant data. You may actually have to send this to a business that has the right credentials to be accepted by the court or other party mentioned above. Again bring this up with the attorney.
This is all directed to the executor of his estate as they are the ones who 'become' him in the eyes of the law until all property is dispersed and contracts settled.
I'd go on a Vegan diet but the delivery time from Vega is too long. --brownkitty
I do not find it ethical and would not do it. If he wanted to tell he would have. On the contrary maybe it sheds some light on possible criminal activity or connection to someone who suggested taking one's life. Hmm... maybe do it ....
sounds like an attempt from a person with little computer savvy to get information on how to crack into someones computer and social networking accounts. The writer is perhaps a jealous lover or a worried parent. a classic case of social engineering. If i am wrong then I am sorry, but think that this angle should be explored before a would-be white hat gets roped into a sorted situation.
Everyone is trying to give good legal advice, but is legal advice really what you need.
Never ask a question you don't want the answer too. Are you prepared to learn the truth, if and when you get access.
When you speak of your friend, you promote only the good memories. You seek to find any answer, but the obvious one. Are you sure your friend did not commit suicide? If you are not ready to face that possible outcome, just stop.
The most common underlying disorder for suicide victims is depression. This friend of yours had demons, we all do. Do not pretend you are ready to face your fiends demons, until you have faced your own.
If ethics is the only road block to cracking the root password, then you are not ready. If this was a good friend, did you recognize any of the warning signs of depression and suicide?
Do some research on suicide first. Reflect on your time you spent with your fiend. Was the warning signs present, and did you just not see them.
Are you ready to face your demons?
dead people don't really care, one way or another.
College-Pages.com - Online Colleges, Degrees, and Programs
Because we like to ride fast motorcycles, drive fast cars, and jump out of planes, which all present a possibility of becoming slightly less than dead.
A LiveCD will not enter the password to the keychain for you... It won't type his PGP passphrase for you. It won't find his TrueCrypt disks for you.
yes, since his property is disposed of according to legal protocol (including a possible will), the new owner of his accounts should have access to them. that might be problematic and take a long time, given the reticence I would expect from a company like myspace or google.
otoh, just pop a live CD into the laptop drive and take a look around the hard drive. *then* we'll see how geeky he is: did he encrypt the filesystem?
if he's like me, he'll have a file or directory with all the passwords of his bazillion accounts so that he doesn't have to commit them to memory and/or change everything en masse.
It seems to me the accounts are the deceased's property, and could be subject to the family getting a power of attorney over them. I don't know the precedents, but it sounds like they would exist. Having the power of attorney over the deceased's property should compel any agency to "give up the goods".
If it really is for a legal matter, the evidence must be properly preserved in order for it to be admissible. You may want to make an image of the drive using dd or dd_rescue via a knoppix livecd (so you won't even have to mount the drive), though you may want to let the police handle it. I believe the program they use for imaging and preservation of evidence in the case of computer crimes is EnCase. In the event that you decide to go with dd or dd_rescue, you will be able to mount the image later, even perform data recovery on it, to some extent....
I've been in a very similar situation and actually help the police recover information from a friends computer.
I believe that the ethics of this are fairly simple, the dead man is gone. His happiness and desires are no longer important.
The family is still around, their happiness and desires are important. If you can help provide information, by whatever means, that gives them some kind of closure or helps them in any way; do so.
I just went through this with a friend whose ex-husband did a "death by hibachi" routine. There were 2 young children involved, no death/burial financial issues to resolve. There was no question about it being a suicide, since it is difficult to rent a cargo van and light a BBQ grill inside it after you seal it up. There were questions about whether there were other accounts or information on his computer.
My agreement with her was that I would look through the system and find everything that I could. One condition: Unless it was absolutely necessary I would not share the info with her. I would not share any personal information such as journaling or email, and only if it was legally beneficial or financially necessary would I tell her. She agreed.
As it ended up, all I found were a lot of word docs ranting and raving in a manner consistent to a bi-polar that had stopped taking his meds and started taking a lot of other crap that was non-prescription. None of the info was going to be of any positive result. Of all the crap, a single picture of he and his son taken a few days prior to his death was all that was turned over.
After doing a shred and reformat, I loaded it with XP Pro, since it had Vista on it. After fighting with the non-XP friendly video (Compaq/NVidia), I gave the system back for the kids to use.
Unless you find anything that is of a certain positive result, nothing is worth recovering. If you don't have the relationship and agreement, don't get involved.
Two options:
1)secure encryption that (most likely) won't be broken in the lifetime of anyone you know (use a good passphrase)
2)
a)Get a secure online server somewhere - no web or mail, etc...just ssh (again, secure passphrase).
b)Write a script that that runs a multi-pass wipe over the (already encrypted as per #1, above) files you want destroyed UNLESS a certain file exists.
c)Have a cron job run the script every day.
d)Have another cron job run every X days to delete the file that prevents file wipeage.
e)Don't forget to recreate the file every X days, or your files get wiped.
f)Rest in peace.
A couple of years ago, a friend of mine, and member of a group I ran, was killed in a car accident. The guy was a promising artist, and only 21 :-(
He was also the holder of our group's domain name and web site, which we needed to rescue. In the end, with help from his dad, the web hoster in question gave us a new password. There was some back and forth, while we provided them with as much info as we had about the domain and so forth. In the end we rescued a couple of his sites as well as ours, which his family was delighted about...
So, I think approaching the organisations in question, and being as open as possible, seems like your best bet.
Good luck.
Lots of great advice here, including booting live CDs, or removing the hard disks and plugging them into another computer as a slave drive. Then, carefully move or rename password files, edit /etc/shadow, etc. Be careful not to delete saved passwords, as in "wands", "wallets", "keychains", etc., which could help you get into email and online accounts (ebay, amazon, myspace, twitter, etc.)
As a somewhat older person who has had to deal with death of close loved ones, I can tell you it is a very difficult position. I would NOT abdicate to a recovery company or lawyers or other 3rd parties. You may discover something less than wonderful about your friend's brother, and since he is sadly gone, you have a responsibility (in my opinion) to try to make the best of things for the living loved ones. Yes, I am saying I would wipe anything questionable or that would create more sadness in the family. Try to make the best of things. It's a heavy burden, but if you approach it carefully and with much tact, you will be a great help and blessing in the healing process. There is NOTHING to be gained by exposing anything negative you may find.
If you find a clear suicide note, you probably have little choice in passing it along, but if the death looked and was ruled accidental, I would have to think long and hard about possibly keeping the note a secret. But hopefully you won't have to be burdened with that decision.
If I died, I would want someone to dig into my stuff, emails, whatever, as much as they wanted to. That would be part of my will, and I would hope to leave things as easy as possible for people to deal with.
I am both a geek and an ordained clergy person, and a Religious Studies professor, and I am also a mom and a sister, cousin, niece, etc. Wearing all those hats, I think that someone who can sensitively get into those accounts and figure out if it was or wasn't suicide could help the family in peace of mind, which is way beyond just helping pay for the funeral. But it needs to be someone who will not disclose the info in any hurtful way, someone who is very discreet and also insightful. Just as we love to have the physical hand written love letters and such of our ancestors, his relatives have the same need to have his electronic files, just as they would unquestionably have his files if they were in a file cabinet in an office. That's how I see it, anyway.
First, may I offer my sympathy regarding your friend and her brother. Suicide is a tragic, tragic thing. I know from personal experience that it leaves you with a lot of unanswered questions. I wish all the best to her family.
Regarding gaining access to their websites, etc, hHere is what I suggest:
1) Get access to their email account(s).
This should be fairly easy for "regular" email accounts - if they use Windows to collect mail, their passwords will probably be kept by their email software.
Universities are going to be easier to talk to and more prepared to co-operate than companies (like MySpace, MSN, etc). Try speaking to someone at the University face to face about gaining access to their email account there.
I'm not sure what I'd suggest about MSN/Hotmail email accounts though - they might be more problematic to gain access to.
2) Go to the sites you want access to, such as MySpace for example, and go through their "forgotten password" procedures to have the website's password emailled to the email accounts you have access to.
Once again, I wish you and their family all the best.
"Beware of he who would deny you access to information, for in his heart he dreams himself your master." -Pravin Lal
I am surprised to see so few people supporting the deceased person's privacy. For example, I certainly don't think anyone else should have access to very personal email exchanges. If I was having an affair, maybe I'd like to keep that a secret as well, even after I'm dead, out of respect for everyone else. Anything that I didn't publish or share I would consider mine, and I wouldn't want it to fall into anyone else's hands. I hope none of this will be my concern anytime soon, but just as a precaution I did add "please delete" to some personal folders, such as some of my nude pix from the time when I was more into online dating... ;)
"He was very into Linux as well as PHP/MySQL coding"
.. lets rewrite the headline to 'PHP/MySQL drove my younger brother to suicide' ..
..
Oh, well
Hey, kdawson, this place used to be about technology
davecb5620@gmail.com
boot with a install disc.
Slack is the best, just mount his drive and you got full access.
The service providers may allow you access to his other accounts if you get his parents to call their tech support with his obituary etc.. Proof..
good luck, I had a friend that died but nobody ever bothered checking his stuff out. Probably for the best as there were things nobody needed to find.
l8r
If it would help bring closure to your family, then please don't wait and start cracking right away. The downside is that you might find out about a person *none* of you knew. Tread carefully but diligently.
Coming to slashdot for ethical advice is like going to burger king for a healthy meal. It's likely you'll get the opposite to what you asked for.
Logi - I can do anything, but not everything.
IANAL but have dealt with a recent suicide.
Suicide has to be proven by some means otherwise it will be ruled an accidental death. If there was no note, message or legal conversation indicating suicide it will likely be ruled an accidental death. That's not to say it won't be a fight to get life insurance to help defer funeral costs; we are six months into it and still dealing with them.
Majority seem to think it's OK to crack his accounts etc. - I am not sure about it. I do understand that grieving parents need to know... but it's questionable - do they have right to know everything? People seem to think that anything that belonged to deceased is now some kind of property left for next of kin. But emails and stuff like that are not property that can be inherited... I think. It's not just about deceased person - it's also about people he communicated with. It's also about their privacy. If they had secrets they wanted to share with deceased - well it should go to the grave with him. These emails were meant for him - and only for him. No one else has any right to read them. I mean... I don't know about laws but morally... it seems to be wrong to read someone else's emails - no matter that he is no longer with us. You can inherit assets but I don't think it's about personal and private communication.
I'm way late in replying, but the suicide could have been, at one point in my life, me. I know for a fact that I'd want someone to care enough to dig through my stuff to find out why and what happened.
There's a GRUB/LILO trick to get root access. I don't remember the full details but it involves editing the bootup line and changing the init script to =/bin/bash and remounting the hard drive.
If this guy was anything like me, you'll probably find some kind of message fairly quickly. The point of making the note hard to get at would be to prove that someone gave enough of a damn to get at the file.
Legally, the people with the guns dictate what rights the rest of us have (and they take a few extra rights for themselves). But this wasn't a question of what is legal, but a question of what is ethical and respectful. Don't confuse those.
..." is a lot like "Protect the children!" (or "The American People want...", I guess). There are a couple of people I'd trust to speak for me after my death, in that I'd expect them to get a few things wrong but I wouldn't mind too much. Of course, those people are the least likely to claim to be able to speak for me...
No, I don't have much of an opinion on the OP's question. I'm not a very private person, but others are, and I would respect the wishes of the dead if I knew them.
However, I have a huge problem with people speaking for the dead, or others who can't speak for themselves. "He would have wanted
"The biggest problem with communication is the illusion that it has taken place."
A lawyer would write the letters necessary to have passwords reset on the public accounts for the family to access. You're not going to find evidence of accidental death in the computer (unless he programmed with some AI, which killed him). A lawyer would also be able to work with the Medical Examiner to see what could be done.
Doing anything else is just asking "i need someone who can hax0r gmail and my buddy's laptop". Go read skript-kiddie boards and stop wasting our time.
And seriously. If I see a response about "they can't afford a funeral, let alone a lawyer", then you guys are truly hopeless if you don't know to call your local bar association for help.
Failure is not an option.
I have been faced with this situation myself. My best friend committed suicide just two weeks before he was to emigrate from the UK to Canada. He never gave off any sense that this was something he would do or even consider, and so when it happened and I flew to the UK for his funeral, his family and friends asked me to see what I could find. I managed to access most things, and was unable to find a motive for his actions, though did find ample evidence indicating it had been well-planned and thought out for weeks, if not months. It did bring some closure though, even if the exact reason is still not known. I still have a 2 GB PGP-encrypted archive though that was created that evening... I am still wanting to some day be able to find out what might be in there. While my response is a bit long-winded, I guess my point is that it really depends on the situation. Different factors will influence whether it is the right or wrong decision. You'll have to decide that on your own though. Gut feeling is something I found important to listen to in my situation.
If this relates to a legal matter, the only way you should even touch this person's computer is if you can be certified as an expert witness. Otherwise all you are doing is evidence tampering. As usual, talk to a lawyer.
As far as accessing this person's user accounts, you're in a similar situation to the RIAA, except at least you have the real person's name, not just John Doe. If you make any attempt to access their accounts without express permission of the service providing the account, you are at a minimum in violation of their terms of service. You could also be up for charges of identity theft. Once again, talk to a lawyer.
If you do decide to go ahead with this, make sure you have a neutral witness with you that is capable of confirming the chain of custody of anything you find. Once again, talk to a lawyer.
We are the 198 proof..
Maybe his parents got conned into buying something like the "Gerber Life Grow-up plan"...
We are the 198 proof..
if you have access to the physical hardware, and know which password encryption method was used, and can write to the shadow file, you can generate a new password, and overwrite into the shadow, his root password, all with a recovery/repair cd/ disk image.
I've forgotten a root password once (but it was on a bsd machine) so i just copied over my user account password in the shadow file, then set a new root password. it was easier for me because i knew a password on the system, the point is it's easy to generate a password with the correct crypto, if you have access to the shadow file, which most system recovery discs will easily give you access to.
https://www.gnu.org/philosophy/free-sw.html
I believe this whole problem can be passed away.
If the guy didn't leave a note or anything that can be used to prove suicide, I believe it's the insurers' problem to prove it, not the family's problem to disprove it.
So, as to say, the insurance must be paid, unless the insurer can prove it was a suicide, not the other way around.
Anyway, someone specialized (police and/or a lawyer) should be consulted.
IANAL, so take this with a truckload of salt.
There is a time limit on free services such as gmail before they expire and are deleted through non use. Therefore you may want to check the date from which those accounts have not been accessed since they may have already not been accessed for a while before the event occurred.
If this is becomes a criminal matter, be sure to document every action you take, including deleting anything. not doing so will defiantly contaminate the evidence. I have worked in a computer forensics lab as an intern and if you honestly thing there is any chance of foul play, I would not touch any of it, at least until the investigators have said they won't do anything. Failing that hash, image, and rehash the hard drive. I suggest using SMART Linux of Helix, both of these have been certified to be used in forensic capacity by at least certain agencies. the most important thing is to not contaminate any of the evidence. Image the hard drive to an external device, then do all searching off of that device. Be sure to hash using MD5 or SHA, and be sure to do so before and after touching anything. DOCUMENT EVERYTHING YOU DO, PERIOD. Also take pictures of anything you do the the hardware. I can tell you right now, if it comes down to it, a defense lawyer will tear up any digital evidence presented that could possibly be contaminated. So document everything you do, and do the utmost to protect the integrity of the drive. Don't be an idiot and take any curtsies and delete any porn files, what will the deceased care, he is dead after all. this will just contaminate the evidence, investigators regularly come across this stuff, unless it depicts illegal acts, they don't care, but they will notice deletion of files which is suspicious and is contamination of the evidence. Sorry for anoymous post, first time posting here.
do you realize that you only need to mount the disk (read-only preferable) on another box to read the contents, no need for crack, you can crack all the accounts to search for possible passwords for other services, but the data is easily readable
I'm positive, don't belive me look at my karma