For whatever reason, there are times when people pay cash and have no desire to reveal who they are to the folks with whom they are doing business. (I used to relish, back in the day, going to Radio Shack and refusing to give them my zip or other information as long as I was paying cash. They thought I was weird. I thought being forced to identify myself to buy batteries was just too stupid to put up with.)
So is there any way to anonymously pay for things online? I can think of only one: buy a pre-paid credit card for cash and use it online. Non-reloadable gift cards can be purchased for cash and activated for use online under any name you can think up; there's no verification.
However, that method is inconvenient. Do the slashdot hordes know of a better, easier way that remains anonymous?
For Batman to remain Batman, he can't become the Executioner
I suppose no one alive is old enough to remember first-hand, but I hold out some hope that, someday, someone will do a Batman movie that embraces the original notion of vigilante instead of the more modern notion of super-detective. Back when he was new and carried sidearms, he never hesitated to use them. He and Robin tossed many a crook off tall buildings. Why couldn't that character be brought back? Because Frank Miller didn't do it first?
I don't buy it. A modern-day vigilante should kill people. That just seems so obvious to me.
According to what I've read and seen, the bike was a total bitch. Yes, the design actually worked. Sort of. And they had to have that design so that it could look like it ejected from the Batmobile/Tumbler.
Apparently, though, the design was so unstable that none of the stunt riders could stay upright on the thing for more than a few seconds at a time. The takes you see in the final film are some of the longer successes at riding the bike and they had to be done slowly or not at all.
Anybody got any good links that discuss this? I'm actually pretty fascinated by that bike.
If they keep the franchise going, Bond-style, maybe they can bring Bale back in a generation or so to do TDK Returns. That would be cool.
For years, I tried to explain to people that the novels, Return, that made these new movies possible was what should be put on film. Jack Palance should not have been a villian; he should have played Batman. Of course, doing so in a successful movie would require that the public know the background of the character, something Miller's book could assume but that would be quite erroneous in the real world.
After seeing TDK at a 6:15AM IMAX screening yesterday, I'm again pondering the same sort of thing. This time, though, with the background of BB and TDK in the public consciousness, I can fantasize that it might be do-able.
TDK jumped ahead a year. For the next movie, jump ahead a quarter-century. Bring the Batguy out of the shadows one last time and get him killed while, amidst the absolutely destroyed background of a failed Gotham, we find our hearts touched by the notion of children rising up, growing up to build a better world from the debris their foolish, selfish elders left to them. I would pay money to see that. I'd buy the boxed trilogy. And if they were done right, I'd say that the Batman movies were then, at least until sometime after I've shuffled off this mortal coil, done.
So where are we going to find a Jack Palance these days?
IF the people doing this are right and there's lots of CP on usenet, IF the people doing this are right and there's lots of web sites with CP, IF the CMEC does a good job of finding all the sites and groups, IF all the major ISPs actually wind up blocking the resources used to obtain CP,
THEN...
Will we finally get enough Freenet nodes online for the network to become usably fast?
Does watching regular porn stop you from having sex in real life? Just about every guy I know watches porn, and they still fuck women.
I do both, just like most guys. BUT - I know I'd grudgingly just watch porn and never again touch a woman if fucking women was illegal and could get me thrown in the pen for the rest of my life.
Isn't that actually the choice that pedophiles face?
Actually, come to think of it, if that was my choice I'd probably just kill myself. Life wouldn't be worth living.
I guess it's no wonder that most pedophiles are supposed to suffer from depression.
I'd pay money for a copy of the Phil Donahue Show episode where one of their reps said that 50,000 children a year go missing in the U.S. That's an exaggeration of, quite literally, three orders of magnitude.
However, various courts (look up "Dost factors" and related case law) have decided to include "lascivious exhibition" of the genitals or genital area as a "sexually explicit conduct." Further, courts have decided that any exhibition can be lascivious, even if the child is fully clothed. Still further, courts have decided that any photograph of any activity can be considered a lascivious exhibition and therefore sexually explicit conduct if it arouses the viewer inappropriately. Given evidence of the state of mind of the possessor, any picture can put you in jail. If, for example, you have previously been convicted of child molestation (thus proving your state of mind and your reaction to children), then simply possessing the newspaper department store ad showing tweens in bikinis would be enough to garner you a conviction for possession of child porn.
