It's a big assumption to assume that your computer is turned off when seized. It's a bigger assumption that your password or encryption key hasn't been paged out to virtual memory and then never cleared, and that you haven't reused your password for a less-secure purpose.
That's true, but the big push now is for first-responder tools that can capture the running state of the machine before powering it down -- mostly so that encryption keys for mounted encrypted filesystems (e.g., BitLocker) can be acquired.
If it uses security vulnerabilities to perform its tasks (which is not necessarily true), it almost certainly uses well-known vulnerabilities that other people already use. What they don't have is a user-friendly tool on a USB disk that works without being a computer forensics expert. If a real hacker has physical access to your running machine, it's almost certain they will get access to what they're interested in.
There are a lot of big security holes in Windows. Two I can think of off the top of my head are circumventing Windows password login via FireWire while the machine is running and putting a malicious executable (say, one that makes a copy of the contents of your memory) on a U3 USB disk, if the target machine doesn't have Autorun disabled.
Because you want access to information provided by a running machine (that is, data in RAM, essentially -- although just capturing an image of RAM and then powering down the machine isn't as useful as using API functions to find active network connections, etc.).
The classic case where this is important for law enforcement is people using encryption. If your encrypted partition is mounted -- or hell, maybe if it's not -- the key is almost certainly readily-available in memory. You don't want to lose that.
Maybe some organization doesn't, but all of the regional police departments I'm familiar with all still need warrants. It's a real pain for forensic analysis when a warrant for a computer specifies that you can only "look at" specific things, since "look at" is not usually written in terms that map very well to hard-drive analysis.
Yes. Most criminal investigations have experts well-versed in many operating systems. More regional departments may not have Macintosh or Unix experts, though almost all computer forensic investigators have familiarity with Unix, and would send the computer to another office. There are a lot of experts working in law enforcement, so if their case is important enough, your hardware will be shipped to an office that has an expert.
They wouldn't boot your machine, though. They'd remove the drive, duplicate it, and then look at the duplicate through a hardware write blocker. Software would probably indicate that the majority of the disk was ext2/whatever Unix format you use partitions, and the layout of the root partition would make it fairly clear you were using a Unix variant. If they really wanted to "boot" your machine, they'd boot an image of your drive using a VM.
I don't know; a lot of government contracts work out very nicely. They list what features they need, and the developers do their own designing. I haven't really compared it thoroughly to the competing models of "designed by marketing" and "designed by volunteer committee".
No, people who reject anthropogenic climate change just think they're a lot smarter.
If you understood equilibrium systems, you wouldn't have asked how a tiny change in the amount of CO2 in the atmosphere can cause significant climate change.
Actually, not understanding this kind of system is often the same problem creationists have -- it's the "how could complex life evolve via a random process" question.
"The FBI seems to be doing a fine job in stopping the production of child pornography with the data retention policies that are in place."
They're good at catching the dumb ones, at least.
It's a real problem they're basing this on: in the course of an investigation, the information to be used at trial often includes logs of activity going back months or years that is either from the suspect's machine or from legally-acquired logs. Anything referred to by IP address must be mapped to real people, though, and ISP logs are necessary for this. So you can easily run into the question, "Who had this IP address at X time?", where X is a year in the past.
Reading the article, IP-customer associations are all they're actually asking for in this. The article author makes the claim that they "might want" a lot more, but as pointed out, there are no specifics.
A second, but substantially more difficult-to-require step is to maintain permanent records of who sends packets to whom and when.
Actually recording and storing the contents of any communications is both nearly impossible to require and of limited use. While seeing every packet that's come from your machine could certain tell someone all sorts of private information, parsing, summarizing, and storing that information in a reasonable amount of work and storage space is not likely. Further, it can be easily circumvented by using SSL (or any other encryption). It's better to have the ISPs log what they're easily able to log -- assigned IP addresses and maybe connection logs -- and then require the entities who know how to summarize usage data (e.g., make Myspace log Myspace communications) keep those records. No sense in having the ISP try to summarize Myspace communications of their customers.
That really depends on the auditing process for the hardware. Closed-source software has no benefit compared to hardware.
Software full-disk encryption is good, but true full-disk encryption that is secure is hard to come by. It also carries a performance penalty. In performance-critical applications, people are going to either choose hardware encryption or none. (Another axiom of security -- people will make the choices necessary to do their job efficiently. If security gets in the way, they will circumvent it.)
Software designed for this kind of operation certainly helps, though substantial information can still leak to disk. Core dumps, hibernation files, virtual memory pages help.
Presumably, though, people who are considering whole-disk encryption are ones interested in running software that hasn't been well-designed and still having that data encrypted.
Personally, I'd probably trust a virtual machine running off of an encrypted image more than hardware disk encryption, and it allows you to run applications that higher performance demands outside of your encryption sandbox.
What does that get you? Good device-level encryption already has the performance level of an unencrypted drive.
The danger to having encrypted data and unencrypted other partitions is that generally the "other partition" is your OS and such. (If your unencrypted partition is just storage for video editing, no problem.) You tend to leak information all over the place in this space.
I didn't say it was common, but there are plenty of people that isolate religion to the metaphysical and seem to be perfectly reasonable people. While I don't count myself among them, there are many wholly rational people who are also spiritual.
I had the opportunity to have a look at the "Expelled Leader's Guide".
The second page purports to talk about how new scientific ideas, "particular those that pertain to the origins of life" are suppressed. They try to support the viability of these alternate theories with the following data: 91% of Americans believe in God. 78% of Americans believed God created humans in their present form or guided an evolutionary process. Clearly, since they repeatedly attempt to use statistics about what people believe to lend weight to the value of a proposition, they're not at all interested in science. Anyone who tried such a thing among scientists should not be surprised to find their ideas suppressed -- science is about facts, not what people believe.
Page 3 discusses cosmology. It entirely misstates the anthropic principle. In claims the anthropic principle states that if various fundamental parameters (e.g., the value of G) were even slightly different, life as we know it would not exist. This, then, indicates that the universe is the work of the divine. This is nearly the opposite of the proper interpretation of the anthropic principle -- all fundamental values *must* be such that life as we know it exists; otherwise, we would be incapable of observing it as such. (That is, we know, a priori, that the universe is capable of supporting humans, and any observation we make is required to confirm that.)
Page 4 appears to point out the probability of a full working cell being created by random chance is unreasonably small. Certainly true, and certainly not relevant. This leads to...
Page 5 is our friend, irreducible complexity!
Page 7 mentions how racists use Darwinism to justify their views. I didn't read closely enough to see if they also bring up social Darwinism, which has almost nothing to do with evolution. I did notice they don't mention any unfortunate people who have used religion to justify actions most would disagree with.
Page 8 is devoted to Godwin.
Page 9 has a bit about how "evolution" is used to mean different things. I find it odd that, given that this very document has a page about cosmology, they don't cover that "evolution" is often used by creationists to encompass abiogenesis. If you really want a laugh, this page has "Is ID science?" The answer is clearly written by someone poorly-schooled in statistical mechanics.
They can say what they want, but it should not be taught under the auspices of science, particularly in public institutions, and we reserve the right to not listen and deride them for having no understanding of how reality works.
More specifically, when Newtonian gravity was developed and tested, it was correct -- given the precision of measurements and boundaries of testing they had access to.
Later study showed that Newtonian gravity is a rather accurate approximation to general relativity, in particular situations (those situations encompassing "nearly all readily-observable mechanics"). General relativity has been shown to be correct, given the precision of measurements and boundaries of testing we have access to.
Someone might certainly "prove general relativity wrong", but they're going to do it by finding a situation outside of our former ability to test general relativity where it fails, and we'll find that GR is a good approximation to this new rule, when you consider the situation we're testing it in.
There's actually a paper about how systems of this nature tend to be poorly-understood by humans. Coupling random variation with a weak driving force is a powerful way to get to an equilibrium, but this isn't really clear to people.
To be fair, a theory is only scientific in the context of science. That is, there's no place in a scientific discussion for "non-scientific theories", and one should never use the term in a scientific classroom (doubling up on definitions).
However, the word "theory" can be used in non-scientific contexts, where it has other meanings. So a theory isn't strictly scientific by definition.
This isn't a problem as long as you restrict God solely to the metaphysical, which is what most religious scientists do. (This is, I think, the effective stance of Catholicism.) If you don't use religion to make disprovable statements about reality, they're quite compatible.
Close. Police use Helix.
It's a big assumption to assume that your computer is turned off when seized. It's a bigger assumption that your password or encryption key hasn't been paged out to virtual memory and then never cleared, and that you haven't reused your password for a less-secure purpose.
