Slashdot Mirror
Post-Suicide Account Cracking?
An anonymous reader writes "A good friend of mine had her younger brother apparently commit suicide last week. He was a young, promising CS major who was close to being accepted into a very prestigious school. He was very into Linux as well as PHP/MySQL coding. He left absolutely nothing behind for the family as far as a death note or explanation, and there is some possibility that this was all somehow a tragic accident. The family is in a situation where proof of accidental death would change how this was viewed in terms of paying for parts of the funeral. More importantly, some members of the family are hoping to find something, anything, that might explain why this all went down. Since I'm the most computer-skilled person the family knows, they have asked me if I could help them try to find some information. My possible approaches are: his Linux laptop, his university, Gmail And Hotmail email accounts, and a second MySpace profile that apparently has been tagged as private. How ethical would it be to, say, try to crack his root password in a situation like this? I wouldn't attempt to crack a man's account for his wife because she thinks he is cheating on her, as his life is his own business. In death, would you have the same respect for a person's private thoughts? Secondly, If I contacted places like Google, MSN, the university, and MySpace, what are the odds that they would give me access to any of his accounts? I have links to obituaries and such to prove that he is indeed gone. Would it be a matter of not giving it to me (maybe only to the family), or is this something that they would not do at all? Any opinions on if I should do this and if so, how I should go about it?"
If you have physical access to his laptop, you can just boot with any linux live cd and mount the partitions without any access control. This will not work if he is using encryption, but unfortunately, few people do.
c++;
How ethical would it be to, say, try to crack his root password in a situation like this?
Take 5 seconds to boot into single-user mode, or mount the disk elsewhere sans password.
Interested in open source engine management for your Subaru?
Google is your friend! Here are some links to the story:
Slashdot
Another Slashdot.
The Conclusion to the story.
There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
I disagree... A simple court order would open up any account they want. Why people go to these companies and ask "permission" is beyond me... That is why our legal system is there, and it is quite good at getting what it wants...
In the military, there's the tradition of cleaning up a dead guy's locker before sending it home to his next of kin. Remove all skin mags, letters from local girlfriends if he has a wife back home, that sort of thing. Get rid of anything that might make them think less of the dead, they're already broken up about it as is. I'm sure the last thing this kid's family would want to find out about is his furry porn collection.
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
Would snooping around on your laptop or rifling through your e-mail accounts allow someone to "understand" you? Are you confident that it would portray the facet of your personality that you wanted others to see?
Obviously, this is a sad situation. I lost a sibling to suicide and the bottom line is that I don't think that any satisfactory answers can be had in a situation like this.
Whether or not the privacy of the deceased should be respected might be an ethical dilemma. But I think that if we are realistic about our own selves and what we choose to share with friends, family or no-one at all, we have to admit that breaking into this mans files would almost certainly be a violation of his wishes, and likely raise more questions than it answers.
Absent some purely administrative function like settling his accounts, I would not go this route.
Gmail has a process for this, as do all other freemail services. Gmail's is Here Googling for the others policies will yield results for the others as well.
Keep on knockin'
https://robbiecrash.me
1. Your full name and contact information, including a verifiable email address.
2. The Gmail address of the individual who passed away.
3a. The full header from an email message that you have received at your verifiable email address, from the Gmail account in question. (To obtain the header from a message in Gmail, open the message, click 'More options,' then click 'Show original.' Copy everything from 'Delivered- To:' through the 'References:' line. To obtain headers from other webmail or email providers, please refer to http://www.spamcop.com/help_with_headers/)
3b. The entire contents of the message.
4. A copy of the death certificate of the deceased.
5. A copy of the document that gives you Power of Attorney over the Gmail account.
6. If you are the parent of the individual, please send us a copy of the Birth Certificate if the Gmail account owner was under the age of 18. In this case, Power of Attorney is not required.
From the question it seems like it's related to a life insurance policy that doesn't pay on suicide, which is the norm
IANAL, but in many states life insurance still pays off on suicide as long as the policy has been in effect for a specific length of time (2 years in my state) and the death didn't involve a crime (OD on cocaine being a classic example).
"An unarmed man can only flee from evil, and evil is not overcome by fleeing from it." Col. Jeff Cooper
A friend of mine died last year and, as long as you can provide the proper paperwork, his family got access to his hotmail account. i guess as long as they can tie the death certificate to the person in the e-mails then its not a problem.
I have excellent Karma and I am not afraid to Troll it.
You'll just invite delay and trouble by contacting service providers. Instead, change his laptop's root password (it's easy: at grub edit the default stanza and set init=/bin/bash and then boot; once in, use "passwd" to change the root passwd; next use "passwd username" to change his user's password; using the rescue environment is slightly more complicated). This assumes he is not using an encrypted FS, which is likely.
Once you can boot into his user account, run the mail client(s) he has setup. They likely have the passwords stored. Voila, no need to contact the service providers.
Ethical? Well, you'll want to check with his heirs, first, but assuming there is no resistance on that front, go for it. It's called archeology when we do it to the Pharaohs.
-- @rjamestaylor on Ello
As the parent said, booting the system from a live CD will let you in. If this person used Firefox's password manager (and assuming he didn't set a master password), you can reset his account's password from the live CD, then log into the laptop as him, and use Firefox to connect to hotmail, gmail, etc... You could even use Firefox's "Show Passwords" to recover the passwords, if needed.
The subpoenas should not be necessary. If you are the next of kin and heir to the deceased estate, the accounts are now yours, the computer is yours and all information there in is yours. So simply gain permission from the current owners and gain access. However if you are doing it for legal reasons be careful that your actions do not contaminate the evidence. It is most likely best for the family to seek the assistance of the police in further investigating the incident and ensuring any evidence uncovered remains valid.
Chaos - everything, everywhere, everywhen
http://mail.google.com/support/bin/answer.py?answer=14300
Not it isn't. Plenty of life insurance policies cover suicide, but usually not in the first 1-few years the policy is in effect.
My question is, why would a young unmarried person have a life insurance policy at all?