A couple things and maybe a rant...
Mick, Jack, and the others are absolutely right. you need to consult
with an attorney who not only knows these laws, but also is cyber wise.
Get the advice of the lawyer and take that advice to people like
InfraGard and local police.get to know them and build a line of
communication with them, explain what you do, your website, and why you
do it. These relationships could be what saves Bob's butt when it comes
time to deal with such things, and he will deal with them for sure.
I was helping a local repair shop a few years back, small shop and the
guy really needed help. I figured free time was something I had so I
volunteered to help the guy build his business. Now as everyone should
know all sorts of things appear on the desk of a repair shop when
dealing with computers, but the one thing I will always remember is the
words of law enforcement and an incident was reported. NEVER, and I say
NEVER tamper with evidence in such a case. If you do ANYTHING to the
data in ANY way you can legally be held as an accessory to the fact! So
what does that mean? You have now placed yourself in the SAME line of
fire as the individual who committed the act in the first place. This
is the same as you have a server with access to some friends, someone
puts a bad thing on server let's say an ISO of Windows 2008, and somehow
this is found out. Guess who is responsible and pays the fines, YOU ARE!
Here are the steps I would take if I was in the shoes of Bob....
Prior to do research contact an attorney and find out whats legal and
what's not - know your bounds
Take knowledge from the attorney and seek out advice from InfraGard and
law enforcement - know what is expected of you
Develop a WRITTEN log to track and document your research, not a digital
log as these can be tampered with, if you wrote it its in your hand
witting - know its yours and be able to prove it
Take newly developed Log form/sheet and have it review for legality by
attorney, InfraGard, and law enforcement - know your doing things legal like
Begin research carefully following all the steps in your newly planned
out log / step by step guide - know what to do and when to do it
Finally a rant or two...
Anyone who tells you to delete it, wipe the data securely, blah, blah,
blah are some of the biggest morons I have seen in a while as this will
do absolutely nothing but get Bob put in jail with ZERO chance of
beating things!
Take everything said here from everyone who has said something and throw
it out the window. GO GET A LAWYER!!!!!!!!! :-)
P.s. can we find a different person for our dark research? Every time I
tell someone about what Bob does they look at me as if I am the one
doing it, I just don't understand why :-)
Good Luck,
Robert Miller
arch3angel
Michael Douglas wrote:
Jim, at one point that was the attitude of law enforcement. I know, I
was there... it was fugly.
But unfortunately, the volume of these sorts of issues is such that
*every* police department i've worked with in the past 5 years has a
computer forensics "go-to guy" either internal or external. As a
result, assuming you approach them correctly, you're not going to get
any flack. I know... I'm there now.
<warning -- I'm getting on my high horse>
I'm *very* concerned with your approach, mostly from a moral
standpoint. If my turning over files is helpful in breaking a case,
or just building a case, it is WELL worth the minor inconvenience of
handing files over. Just deleting files and walking away is not
something I would ever encourage.
"All that is necessary for the triumph of evil is that good men do
nothing." (Edmund Burke)
<off high horse>
Again, please get a lawyer! You have to know what protections you
have in your jurisdiction.
- Mick
On Thu, Sep 10, 2009 at 7:42 AM, Jim Halfpenny <[email protected]> wrote:
2009/9/10 Michael Dickey <[email protected]>
Personally, I think I would wipe it clean off. That's not something I'd
like to ever mess with or run afoul of.
But there may be value in forensically examining the files or the victims,
so it might be best to report the incident and turn over evidence.
I for one would not expect a friendly or sympathetic response from law
enforcement if I approached them with such evidence. My gut instinct is to
securely delete and ignore, grave though the crime may be. If you are not a
law enforcement officer it's not your business to investigate crimes and
doing so could land you in hot water. IANAL but I don't think you are duty
bound to report a crime if the only report you can give is, "Paedophiles are
using anonymising tools on the Internet."
Consult legal council. You may wish to document incidents where you are
inadvertantly exposed to such material and keep a copy of this log with a
solictor should you ever get into trouble.
Jim
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
