Full Disclosure mailing list archives
Re: Operation Site-Key computer forensic searches ruled illegal
From: "J.A. Terranson" <measl () mfn org>
Date: Tue, 9 Aug 2005 23:45:19 -0500 (CDT)
On Tue, 9 Aug 2005, Jason Coombs wrote:
I worked as an expert witness on behalf of the defense in a case brought before a military court martial under UCMJ where the defendant's name and credit card number was found in the site-key database. A computer forensic examination of the defendant's Windows computer revealed the presence of a Trojan and a keylogger that would have enabled a third-party intruder to intercept the defendant's credit card number and use it to purchase child pornography from a Web site that processed credit card payments using the site-key service.
As Jason is aware, I work for the #1 forensics house in the midwest, and we also have some interesting anectdotal information that's likely of interest here. Jason pointed out that machines are often full of spyware and back doors (all too true), but missed what is becoming a more and more common side effect of this: we are seeing defendants being pulled out of the fire by these surrepticiously installed keyloggers! More than once I have been able to show that significant child pornography cases were in fact completely the work of outside intruders who had compromised the system, used it for distribution of materials without the owners knowledge or consent, and been able to refer to these trojans for the proof: they logged it all! Digital Forensics is still an emerging industry, and one with no [direct] regulation in most jurisdictions. Any issue which is rooted in this new engineering/legal practiced will be a long tim awaiting foundational case law to guide our newly exposed judges. -- Yours, J.A. Terranson, CISM Sr. Forensic Investigator United Forensics Corp. alif () unitedforensics com www.unitedforensics.com I like the idea of belief in drug-prohibition as a religion in that it is a strongly held belief based on grossly insufficient evidence and bolstered by faith born of intuitions flowing from the very beliefs they are intended to support. don zweig, M.D. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Operation Site-Key computer forensic searches ruled illegal Jason Coombs (Aug 09)
- Re: Operation Site-Key computer forensic searches ruled illegal J.A. Terranson (Aug 09)
- <Possible follow-ups>
- Re: Operation Site-Key computer forensic searches ruled illegal Jason Coombs (Aug 10)