That kind of legislation probably wouldn't go over well with the NSA, the FBI, or the DoD, all of whom use Unix extensively.
That's true, but the big push now is for first-responder tools that can capture the running state of the machine before powering it down -- mostly so that encryption keys for mounted encrypted filesystems (e.g., BitLocker) can be acquired.
If it uses security vulnerabilities to perform its tasks (which is not necessarily true), it almost certainly uses well-known vulnerabilities that other people already use. What they don't have is a user-friendly tool on a USB disk that works without being a computer forensics expert. If a real hacker has physical access to your running machine, it's almost certain they will get access to what they're interested in.
There are a lot of big security holes in Windows. Two I can think of off the top of my head are circumventing Windows password login via FireWire while the machine is running and putting a malicious executable (say, one that makes a copy of the contents of your memory) on a U3 USB disk, if the target machine doesn't have Autorun disabled.
Because you want access to information provided by a running machine (that is, data in RAM, essentially -- although just capturing an image of RAM and then powering down the machine isn't as useful as using API functions to find active network connections, etc.).
The classic case where this is important for law enforcement is people using encryption. If your encrypted partition is mounted -- or hell, maybe if it's not -- the key is almost certainly readily-available in memory. You don't want to lose that.
Maybe some organization doesn't, but all of the regional police departments I'm familiar with all still need warrants. It's a real pain for forensic analysis when a warrant for a computer specifies that you can only "look at" specific things, since "look at" is not usually written in terms that map very well to hard-drive analysis.
Yes. Most criminal investigations have experts well-versed in many operating systems. More regional departments may not have Macintosh or Unix experts, though almost all computer forensic investigators have familiarity with Unix, and would send the computer to another office. There are a lot of experts working in law enforcement, so if their case is important enough, your hardware will be shipped to an office that has an expert.
They wouldn't boot your machine, though. They'd remove the drive, duplicate it, and then look at the duplicate through a hardware write blocker. Software would probably indicate that the majority of the disk was ext2/whatever Unix format you use partitions, and the layout of the root partition would make it fairly clear you were using a Unix variant. If they really wanted to "boot" your machine, they'd boot an image of your drive using a VM.
I don't know; a lot of government contracts work out very nicely. They list what features they need, and the developers do their own designing. I haven't really compared it thoroughly to the competing models of "designed by marketing" and "designed by volunteer committee".
No, people who reject anthropogenic climate change just think they're a lot smarter.
If you understood equilibrium systems, you wouldn't have asked how a tiny change in the amount of CO2 in the atmosphere can cause significant climate change.
Actually, not understanding this kind of system is often the same problem creationists have -- it's the "how could complex life evolve via a random process" question.
Keeping meticulous records dates back to the Romans.
"The FBI seems to be doing a fine job in stopping the production of child pornography with the data retention policies that are in place."
They're good at catching the dumb ones, at least.
It's a real problem they're basing this on: in the course of an investigation, the information to be used at trial often includes logs of activity going back months or years that is either from the suspect's machine or from legally-acquired logs. Anything referred to by IP address must be mapped to real people, though, and ISP logs are necessary for this. So you can easily run into the question, "Who had this IP address at X time?", where X is a year in the past.
Reading the article, IP-customer associations are all they're actually asking for in this. The article author makes the claim that they "might want" a lot more, but as pointed out, there are no specifics.
A second, but substantially more difficult-to-require step is to maintain permanent records of who sends packets to whom and when.
Actually recording and storing the contents of any communications is both nearly impossible to require and of limited use. While seeing every packet that's come from your machine could certain tell someone all sorts of private information, parsing, summarizing, and storing that information in a reasonable amount of work and storage space is not likely. Further, it can be easily circumvented by using SSL (or any other encryption). It's better to have the ISPs log what they're easily able to log -- assigned IP addresses and maybe connection logs -- and then require the entities who know how to summarize usage data (e.g., make Myspace log Myspace communications) keep those records. No sense in having the ISP try to summarize Myspace communications of their customers.
The government has multiple entities, you know.
Ask the FBI what they think about the White House having "missing" e-mails.
That really depends on the auditing process for the hardware. Closed-source software has no benefit compared to hardware.
Software full-disk encryption is good, but true full-disk encryption that is secure is hard to come by. It also carries a performance penalty. In performance-critical applications, people are going to either choose hardware encryption or none. (Another axiom of security -- people will make the choices necessary to do their job efficiently. If security gets in the way, they will circumvent it.)
