funsec mailing list archives
RE: guilty until proven innocent?
From: Blanchard_Michael () emc com
Date: Tue, 24 Jan 2006 10:49:23 -0500
are we all missing something? The school is running Web blocking software, lets assume that someone manages this product and they are blocking all the "naughty" sites students aren't supposed to go to. With this being the case, any site he can get to is fair game for him to view, because all the "bad" sites are being blocked by this software. He could have gone to that site simply to say, "Hmmmm, this site isn't being blocked...". I myself se no problem with him seeing how to build a bomb. The Encyclopedia Britannica has diagrams on how to build a nuclear bomb, so what? It's interesting reading if you ask me :-) Information isn't harmful.... Just because he read how to make a bomb, doesn't mean he's going to go out and create one and blow up the world. Heck, most of us have studied many different kinds of viruses/worms/torjans... How many of us have actually created one? Close to none of us I would say... Of course, with that said, he could be lying through his teeth about never using IE.... :-) Mike b Michael P. Blanchard Antivirus / Security Engineer, CISSP, GCIH, MCSE, MCP+I Office of Information Security & Risk Management EMC ² Corporation 4400 Computer Dr. Westboro, MA 01580 email: Blanchard_Michael () EMC COM -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Mary Landesman Sent: Monday, January 23, 2006 12:41 PM To: FunSec [List] Subject: Re: [funsec] guilty until proven innocent? It's true that Blogger composing can't be done on Safari - it's why I wondered in the first place.
but _at home_ he may generally prefer Firefox _on his Windows machine
In another post 'Josh' says he has no computer access outside of school. And he says he disabled mail-to-blog posting. A number of his blog posts are during the week, during normal school hours, and not on a date you would expect there to be a school holiday - including his senior picture post which he says he scanned at school (and the post date/time is during school hours). It also appears that he is using his local time zone, vs. GMT, so it's not an error being introduced that way. So on the surface it appears that at least some of the time he is composing at school. Using 'something' other than Safari. FWIW, blogger authoring can be done on Firefox, Mozilla, and Netscape - so it doesn't HAVE to be IE. Just not Safari or AOL. It seems to me that if he were a Firefox and Safari user, he would create a template that played nicely with those browsers. Instead, it is "Designed on and best viewed with Microsoft Internet Explorer 6." All of which leads me to think he quite possibly IS using IE, and almost certainly at school, at least part of the time. Of course, even if he is using IE at school, it doesn't mean he is looking at ways to blow up his classmates. But it also seems to me that if the school is bothering to use screencapturing monitoring to spy on their students, they can correlate those captures with the user logged in. I also don't think that just because he viewed a website that pertained to the subject (abhorrent and appalling as it is), that it's necessarily a sign of any guilt. He could have landed there accidentally after clicking a link in a search engine, realized what it was, and backed out immediately. So I in no way mean to imply I think this kid is brewing bombs. But I do doubt his claim that he never uses IE in school. And if that should turn out to be a lie, then I start doubting more of his story. -- Mary ----- Original Message ----- From: "Nick FitzGerald" <nick () virus-l demon co uk> To: "FunSec [List]" <funsec () linuxbox org> Sent: Monday, January 23, 2006 5:51 AM Subject: Re: [funsec] guilty until proven innocent? Mary Landesman wrote:
Hmm... well, a real quick look shows one little wrinkle in his story: Josh claims: "This is a screenshot from Internet Explorer. I never use Internet Explorer; I use Safari." His website says: "Designed on and best viewed with Microsoft Internet Explorer 6." So you might think it's because he uses a stylesheet from someone else.
But
no, according to the source: ------------------------------------------- Blogger Template Style Name: Christmas (v J.1.0090) Designer: Josh Clark [jgclark123(at)gmail(dot)com] URL: http://jgclark123.blogspot.com Date: 23 Dec 2005 ------------------------------------------- So, at least as of 23 Dec 2005, Josh not only used Internet Explorer, he apparently could only design for it as well.
I noticed that too, but... We know nothing about Josh's _home_ computing environment. We do know that _at aschool_, _on the Macs_ he claims to only use Safari (which is quite plausible, at least assuming he does not also have Firefox as an option...), but _at home_ he may generally prefer Firefox _on his Windows machine_ (for much the same reasons he claims to prefer Safari over IE on the Macs at school) _BUT_ perhaps he "must" use IE for his blog-authoring? A quite conceivable _and consistent with what we can assume we know_ position _that is not contradictory of anything claimed by Josh_ is quite possible... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: guilty until proven innocent?, (continued)
- Re: guilty until proven innocent? Austin (Jan 24)
- Re: guilty until proven innocent? Dude VanWinkle (Jan 27)
- RE: guilty until proven innocent? Gary Funck (Jan 28)
- RE: guilty until proven innocent? Larry Seltzer (Jan 28)
- RE: guilty until proven innocent? Nick FitzGerald (Jan 29)
- Re: guilty until proven innocent? David Lodge (Jan 28)
- RE: guilty until proven innocent? Nick FitzGerald (Jan 28)
- RE: guilty until proven innocent? Nick FitzGerald (Jan 24)
- Re: guilty until proven innocent? Mary Landesman (Jan 23)