So, the GP is wrong. It's not just that naked pictures create an assumption of guilt; there's more to it than that. What I find scary is that, under the right circumstances, literally any picture of a child can be found by our (U.S.) courts to be child pornography.
Hell, there have been CP prosecutions for making videos with adults who look young and for cartoons. I don't know why I'm surprised at this crap any more.
Ending the distribution of pictures does nothing to stop the real life abuse.
The problem with that statement is that it is rational. The currently fashionable thinking on the subject, irrational though it may be, is that anyone who views the pictures, anywhere in the world, at any time, with or without the knowledge of the child, is actually committing abuse on that child again every time they view the pictures.
That means that if pictures of a child being molested get into general circulation in that community, then that kid is being raped thousands of times a day, constantly, all day long. *Any* price is reasonable to pay to reduce the number of times the child is raped daily.
It's only when you wrap your head around that notion that you can understand the strident anti-child-porn folks who seem so completely fixated on hunting down pedos and don't seem to give a damn about the kids except to pay lip service to their plight and to pat themselves on the back every time they "catch a predator."
The pass rate is not terribly important. There will always be enough women testing clean to fulfill the demand. Those places in the U.S. where prostitution is legal have managed to set up reasonable and workable testing protocols and the brothels do not go without personnel.
I not only knew what you were tallking about but passed over it and started reading the next comment without a stutter. A few seconds passed. Then I cringed and wondered "What have I become?"
Thanks a lot for shaking me to the core. Nice way to start the day.:-(
All those university students who have done photo projects with them and all those (admittedly often faux-) serious artists who use them might take issue with you. But, if you insist, take a step up in price to this camera and experience a consumer/student grade medium format camera that's really quite rewarding and definitely not a toy.
Or do you insist that "consumer-grade" must necessarily employ useless bells and whistles and silly flashing lights? If so...never mind.
Following your logic, we should all be hunting and gathering instead of shopping for food because now we can't feed ourselves, either.
I wouldn't go that far but I do believe that certain experiences make us better people. There are some basics to life that shouldn't be skipped. If you eat, it's important to understand that something had to die so that you could live. If you're a vegetarian, growing some of your own food can give you an appreciation of the cycle of things, how dung and dirt and seeds can become the sustenance for your body. If you eat meat, actually taking a life is an educational moment like almost no other, a time when you discover, for real, not via a computer simulation but with blood on your hands, that other beings must die so that we can live.
There's individual, spiritual power and wisdom in knowing those things, really *knowing* them by experience rather than making do with the pale reflection of reality provided by a book or a digital simulation.
This is a big subject, though, and I can't do it justice in a short comment. I strongly recommend "Meditations on Hunting" by José Ortega y Gasset.
I think you're straining too far to define the "security or loss prevention industry" as applying to routine computer work. The modifications to the statute are clearly intended to add a requirement for licensing for people who do computer forensics work. That is an addition of one particular type of work to the umbrella of "security or loss prevention industry." To then jump to a different section and apply a non-traditional (in this context, and in the context of previous application of the instant statute) meaning to an isolated use of the word "security" is, imo, clearly not the purpose of the changes, not supported by a "plain english" reading, and not supported by the legislative history.
Nevertheless, you have a point. A pedantic asshole of a prosecutor could deliberately take this now-awkward phrasing and turn it into a club to use against the Geek Squad drone who killed his laptop. Absent some such odd motivation, however, I can't see such a thing happening. Even if it did happen, I doubt the prosecution could prevail. Still, I guess it's nice that someone has already filed suit to settle these questions; odd things happen in courts.
Good point. Our contract cleaning crews are required to go through higher-security areas during the day, when the employees are around and can watch them. They are allowed to clean the normal office spaces after hours, but there is virtually never any information left out in breach of the clean desk policy. All paper with sensitive information is locked up. If you don't, one of the after-hours security audits will catch you, a big orange ticket on your desk greets you the next morning, and you have to go begging to your manager to get your files back. We have plenty of *really* messy desks here, but nobody leaves data lying about.