Software designed for this kind of operation certainly helps, though substantial information can still leak to disk. Core dumps, hibernation files, virtual memory pages help.
Presumably, though, people who are considering whole-disk encryption are ones interested in running software that hasn't been well-designed and still having that data encrypted.
Personally, I'd probably trust a virtual machine running off of an encrypted image more than hardware disk encryption, and it allows you to run applications that higher performance demands outside of your encryption sandbox.
What does that get you? Good device-level encryption already has the performance level of an unencrypted drive.
The danger to having encrypted data and unencrypted other partitions is that generally the "other partition" is your OS and such. (If your unencrypted partition is just storage for video editing, no problem.) You tend to leak information all over the place in this space.
I didn't say it was common, but there are plenty of people that isolate religion to the metaphysical and seem to be perfectly reasonable people. While I don't count myself among them, there are many wholly rational people who are also spiritual.
I had the opportunity to have a look at the "Expelled Leader's Guide".
The second page purports to talk about how new scientific ideas, "particular those that pertain to the origins of life" are suppressed. They try to support the viability of these alternate theories with the following data:
91% of Americans believe in God.
78% of Americans believed God created humans in their present form or guided an evolutionary process.
Clearly, since they repeatedly attempt to use statistics about what people believe to lend weight to the value of a proposition, they're not at all interested in science. Anyone who tried such a thing among scientists should not be surprised to find their ideas suppressed -- science is about facts, not what people believe.
Page 3 discusses cosmology. It entirely misstates the anthropic principle. In claims the anthropic principle states that if various fundamental parameters (e.g., the value of G) were even slightly different, life as we know it would not exist. This, then, indicates that the universe is the work of the divine. This is nearly the opposite of the proper interpretation of the anthropic principle -- all fundamental values *must* be such that life as we know it exists; otherwise, we would be incapable of observing it as such. (That is, we know, a priori, that the universe is capable of supporting humans, and any observation we make is required to confirm that.)
Page 4 appears to point out the probability of a full working cell being created by random chance is unreasonably small. Certainly true, and certainly not relevant. This leads to...
Page 5 is our friend, irreducible complexity!
Page 7 mentions how racists use Darwinism to justify their views. I didn't read closely enough to see if they also bring up social Darwinism, which has almost nothing to do with evolution. I did notice they don't mention any unfortunate people who have used religion to justify actions most would disagree with.
Page 8 is devoted to Godwin.
Page 9 has a bit about how "evolution" is used to mean different things. I find it odd that, given that this very document has a page about cosmology, they don't cover that "evolution" is often used by creationists to encompass abiogenesis. If you really want a laugh, this page has "Is ID science?" The answer is clearly written by someone poorly-schooled in statistical mechanics.
They can say what they want, but it should not be taught under the auspices of science, particularly in public institutions, and we reserve the right to not listen and deride them for having no understanding of how reality works.
More specifically, when Newtonian gravity was developed and tested, it was correct -- given the precision of measurements and boundaries of testing they had access to.
Later study showed that Newtonian gravity is a rather accurate approximation to general relativity, in particular situations (those situations encompassing "nearly all readily-observable mechanics"). General relativity has been shown to be correct, given the precision of measurements and boundaries of testing we have access to.
Someone might certainly "prove general relativity wrong", but they're going to do it by finding a situation outside of our former ability to test general relativity where it fails, and we'll find that GR is a good approximation to this new rule, when you consider the situation we're testing it in.
There's actually a paper about how systems of this nature tend to be poorly-understood by humans. Coupling random variation with a weak driving force is a powerful way to get to an equilibrium, but this isn't really clear to people.
Actually, the only reasonable way to describe them is that they both orbit around their common center of mass.
To be fair, a theory is only scientific in the context of science. That is, there's no place in a scientific discussion for "non-scientific theories", and one should never use the term in a scientific classroom (doubling up on definitions).
However, the word "theory" can be used in non-scientific contexts, where it has other meanings. So a theory isn't strictly scientific by definition.
This isn't a problem as long as you restrict God solely to the metaphysical, which is what most religious scientists do. (This is, I think, the effective stance of Catholicism.) If you don't use religion to make disprovable statements about reality, they're quite compatible.
Does peanut butter have something to do with evolution, or are you confusing evolution and abiogenesis?