Join Us!

Notifications
Clear all

Slash dot thread  

  RSS
Andy
 Andy
(@andy)
Active Member

Here is an interesting thread I've picked bouncing around some of the other boards. The members of /. have some strong (laughable) views about FC and LE….

http//yro.slashdot.org/article.pl?sid=05/09/01/1958220&threshold=-1&am%20p;tid=95%20&tid=17

Andy

Quote
Posted : 04/09/2005 4:58 pm
psu89
(@psu89)
Active Member

I may be misunderstanding your post, but is it not true that

"browsers such as Firefox and Opera impede law enforcement and investigation efforts because they "use different structures, files and naming conventions for the data that investigators are after", which can "cause trouble for examiners"
?

Brian

ReplyQuote
Posted : 09/09/2005 7:00 am
hogfly
(@hogfly)
Active Member

Anything written on slashdot has to be taken with a grain..er bottle of salt.

If someone gets tripped up by alternate browsers, then they probably shouldn't be investigating that case.

ReplyQuote
Posted : 09/09/2005 7:10 am
psu89
(@psu89)
Active Member

What about this link on Forensic Focus Home page?

http//news.com.com/Alternative+browsers+pose+challenge+for+cybersleuths/2100-7348_3-5845409.html

I guess it's all in how you define the word impede.

ReplyQuote
Posted : 09/09/2005 7:15 am
keydet89
(@keydet89)
Community Legend

Interesting. The article, though titled in a way that initially causes concern, goes on to say that the problem has essentially been solved.

Now, we'd really be in trouble if one of the bad guys wrote his own browser…one that didn't save settings or cache or anything else.

H. Carvey
"Windows Forensics and Incident Recovery"
http//www.windows-ir.com
http//windowsir.blogspot.com

ReplyQuote
Posted : 09/09/2005 8:17 am
fatrabbit
(@fatrabbit)
Active Member

If an investigation happened to be thwarted and the investigator found themselves not to be up to the job technically because the suspect used Firefox and Thunderbird then I would have serious doubts as to the competence of that investigator. As Harlan points out there is potential for a more serious anti-forensic threat than just open source alternatives.

ReplyQuote
Posted : 09/09/2005 2:06 pm
nbeattie
(@nbeattie)
Junior Member

Now, we'd really be in trouble if one of the bad guys wrote his own browser…one that didn't save settings or cache or anything else.

I have started booting into Helix and using the included browsers when accessing certain sites.

I wonder how many other people may be doing this type of thing as it would leave no trail.

I haven't had time to look at BartPE bootable Windows - is IE or other browsers included ?

ReplyQuote
Posted : 09/09/2005 2:47 pm
Share: