±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 2 Overall: 35989
New Yesterday: 3 Visitors: 165

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

CSO: How to Protect Your Privacy from Computer Forensics

Computer forensics discussion. Please ensure that your post is not better suited to one of the forums below (if it is, please post it there instead!)
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page 1, 2  Next 
  

seanmcl
Senior Member
 

CSO: How to Protect Your Privacy from Computer Forensics

Post Posted: Jan 07, 10 21:51

 
  

kovar
Senior Member
 

Re: CSO: How to Protect Your Privacy from Computer Forensics

Post Posted: Jan 07, 10 22:52

Greetings,

The author is a corporate investigations manager. I wonder what his position would be if all the employees where he worked used these tools?

An enormous amount of sensitive data certainly does end up on eBay, craigslist, and the like, but a corporation could take care of that by ensuring that drives are wiped or destroyed prior to sending them out for recycling.

-David
_________________
CISSP, CCE, EnCE, Licensed Private Investigator (CA) 
 
  

Beetle
Senior Member
 

Re: CSO: How to Protect Your Privacy from Computer Forensics

Post Posted: Jan 08, 10 00:11

- kovar
Greetings,

The author is a corporate investigations manager. I wonder what his position would be if all the employees where he worked used these tools?

An enormous amount of sensitive data certainly does end up on eBay, craigslist, and the like, but a corporation could take care of that by ensuring that drives are wiped or destroyed prior to sending them out for recycling.

-David


I wonder if he has talked to his (if he has one) CSO about this. How would they ever be able to detect who made their IP "walk out the door". Rolling Eyes  
 
  

jhup
Senior Member
 

Re: CSO: How to Protect Your Privacy from Computer Forensics

Post Posted: Jan 09, 10 04:15

Eh, nothing in there is news. CCleaner, Eraser and BootNuke are ancient, fossilized news.

In my experience, most just try to e-mail the IP to their gmail or Y! account from the corporate mail system. It leaves prints the size of a mammoth on about a dozen other systems, besides the employee's machine.

I think the author just needed a few more "wrote articles for ..." on his CV.  
 
  

keydet89
Senior Member
 

Re: CSO: How to Protect Your Privacy from Computer Forensics

Post Posted: Jan 09, 10 04:39

I agree with jhup...I mean, really, XP has it's own built-in anti-forensics features and I don't see anyone up in arms about that. There's always someplace else to look, and if you've looked in all those places and there's no data...then that's your answer. Besides, in a corporate environment, shouldn't there be tighter controls on what user's can access?  
 
  

Beetle
Senior Member
 

Re: CSO: How to Protect Your Privacy from Computer Forensics

Post Posted: Jan 09, 10 04:49

That's what I was getting at. I was trying to be 'ironic'. Frankly I am surprised at an article like that showing up in CSO, it practically condones circumventing any efforts to detect policy violations or misuse. If your systems are so loosely configured so someone can install or run executables at their whim...

On our 'corporate' platform unless you are in the admin group you can't install or run any non-platform software. Our system is also configured that only certain users can access the 'net and even then the proxy will block access to web-based email, streaming video, internet telephony, etc.

It is so tight I once tried to access Dartmouth University for a Word file that had a single instance of the word 'hacking' in it -- blocked.

For those who may be interested our proxy servers run Websense.  
 
  

jelle
Senior Member
 

Re: CSO: How to Protect Your Privacy from Computer Forensics

Post Posted: Jan 10, 10 18:34

I still keep trying to convince every crime TV series writer not to include the part about where they use fingerprints to catch the bad guy... What if the criminals find out that that's one of the ways we can catch them...?!

No, on a serious note and without wanting to sound too cynical or ironical here: I'm not that worried about any negative effects of his knowledge sharing.

These are great tips for people who want to sell or dump their old computer (not necessarily companies, but also just people wanting to get rid of their home PC) - and as jhup already states: not real news, these tools have been around for a while. I also have the impression that his intended target audience is this average home user afraid of unintentionally leaking personal data (not really sure why it would have to be published at a 'CSO' website then though).

People who really want to hide something would need to use more advanced tricks to completely erase all traces on all possible systems (and in reality almost always make a mistake or simply don't even use these tools (hey, we still catch criminals by using fingerprints, even though you can buy gloves for a couple of dollars and the use of fingerprints is more or less common knowledge)).

As keydet89 already says: especially in a corporate environment, you don't get away with just running cccleaner - there are a lot more places to find possibly relevant data.

And to come back to the fingerprints example: trying to hide our knowledge is just a poor effort of 'security by obscurity' - IMHO we won't prevent any crimes by doing that.  
 

Page 1 of 2
Page 1, 2  Next