Re: guilty until proven innocent?

["Mary Landesman" <mlande () bellsouth net>]

It's true that Blogger composing can't be done on Safari - it's why I
wondered in the first place.

> but _at home_ he may generally prefer
> Firefox _on his Windows machine

In another post 'Josh' says he has no computer access outside of school. And
he says he disabled mail-to-blog posting. A number of his blog posts are
during the week, during normal school hours, and not on a date you would
expect there to be a school holiday - including his senior picture post
which he says he scanned at school (and the post date/time is during school
hours). It also appears that he is using his local time zone, vs. GMT, so
it's not an error being introduced that way.

So on the surface it appears that at least some of the time he is composing
at school. Using 'something' other than Safari.

FWIW, blogger authoring can be done on Firefox, Mozilla, and Netscape - so
it doesn't HAVE to be IE. Just not Safari or AOL. It seems to me that if he
were a Firefox and Safari user, he would create a template that played
nicely with those browsers. Instead, it is "Designed on and best viewed with
Microsoft Internet Explorer 6." All of which leads me to think he quite
possibly IS using IE, and almost certainly at school, at least part of the
time.

Of course, even if he is using IE at school, it doesn't mean he is looking
at ways to blow up his classmates. But it also seems to me that if the
school is bothering to use screencapturing monitoring to spy on their
students, they can correlate those captures with the user logged in.

I also don't think that just because he viewed a website that pertained to
the subject (abhorrent and appalling as it is), that it's necessarily a sign
of any guilt. He could have landed there accidentally after clicking a link
in a search engine, realized what it was, and backed out immediately.

So I in no way mean to imply I think this kid is brewing bombs.

But I do doubt his claim that he never uses IE in school. And if that should
turn out to be a lie, then I start doubting more of his story.

-- Mary


----- Original Message ----- 
From: "Nick FitzGerald" <nick () virus-l demon co uk>
To: "FunSec [List]" <funsec () linuxbox org>
Sent: Monday, January 23, 2006 5:51 AM
Subject: Re: [funsec] guilty until proven innocent?


Mary Landesman wrote:

> Hmm... well, a real quick look shows one little wrinkle in his story:
>
> Josh claims: "This is a screenshot from Internet Explorer.  I never use
> Internet Explorer; I use Safari."
>
> His website says: "Designed on and best viewed with Microsoft Internet
> Explorer 6."
>
> So you might think it's because he uses a stylesheet from someone else.
But
> no, according to the source:
> -------------------------------------------
> Blogger Template Style
> Name:     Christmas (v J.1.0090)
> Designer: Josh Clark [jgclark123(at)gmail(dot)com]
> URL:      http://jgclark123.blogspot.com
> Date:     23 Dec 2005
> -------------------------------------------
>
> So, at least as of 23 Dec 2005, Josh not only used Internet Explorer, he
> apparently could only design for it as well.

I noticed that too, but...

We know nothing about Josh's _home_ computing environment.

We do know that _at aschool_, _on the Macs_ he claims to only use
Safari (which is quite plausible, at least assuming he does not also
have Firefox as an option...), but _at home_ he may generally prefer
Firefox _on his Windows machine_ (for much the same reasons he claims
to prefer Safari over IE on the Macs at school) _BUT_ perhaps he "must"
use IE for his blog-authoring?

A quite conceivable _and consistent with what we can assume we know_
position _that is not contradictory of anything claimed by Josh_ is
quite possible...


Regards,

Nick FitzGerald

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.