On Tue, 9 Aug 2005, Jason Coombs wrote: > I worked as an expert witness on behalf of the defense in a case brought > before a military court martial under UCMJ where the defendant's name > and credit card number was found in the site-key database. > > A computer forensic examination of the defendant's Windows computer > revealed the presence of a Trojan and a keylogger that would have > enabled a third-party intruder to intercept the defendant's credit card > number and use it to purchase child pornography from a Web site that > processed credit card payments using the site-key service.
As Jason is aware, I work for the #1 forensics house in the midwest, and we also have some interesting anectdotal information that's likely of interest here. Jason pointed out that machines are often full of spyware and back doors (all too true), but missed what is becoming a more and more common side effect of this: we are seeing defendants being pulled out of the fire by these surrepticiously installed keyloggers! More than once I have been able to show that significant child pornography cases were in fact completely the work of outside intruders who had compromised the system, used it for distribution of materials without the owners knowledge or consent, and been able to refer to these trojans for the proof: they logged it all! Digital Forensics is still an emerging industry, and one with no [direct] regulation in most jurisdictions. Any issue which is rooted in this new engineering/legal practiced will be a long tim awaiting foundational case law to guide our newly exposed judges. -- Yours, J.A. Terranson, CISM Sr. Forensic Investigator United Forensics Corp. [EMAIL PROTECTED] www.unitedforensics.com I like the idea of belief in drug-prohibition as a religion in that it is a strongly held belief based on grossly insufficient evidence and bolstered by faith born of intuitions flowing from the very beliefs they are intended to support. don zweig, M.D. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