That doesn't mean the cleaning crew can't get to it. They just have to be willing to break into (stronger than average) cabinets, know which drawers to break, know which folders to take, etc. That's a lot of risk for little potential reward and I don't know of anyone who has gone down that path. Cleaning crew misdeeds, in my experience, have been limited to pilfering small items.
But I take your point that there are always "out of the blue" attack vectors.
The only potentially serious data loss we've had in my office involved on of these, even though we didn't actually lose any data. In the middle of the night, someone stopped on the main road next to the office, blocking a lane of traffic. They then walked to the nearest first floor glass wall, smashed it, and grabbed 5 or 6 desktop computers that they carried across the lawn, put in their vehicle, and drove away. From start to finish, it took perhaps 90 seconds. As it turns out, the particular office they broke into housed a public education office so they got nice computers but no data. Since then, we've instituted roving security guard patrols 24/7/365.
Like I've said in other posts, we're not perfect. Just pretty darn good, IMO.
Thanks, but I wasn't really trying to convince anyone. I was just pointing out that reasonable steps could be taken to guard against obvious attacks.
An apology - I'm sorry that I can't explain exactly how security is set up to isolate a single machine that gets rooted. Going into that much depth in a public forum is, itself, a violation of our security. Suffice it to say that this isn't the sort of scenario that causes me to lose sleep.
Confession 1 - The "caught in 5 minutes" thing was a fluke. Security admitted as much. Most machines get scanned only every few days. This guy just happened to plug in his USB stick right before his scan started.
Confession 2 - Pen testing has been done against us and we've failed. Not in any big ways, but we've had people hand over their passwords. We've had a couple of cases where physical access was gained. When this testing was done, though, the investigators had access to sufficient knowledge of our SOPs and culture that they were able to pull off things that no one who isn't already an employee could accomplish. The only really disturbing tests that I've heard of have been a few cases where an investigator entered an office (they had their badge to get in the building and an access card to get through doors), got to the cube farm, took off his badge, and proceeded to walk around for a half-hour without being challenged. That's an embarrassing failure but it's happened at least a couple of times.
The theme here is that getting in isn't a piece of cake. Once in, the chance of discovery is high. If you're not discovered, you probably can't steal the data. If you're an employee who can steal the data, our monitoring will probably catch you and you won't like the result.
I observed some of the online discussion in the LE and forensics community of this when it was just a bill. I got the impression that it can help in some ways. Imagine this scenario: Divorce gets nasty, so wife nabs hubby's computer and takes it to someone for analysis. Then they go to court. Hubby says "That's not my porn/affair/evidence of financial misdeeds/whatever. The person who extracted the info is not trustworthy and it's all planted evidence." Wife says "Yes, they are trustworthy and here's why." Now the judge is stuck not just deciding if the evidence bears on the case but if the evidence is even real.
LEOs probably don't care much about that scenario. The problem, however, is when that scenario turns up evidence of something seriously illegal. Who's to say the child porn found on the machine was put there by who? The chain of evidence is seriously screwed up. If the techs doing the investigating were licensed, we could expect they would have a reasonable appreciation of the need to stop, preserve, and call law enforcement, thus not endangering prosecution.
I wouldn't put a lot of stock in that scenario if I hadn't encountered it myself. Many years ago I had a friend ask me to investigate what was on a computer belonging to her son. I found that he and his teenage friends were making and trading porn of themselves - alone, in couples, and in groups. These were just high school kids acting stupid; the revelation of this information would have unnecessarily ruined lives. I told the mom that the machine was so virus-infested it needed to be wiped. I saved his homework folder, did a DOD-spec wipe of the drive, reinstalled Windows, and told her I couldn't do her any more favors regarding her son's computer. This was years ago; everyone involved then is now an adult. No evidence has existed for years. (And if any LE reading this is interested at this late date, be advised that this was just a fictional story concocted to illustrate a point.)
Now, the LEO perspective on that incident would be different. If I had been a licensed PI, I would have been trained to preserve the evidence or at least stop and not screw it up. I would have been obligated to report it to LE. From the state's perspective, that would have been the right thing to do. This new law will force that to happen in some cases. Frankly, I'm not sure that's a good thing.
Run of the mill repair shops can probably avoid hassles by just having their customers sign an agreement that no work being done is investigatory in nature or will be used in any official venue, that any information provided is intended for maintenance purposes only. Then if the person with the computer wants to use the information in court, they are the ones who are responsible for it not being admissible because they knew they were getting it from a source that couldn't bring it to court.
Computer investigators with contracts to divorce lawyers can expect a windfall. "No, ma'am, you can't take the computer to your friend to see if there's any evidence on it. You'll have to use my licensed investigator; state law says you have to if we're going to be able to take the findings to court. Of course, he's pretty expensive but we'll just squeeze your soon-to-be-ex for a few more thousands to pay for it."
Please follow the links and see that the summary is wrong. The new law requires a PI license if you act as a private security consultant company (which can be an individual).
The relevant qualification for the Slashdot crowd are that you must
engage... in the business of securing, or accepts employment to secure, evidence for use before a court, board, officer, or investigating committee;
and do so by
furnishing information... obtained or furnished through the review and analysis of, and the investigation into the content of, computer-based data not available to the public.
IOW, you can't take into divorce court the notion that your spouse was having a cyber-affair based on having your computer looked at by the kid down the block. This doesn't appear to have much effect on most repair shops.
The text is here. Read it. The word "computer" appears in the text just once, so grep for the relevant part.
I take your post as humor and appreciate it. One serious note, though - our security has many layers and it is a violation of that security to make publicly available any information in sufficient depth and detail and sufficiently accurate as to enable someone to defeat that security.
I painted in rather broad strokes and some of the colors are a little off. Please don't consider it a blueprint. You'd be quite disappointed.
I say bureaucratic. They aren't the same thing. From the outside, they look the same until you understand the need for both control mechanisms and continuity of service in the public sector. Those things completely trump efficiency so, to someone who doesn't understand why things are the way they are, government generally seems so inefficient as to be incompetent. It just goes with the territory.
As for your assertion that there must be a way to penetrate our security, I'm sure you're right. No system is perfect.
Slashdot Mirror
For whatever reason, there are times when people pay cash and have no desire to reveal who they are to the folks with whom they are doing business. (I used to relish, back in the day, going to Radio Shack and refusing to give them my zip or other information as long as I was paying cash. They thought I was weird. I thought being forced to identify myself to buy batteries was just too stupid to put up with.)
So is there any way to anonymously pay for things online? I can think of only one: buy a pre-paid credit card for cash and use it online. Non-reloadable gift cards can be purchased for cash and activated for use online under any name you can think up; there's no verification.
However, that method is inconvenient. Do the slashdot hordes know of a better, easier way that remains anonymous?
I suppose no one alive is old enough to remember first-hand, but I hold out some hope that, someday, someone will do a Batman movie that embraces the original notion of vigilante instead of the more modern notion of super-detective. Back when he was new and carried sidearms, he never hesitated to use them. He and Robin tossed many a crook off tall buildings. Why couldn't that character be brought back? Because Frank Miller didn't do it first?
I don't buy it. A modern-day vigilante should kill people. That just seems so obvious to me.
According to what I've read and seen, the bike was a total bitch. Yes, the design actually worked. Sort of. And they had to have that design so that it could look like it ejected from the Batmobile/Tumbler.
Apparently, though, the design was so unstable that none of the stunt riders could stay upright on the thing for more than a few seconds at a time. The takes you see in the final film are some of the longer successes at riding the bike and they had to be done slowly or not at all.
Anybody got any good links that discuss this? I'm actually pretty fascinated by that bike.
For years, I tried to explain to people that the novels, Return, that made these new movies possible was what should be put on film. Jack Palance should not have been a villian; he should have played Batman. Of course, doing so in a successful movie would require that the public know the background of the character, something Miller's book could assume but that would be quite erroneous in the real world.
After seeing TDK at a 6:15AM IMAX screening yesterday, I'm again pondering the same sort of thing. This time, though, with the background of BB and TDK in the public consciousness, I can fantasize that it might be do-able.
TDK jumped ahead a year. For the next movie, jump ahead a quarter-century. Bring the Batguy out of the shadows one last time and get him killed while, amidst the absolutely destroyed background of a failed Gotham, we find our hearts touched by the notion of children rising up, growing up to build a better world from the debris their foolish, selfish elders left to them. I would pay money to see that. I'd buy the boxed trilogy. And if they were done right, I'd say that the Batman movies were then, at least until sometime after I've shuffled off this mortal coil, done.
So where are we going to find a Jack Palance these days?
IF the people doing this are right and there's lots of CP on usenet,
IF the people doing this are right and there's lots of web sites with CP,
IF the CMEC does a good job of finding all the sites and groups,
IF all the major ISPs actually wind up blocking the resources used to obtain CP,
THEN...
Will we finally get enough Freenet nodes online for the network to become usably fast?
Naw. I didn't think so either.
I do both, just like most guys. BUT - I know I'd grudgingly just watch porn and never again touch a woman if fucking women was illegal and could get me thrown in the pen for the rest of my life.
Isn't that actually the choice that pedophiles face?
Actually, come to think of it, if that was my choice I'd probably just kill myself. Life wouldn't be worth living.
I guess it's no wonder that most pedophiles are supposed to suffer from depression.
I'd pay money for a copy of the Phil Donahue Show episode where one of their reps said that 50,000 children a year go missing in the U.S. That's an exaggeration of, quite literally, three orders of magnitude.
Your observation is reasonable.
However, various courts (look up "Dost factors" and related case law) have decided to include "lascivious exhibition" of the genitals or genital area as a "sexually explicit conduct." Further, courts have decided that any exhibition can be lascivious, even if the child is fully clothed. Still further, courts have decided that any photograph of any activity can be considered a lascivious exhibition and therefore sexually explicit conduct if it arouses the viewer inappropriately. Given evidence of the state of mind of the possessor, any picture can put you in jail. If, for example, you have previously been convicted of child molestation (thus proving your state of mind and your reaction to children), then simply possessing the newspaper department store ad showing tweens in bikinis would be enough to garner you a conviction for possession of child porn.
So, the GP is wrong. It's not just that naked pictures create an assumption of guilt; there's more to it than that. What I find scary is that, under the right circumstances, literally any picture of a child can be found by our (U.S.) courts to be child pornography.
Hell, there have been CP prosecutions for making videos with adults who look young and for cartoons. I don't know why I'm surprised at this crap any more.
The problem with that statement is that it is rational. The currently fashionable thinking on the subject, irrational though it may be, is that anyone who views the pictures, anywhere in the world, at any time, with or without the knowledge of the child, is actually committing abuse on that child again every time they view the pictures.
That means that if pictures of a child being molested get into general circulation in that community, then that kid is being raped thousands of times a day, constantly, all day long. *Any* price is reasonable to pay to reduce the number of times the child is raped daily.
It's only when you wrap your head around that notion that you can understand the strident anti-child-porn folks who seem so completely fixated on hunting down pedos and don't seem to give a damn about the kids except to pay lip service to their plight and to pat themselves on the back every time they "catch a predator."
The pass rate is not terribly important. There will always be enough women testing clean to fulfill the demand. Those places in the U.S. where prostitution is legal have managed to set up reasonable and workable testing protocols and the brothels do not go without personnel.
The similarity, conceptually, between NADA and Freenet is quite interesting.
Insightful(if blindingly obvious) stuff in the message just above.
I not only knew what you were tallking about but passed over it and started reading the next comment without a stutter. A few seconds passed. Then I cringed and wondered "What have I become?"
Thanks a lot for shaking me to the core. Nice way to start the day. :-(
All those university students who have done photo projects with them and all those (admittedly often faux-) serious artists who use them might take issue with you. But, if you insist, take a step up in price to this camera and experience a consumer/student grade medium format camera that's really quite rewarding and definitely not a toy.
Or do you insist that "consumer-grade" must necessarily employ useless bells and whistles and silly flashing lights? If so...never mind.
Uh, ... today?
I wouldn't go that far but I do believe that certain experiences make us better people. There are some basics to life that shouldn't be skipped. If you eat, it's important to understand that something had to die so that you could live. If you're a vegetarian, growing some of your own food can give you an appreciation of the cycle of things, how dung and dirt and seeds can become the sustenance for your body. If you eat meat, actually taking a life is an educational moment like almost no other, a time when you discover, for real, not via a computer simulation but with blood on your hands, that other beings must die so that we can live.
There's individual, spiritual power and wisdom in knowing those things, really *knowing* them by experience rather than making do with the pale reflection of reality provided by a book or a digital simulation.
This is a big subject, though, and I can't do it justice in a short comment. I strongly recommend "Meditations on Hunting" by José Ortega y Gasset.
It's just a link to a joke site. Why someone modded it insightful, I can't figure.
I think you're straining too far to define the "security or loss prevention industry" as applying to routine computer work. The modifications to the statute are clearly intended to add a requirement for licensing for people who do computer forensics work. That is an addition of one particular type of work to the umbrella of "security or loss prevention industry." To then jump to a different section and apply a non-traditional (in this context, and in the context of previous application of the instant statute) meaning to an isolated use of the word "security" is, imo, clearly not the purpose of the changes, not supported by a "plain english" reading, and not supported by the legislative history.
Nevertheless, you have a point. A pedantic asshole of a prosecutor could deliberately take this now-awkward phrasing and turn it into a club to use against the Geek Squad drone who killed his laptop. Absent some such odd motivation, however, I can't see such a thing happening. Even if it did happen, I doubt the prosecution could prevail. Still, I guess it's nice that someone has already filed suit to settle these questions; odd things happen in courts.
Good point. Our contract cleaning crews are required to go through higher-security areas during the day, when the employees are around and can watch them. They are allowed to clean the normal office spaces after hours, but there is virtually never any information left out in breach of the clean desk policy. All paper with sensitive information is locked up. If you don't, one of the after-hours security audits will catch you, a big orange ticket on your desk greets you the next morning, and you have to go begging to your manager to get your files back. We have plenty of *really* messy desks here, but nobody leaves data lying about.
That doesn't mean the cleaning crew can't get to it. They just have to be willing to break into (stronger than average) cabinets, know which drawers to break, know which folders to take, etc. That's a lot of risk for little potential reward and I don't know of anyone who has gone down that path. Cleaning crew misdeeds, in my experience, have been limited to pilfering small items.
But I take your point that there are always "out of the blue" attack vectors.
The only potentially serious data loss we've had in my office involved on of these, even though we didn't actually lose any data. In the middle of the night, someone stopped on the main road next to the office, blocking a lane of traffic. They then walked to the nearest first floor glass wall, smashed it, and grabbed 5 or 6 desktop computers that they carried across the lawn, put in their vehicle, and drove away. From start to finish, it took perhaps 90 seconds. As it turns out, the particular office they broke into housed a public education office so they got nice computers but no data. Since then, we've instituted roving security guard patrols 24/7/365.
Like I've said in other posts, we're not perfect. Just pretty darn good, IMO.
Not at all. See my previous post on that subject.
Thanks, but I wasn't really trying to convince anyone. I was just pointing out that reasonable steps could be taken to guard against obvious attacks.
An apology - I'm sorry that I can't explain exactly how security is set up to isolate a single machine that gets rooted. Going into that much depth in a public forum is, itself, a violation of our security. Suffice it to say that this isn't the sort of scenario that causes me to lose sleep.
Confession 1 - The "caught in 5 minutes" thing was a fluke. Security admitted as much. Most machines get scanned only every few days. This guy just happened to plug in his USB stick right before his scan started.
Confession 2 - Pen testing has been done against us and we've failed. Not in any big ways, but we've had people hand over their passwords. We've had a couple of cases where physical access was gained. When this testing was done, though, the investigators had access to sufficient knowledge of our SOPs and culture that they were able to pull off things that no one who isn't already an employee could accomplish. The only really disturbing tests that I've heard of have been a few cases where an investigator entered an office (they had their badge to get in the building and an access card to get through doors), got to the cube farm, took off his badge, and proceeded to walk around for a half-hour without being challenged. That's an embarrassing failure but it's happened at least a couple of times.
The theme here is that getting in isn't a piece of cake. Once in, the chance of discovery is high. If you're not discovered, you probably can't steal the data. If you're an employee who can steal the data, our monitoring will probably catch you and you won't like the result.
Many layers. One of them should do the trick.
I observed some of the online discussion in the LE and forensics community of this when it was just a bill. I got the impression that it can help in some ways. Imagine this scenario: Divorce gets nasty, so wife nabs hubby's computer and takes it to someone for analysis. Then they go to court. Hubby says "That's not my porn/affair/evidence of financial misdeeds/whatever. The person who extracted the info is not trustworthy and it's all planted evidence." Wife says "Yes, they are trustworthy and here's why." Now the judge is stuck not just deciding if the evidence bears on the case but if the evidence is even real.
LEOs probably don't care much about that scenario. The problem, however, is when that scenario turns up evidence of something seriously illegal. Who's to say the child porn found on the machine was put there by who? The chain of evidence is seriously screwed up. If the techs doing the investigating were licensed, we could expect they would have a reasonable appreciation of the need to stop, preserve, and call law enforcement, thus not endangering prosecution.
I wouldn't put a lot of stock in that scenario if I hadn't encountered it myself. Many years ago I had a friend ask me to investigate what was on a computer belonging to her son. I found that he and his teenage friends were making and trading porn of themselves - alone, in couples, and in groups. These were just high school kids acting stupid; the revelation of this information would have unnecessarily ruined lives. I told the mom that the machine was so virus-infested it needed to be wiped. I saved his homework folder, did a DOD-spec wipe of the drive, reinstalled Windows, and told her I couldn't do her any more favors regarding her son's computer. This was years ago; everyone involved then is now an adult. No evidence has existed for years. (And if any LE reading this is interested at this late date, be advised that this was just a fictional story concocted to illustrate a point.)
Now, the LEO perspective on that incident would be different. If I had been a licensed PI, I would have been trained to preserve the evidence or at least stop and not screw it up. I would have been obligated to report it to LE. From the state's perspective, that would have been the right thing to do. This new law will force that to happen in some cases. Frankly, I'm not sure that's a good thing.
Run of the mill repair shops can probably avoid hassles by just having their customers sign an agreement that no work being done is investigatory in nature or will be used in any official venue, that any information provided is intended for maintenance purposes only. Then if the person with the computer wants to use the information in court, they are the ones who are responsible for it not being admissible because they knew they were getting it from a source that couldn't bring it to court.
Computer investigators with contracts to divorce lawyers can expect a windfall. "No, ma'am, you can't take the computer to your friend to see if there's any evidence on it. You'll have to use my licensed investigator; state law says you have to if we're going to be able to take the findings to court. Of course, he's pretty expensive but we'll just squeeze your soon-to-be-ex for a few more thousands to pay for it."
Please follow the links and see that the summary is wrong. The new law requires a PI license if you act as a private security consultant company (which can be an individual).
The relevant qualification for the Slashdot crowd are that you must
and do so by
IOW, you can't take into divorce court the notion that your spouse was having a cyber-affair based on having your computer looked at by the kid down the block. This doesn't appear to have much effect on most repair shops.
The text is here. Read it. The word "computer" appears in the text just once, so grep for the relevant part.
I take your post as humor and appreciate it. One serious note, though - our security has many layers and it is a violation of that security to make publicly available any information in sufficient depth and detail and sufficiently accurate as to enable someone to defeat that security.
I painted in rather broad strokes and some of the colors are a little off. Please don't consider it a blueprint. You'd be quite disappointed.
I say bureaucratic. They aren't the same thing. From the outside, they look the same until you understand the need for both control mechanisms and continuity of service in the public sector. Those things completely trump efficiency so, to someone who doesn't understand why things are the way they are, government generally seems so inefficient as to be incompetent. It just goes with the territory.
As for your assertion that there must be a way to penetrate our security, I'm sure you're right. No system is perfect.