Notifications
Clear all

Slash dot thread

7 Posts
6 Users
0 Likes
656 Views
 Andy
(@andy)
Posts: 357
Reputable Member
Topic starter
 

Here is an interesting thread I've picked bouncing around some of the other boards. The members of /. have some strong (laughable) views about FC and LE….

http//yro.slashdot.org/article.pl?sid=05/09/01/1958220&threshold=-1&am%20p;tid=95%20&tid=17

Andy

 
Posted : 04/09/2005 3:58 pm
psu89
(@psu89)
Posts: 118
Estimable Member
 

I may be misunderstanding your post, but is it not true that

"browsers such as Firefox and Opera impede law enforcement and investigation efforts because they "use different structures, files and naming conventions for the data that investigators are after", which can "cause trouble for examiners"
?

Brian

 
Posted : 09/09/2005 6:00 am
hogfly
(@hogfly)
Posts: 287
Reputable Member
 

Anything written on slashdot has to be taken with a grain..er bottle of salt.

If someone gets tripped up by alternate browsers, then they probably shouldn't be investigating that case.

 
Posted : 09/09/2005 6:10 am
psu89
(@psu89)
Posts: 118
Estimable Member
 

What about this link on Forensic Focus Home page?

http//news.com.com/Alternative+browsers+pose+challenge+for+cybersleuths/2100-7348_3-5845409.html

I guess it's all in how you define the word impede.

 
Posted : 09/09/2005 6:15 am
keydet89
(@keydet89)
Posts: 3568
Famed Member
 

Interesting. The article, though titled in a way that initially causes concern, goes on to say that the problem has essentially been solved.

Now, we'd really be in trouble if one of the bad guys wrote his own browser…one that didn't save settings or cache or anything else.

H. Carvey
"Windows Forensics and Incident Recovery"
http//www.windows-ir.com
http//windowsir.blogspot.com

 
Posted : 09/09/2005 7:17 am
(@fatrabbit)
Posts: 132
Estimable Member
 

If an investigation happened to be thwarted and the investigator found themselves not to be up to the job technically because the suspect used Firefox and Thunderbird then I would have serious doubts as to the competence of that investigator. As Harlan points out there is potential for a more serious anti-forensic threat than just open source alternatives.

 
Posted : 09/09/2005 1:06 pm
(@nbeattie)
Posts: 26
Eminent Member
 

Now, we'd really be in trouble if one of the bad guys wrote his own browser…one that didn't save settings or cache or anything else.

I have started booting into Helix and using the included browsers when accessing certain sites.

I wonder how many other people may be doing this type of thing as it would leave no trail.

I haven't had time to look at BartPE bootable Windows - is IE or other browsers included ?

 
Posted : 09/09/2005 1:47 pm
Share: