Commodore 64 Confuses Austrian Police

toomanyairmiles writes, "It seems that Wolfgang Priklopil, the communications technician who kidnapped Austrian pre-teen Natascha Kampusch, relied on a Commodore 64 as his primary machine. Interestingly this is presenting some problems to the Austrian computer forensics people. Major General Gerhard Lang of the Federal Criminal Investigations Bureau told reporters it would 'complicate investigators' efforts' and would be difficult to transfer the files to modern computers 'without loss.' Could this be the latest in the criminal world's security strategy? Can we expect to see Spectrums, Archimedes, and Atari STs turning up in police investigations soon?"

The Charge?

[by Anonymous Coward]

Can we expect to see Spectrums, Archimedes, and Atari STs turning up in police investigations soon?

What are they going to charge them with? Living in the stone age?

Re:The Charge?

[by Anonymous Coward]

This person was found to be connected to the terrorist Junis, a friend of Jon Katz. No doubt he is pirating movies and watching them on his computer.

Please read this before moderating parent as troll

[Garabito (720521)]

About Jon Katz, former Slashdot editor. Taken from here [wikipedia.org]:

"There was a large controversy when Katz posted an article about an e-mail he believed to be from an Afghani teenager named "Junis", writing to him via the newly-restored Internet. Katz never disclosed the original e-mail, but it was an evident hoax and probably a parody designed to fool him. According to Katz, Junis wrote his e-mail from "his ancient Commodore computer", which he had 'dug up' and was now using to download movies, pornography, and MP3s thanks to the recent liberation of Afghanistan."

Question

[daveschroeder (516195)]

Could this be the latest in the criminal world's security strategy? Can we expect to see Spectrums, Archimedes, and Atari STs turning up in police investigations soon?

Um, no. This was an aberration; nothing more, even if its use for those reasons was deliberate on his part.

But here's an actual question:

I can absolutely understand and appreciate that people value some of the features and functionality of things like the Commodore 64 and Newton, and many other machines that were considered to be state-of-the-art in their time.

But why would someone go out of their way to continue to use it? I can understand practical and pragmatic answers like "It's still functional for me" or "I just like it better and I haven't had any problems". But are there other reasons?

I mean, you can literally get systems for free (or next to nothing) that are capable of running various modern operating systems, including various versions of Windows, Mac OS and Mac OS X, myriad Linux distributions to your heart's content, BSD distributions, and so on, that would be much more functional and capable, particularly in the context of the internet and associated applications.

So what's the draw? Why keep running on something like a Commodore 64? Even considering legitimate reasons for continuing to use it, I don't see how sticking with something exceedingly obsolete can be functional when viewed alongside semi-modern systems. I understand people collect all manner of antiques for a variety of reasons, including other things that may be nearly impossible to service or repair easily; is the reason for using obsolete computing equipment the same?

Status? Hobby? Entertainment? Eccentricity? Just to "do it"?

And to reiterate, I can understand collecting pristine Commodore 64s or similar in working order, and even making TCP/IP stacks and such work, just for the sake of doing it. But using it as a primary system exclusively? Some people may own and spend a great deal of time on something like, say, a Model T, but they don't use it as their daily driver...

On another note, I do agree that his system being a Commodore 64 will "complicate investigators' efforts"; but to say that it would be difficult to transfer files "without loss" is disingenuous at best. Do they mean "transfer files" to include possibly-deleted files (in which case I agree there may be "loss")? Do they mean contextual loss, because modern applications may or may not be able to open files and represent context-sensitive features like position, text styles, and so on? Or are they talking about "loss" in that they won't be able to run their standard forensic tools that package everything up with a nice little bow? If they're talking about files representing images and text, I don't care what it is: if it's functional and intact, there's no reason for there to be "loss". I don't care if it takes resorting to eBay, digging up old company engineers, or weirdos on web forums...they should be able to recover anything they need to.

Followup

[daveschroeder (516195)]

I would say this does raise another valid point, though: as systems and media age, it's actually quite an interesting question how all of this data that isn't transferred to modern day systems will be dealt with, both from a technological and machine- and media-aging point-of-view. And in the context of criminal investigations, what happens if evidence is "lost" (or simply unrecovered) from a 25-year-old computer in a murder investigation which has no statute of limitations? It's an equally difficult question for governments, corporations, and academic institutions that actually *want* to keep the data but are having trouble instituting standards, policies, and mechanisms for data retention.

Re:Followup

[ShawnDoc (572959)]

It also points out one of the problems with purchasing DRM'd media files. Since you are locked into a certain format, what do you do when technology changes and you can't convert your media into the new format or the company behind the DRM folds and there's no way to port the authentication system to a new system? My parents dubbed their records onto tapes. And recently I've helped my mom convert records and her old tapes into MP3 format. Something that couldn't be done if DRM existed then.

Re:Followup

[johansalk (818687)]

What you do then is quite simple; you'll have to re-buy your media files, and I presume that's a reason why the companies seem to like it so much .

except ...

[hany (3601)]

Except that those same media companies may in the future with high probability consider providing say Britney Spears' "tracks" (sorry, if I spelled her name wrong) for re-purchase as a "not interesting from operating profit point of view" thus consumers will be unable to repurchase thus they lose their beloved tracks. Or become criminals.

Feel free to replace "Britney Spears" with any other name from current "popular music" (or even past "popular music").

Re:except ...

[Stormwatch (703920)]

So in the future DRM will prevent people from listening to Britney Spears? This is Slashdot, damnit, you're not supposed to defend DRM here!

Re:Followup

[NoMaster (142776)]

Unfortunately for the buying public this is a major issue.

No, unfortunately, not is . It will be , but by that time it'll be all-pervasive - basically, too late to do anything about it.

I know the common thing to do is berate corporations for having no long-term vision - but the RIAA/MPAA/??AA do. They've perfected the technique of hovering around that fine line between "too fast, and people will notice" and "too slow, and we'll be obsoleted before we achieve our objectives".

Re:Followup

[Z34107 (925136)]

When a company goes belly up, the law should stipulate that copy protection mechanisms can be legally circumvented

The DMCA already does this. See page 5 of this summary [copyright.gov], the part that talks about reverse engineering for compatibility.

Although not present in the summary, I believe (meaning I lost the original article) the DMCA also makes exceptions for cracking copy protection, such as a hardware dongle, on legitimately purchased software if the dongle no longer works and there's no real way to get another one. That section could also apply to what you're talking about.

Re:Commodore 64 has an RS-232 interface.

[Dun Malg (230075)]

The back of the Commodore 64 has an RS-232 interface. Any schmuck with a bachelor's degree in electrical engineering can hook the Commodore 64's serial interface into the serial interface of any modern desktop.

No, actually it doesn't have an RS-232 interface. It has something called a User Port, using a male card-edge connector, which can transmit and receive serial data, but it only does so at TTL levels. But yeah, any schmuck with a soldering iron and a breadboard can slap together a true RS-232 interface using a 25 cent MAX232 chip and a few caps.

Re:Commodore 64 has an RS-232 interface.

[God of Lemmings (455435)]

Yes, but if that schmuck had a BSEE he/she wouldn't, except in the rarest of circumstances, be a cop. The investigators would have to use their brains and find someone who can do the work.

Re:Commodore 64 has an RS-232 interface.

[compro01 (777531)]

Yes, but if that schmuck had a BSEE he/she wouldn't, except in the rarest of circumstances, be a cop. The investigators would have to use their brains and find someone who can do the work.

you'd be amazed how many Electronics and Computer technicians the RCMP up here is collecting. they've taken practically the entire graduating class of each (usually 20-30 people per course) for 2 years running at the school I'm at (SIAST).

but i don't have much idea what they're doing at the other 3 campuses, but I'd imagine similar things are happening, so that would be at least 150 techs they've snatched up, if not more.

Re:Commodore 64 has an RS-232 interface.

[iocat (572367)]

Dude, they're in EUROPE. Someone just needs to head for the University, find the demo party, pry Dieter away from his Amiga and be like "oh qiuck, we need the data from these floppies... yes, if you want to make a mod so the data all prints out along a sin-wave line while the SID chip kicks out the collected works of David Hasselhof, that's fine... oh my, you can make the text appear on shiny spheres? So much the better!"

Re:Commodore 64 has an RS-232 interface.

[pipatron (966506)]

You modded this as "Funny", but there are more truths in this text than in any of the other posts. Seriously, any C64 hacker (and there are atleast hundreds of them spread around europe that use the Commodore 64 on a ~daily basis) would know how to transfer all the bits from a C64 floppy to any other format. He would also know what tools this guy used, and how to disassemble them to see how the data is stored (if not common knowledge already). For example, there is the the XzentriX Treffen 2006, http://www.xzentrix.de/ [xzentrix.de] this friday in germany. Just go there, announce a new fast-compo (hack this guys files), and be done with it.

Re:Commodore 64 has an RS-232 interface.

[LWATCDR (28044)]

It is true. The C64 demo scene is alive and well. Now if the cops and the courts would trust one of them is different question.
What gets me is how none of the "experts" can handle anything that isn't a PC. I wounder if the guy had been running Linux, BSD, Minix, SkyOS, an Amiga, or Atari ST if they would be just as lost.
Here is a shop that sells cables that will let you read C64 disks on a PC http://sta.c64.org/x1541shop.html [c64.org]
I suggest they also google PETASCII if they want to break the encryption.

Re:Commodore 64 has an RS-232 interface.

[shaitand (626655)]

Am I the only one sitting here and wondering if anyone on this forum ever used a C64? They need a 5 1/4 floppy drive and a C64 emulator. The C64 stores all the data and programs on floppies, if the system has even been powered off they aren't going to get anything from the machine itself.

Personally I suspect the investigators just have a bunch of MCSE's who run prepackaged forensic tools and have never seen a C64 and don't know how one works.

Re:Commodore 64 has an RS-232 interface.

[complete loony (663508)]

I good friend of mine (who currently lives next to me) wrote the first version of c64net [sourceforge.net] which can be used to communicate directly between a c64 and a pc. One of the tests he performed showed that you can transfer data from a PC to the c64 at about 32KBps.

Re:Commodore 64 has an RS-232 interface.

[psoplayer (938102)]

Now see? All they had to do was post the question on slashdot as how to connect a C64 to modern machines and they could have had the files off in a jiffy. But NO... they just had to try to figure it out on their own.

Re:Question

[MyNameIsFred (543994)]

... but to say that it would be difficult to transfer files "without loss" is disingenuous at best...

I assume that Austrian law requires some sort of chain of custody for evidence similar to that required under American law. Thus, the transfer is probably difficult because they do not have "certified tools" for the transfer. In the US, it is my understanding that simply copying the files with the copy command is not sufficient. That defense lawyers can question how the transfer was made, whether the copy is an accurate representation of the original, etc. I presume similar problems under Austrian law.

Re:Question

[Ralph Spoilsport (673134)]

I have an Amiga kicking around in the garage. Why? Because I put a Time Base Corrector (TBC) in it that strips out ALL macrovision and DRM - I get pure video signal. I might get $50 for the machine in a yard sale. But a TBC of the quality I installed in it? HA! We're talking at least $500. So, that obsolete cranky POS that sounds like a snoring pig at start up saves me Serious $$$. The floppy drive in it is marginal, the video card barely works, but the TBC keeps on ticking. So every Friday I rent a few videos, run them through the TBC to my OSX G5, and burn a DVD for future reference...

And THAT'S how it's done.

RS

Re:Question

[radish (98371)]

Or you could just, you know, do what the rest of us do and dupe netflix discs with DVD Shrink. Considerably simpler, quicker, and produces much better results. Oh, and there's no DRM on a VHS tape - it would have to be called ARM.

Re:Question

[Arakageeta (671142)]

The guy kidnapped a little girl and kept her for 8 years. He's obviously a nut case. I don't think you can back his choice to use a Commodore 64 with reason.

Re:Question

[soft_guy (534437)]

The guy kidnapped a little girl and kept her for 8 years. He's obviously a nut case. I don't think you can back his choice to use a Commodore 64 with reason.

On Slashdot, we don't think he's crazy for hideous crimes. We think he is crazy for using an old computer.

Re:Question

[identity0 (77976)]

WTF is wrong with wrong with using an old computer?! I'm typing this on an old 386 right now, in fact.

In the basement, I have an Altair that I kidnapped from the local uni 25 years ago, that I've been teaching to read Perl and play with Lego Mindstorms. I've named her "nappy", because she likes the nappies and ice cream. I feed it to her on punch cards. We are such a happy computer family together, I don't have to hit her much anymore. I love you, you love me, lalalalaOH SHIT THE COPS ARE HERE@!^&@!!

+++ATH
NO CARRIER

reason to use it in one word:

[GeekyMike (575177)]

Zaxxon

Re:Question

[smilindog2000 (907665)]

But why would someone go out of their way to continue to use it?

Are you kidding? Obviously, because the hottest geek chick on the planet is into them! See:

"Super-hot super-smart geek-chick" [wikipedia.org]

Re:Question

[bar-agent (698856)]

It may be that he was just a generally all-round weird guy.

The whole "girl-in-a-dungeon" thing is certainly indicative.

Re:battery life?

[dougmc (70836)]

try a trs-80 mdl 100

I have one of those! Got it at Goodwill back in 2001 or so for $9.95.

Of course, here's the funny story. I got the computer, and figured `ok, what do I do with it?' ... so I tried to remember BASIC, and put in this program as soon as I got it working at the office -- 10 I = I + 1
20 PRINT "HELLO THERE # ", I ;
30 GOTO 10
(sorry if I got this wrong. This is the last time I did any BASIC, and it was years before that that I'd last done any.)

In any event, it's still running today. It's up to (let me check) 509176235. It's doing roughly 4.2 iterations/second, with most of the cpu obviously going to scrolling the display. Of course, if I do the math, that only works out to about four years, so I'm not sure what the discrepancy is.

In any event, it's lasted several office moves, and now it's in my garage, with a wal-wart transformer connected and some AA's in the battery slot. The batteries will run it for a remarkably long time, and I just replace them every year or so.

I've been tempted to pull it out and play with it a bit, but I'm reluctant to lose all my uptime ...

Re:Question

[Scrameustache (459504)]

My guess is that he got the machine thirty years ago, it did what he needed, and he never felt a need to replace it.

Exactly.
Coincidentally, he did the same with a girl, 10 years ago.

MY questions are: Why are people questioning the hardware choices of a psycho kidnapper? Are they actually looking for a coherent thought process they can relate too? Do they want to find one? Should they turn themselves in the nearest psychiatric ward if they do?

Why go that far?

[Locke2005 (849178)]

Any box that doesn't run Windows confuses most investigators. Yep, all their tools are Windows-specific.

Re:Why go that far?

[iluvcapra (782887)]

Quickly becoming a meme:

Only a terrorist wouldn't use Windows.

Re:Why go that far?

[Danga (307709)]

Any box that doesn't run Windows confuses most investigators.

You are far from correct. A lot of forensic investigators I have talked to actually use linux at times to do things such as image drives which is safer to do on linux than Windows and they are not straight Windows users.

Yep, all their tools are Windows-specific.

The reason they do use Windows tools most of the time is because the tried and true forensic applications are developed for Windows such as Forensic Toolkit Pro http://www.accessdata.com/products/ftk/ [accessdata.com] and EnCase http://www.guidancesoftware.com/products/ef_index. asp [guidancesoftware.com] and since they work and have been well tested on Windows it makes little sense to increase the likelyhood of problems by porting these applications to other OS's. The other big reason most tools are Windows centric is obviously because Windows is the most widely used OS and people like to use what they already have and know.

Windows may not be the greatest OS, and I know people love to bash it, but that does not mean the Windows tools developed for forensic investigations are of low quality. I work as a software developer in this field so I have a decent view on what the situation is and your comment was way far off.

Re:Why go that far?

[Morphine007 (207082)]

Because in most forensic investigations, they remove the hard-drive from the PC and then perform the investigation using another operating system guaranteed to not have any nasty surprises built in. They're not going to run the risk that buddy has a small script that deletes his entire hard drive if he doesn't hit ctrl-a-s-d-f-enter within seconds of booting up.

There's likely more to it than that as well, but the point is they generally don't want to use the system they've confiscated...

Re:Why go that far?

[MajroMax (112652)]

Actually, we're smart enough to mount read only.

What, using Linux? Here's a clue for you:

EXT3-fs: INFO: recovery required on readonly filesystem. EXT3-fs: write access will be enabled during recovery.

Not if you use an IDE cable with the write pins removed.

let me at it!!

[illuminatedwax (537131)]

I'll have that bugger fixed in no time!!! ...as long as it involves writing elementary BASIC loops, LOAD "$",8,1 or beating Space Taxi or Questron.

Even Better

[coop247 (974899)]

I also hear they are having trouble getting information from his IBM typewriter. Apparently he used White Out to clear the data.

This is retarded

[Cobralisk (666114)]

Seriously, I have a Commodore 64 sitting right next to me hooked up to a dos box as a hard drive. Data is data. You just need a x1541 cable. There are lots of free software tools to facilitate this, and the d64 and t64 formats are well supported. You can even use audio tapes and a soundcard to transfer files. Once you have the data on the PC, there are multitudes of C64 emulators to run the software directly. I've been doing this since the late '90s. Google is your friend.

Simple answer

[lostngone (855272)]

We must ban all Commodores, to save the children of course. Think of the children!

Re:Simple answer

[Surt (22457)]

We must ban all Commodores, to save the children of course. Think of the children!

Thanks, that's exactly the thing that got us into this mess in the first place.

Attention perverts:
STOP Thinking of the children!

Forget security by obscurity...

[MMC Monster (602931)]

It's now security by obsolescence!

Really, if the raid happened 20 years ago, everyone would be able to get the info off those floppy disks. Now they've got to find a C64 user group or specialty store (how many of them are there, even on the net?) to transfer the data and convert it to a usable format.

Re:Forget security by obscurity...

[wideBlueSkies (618979)]

>>10mb hard drives, etc, and the guy was overjoyed that his club got new stuff to play with.

He was probably looking forward to undeleting the contents of the drives. How long do you figure it took him to do so?

Hope you scrubbed them first.

Only on slashdot...

[f97tosc (578893)]

does the story about a girl kept in a dungeon for eight years revolve around the kidnapper's computer. Tor

missing the point

[dirtyhippie (259852)]

The article, and most of these comments, are missing the point. The point isn't that you can't get the data off the hard drive - the investigators aren't that stupid - it's that they can't get previoiusly deleted or overwritten files off the hard drive using their standard techniques, because there is no way to image both a drive and the magnetic clues that these folks use.

Arial???

[srh2o (442608)]

Of course they'd lose information. Haven't you seen how bad Arial screws up ASCII porn... Uh Nevermind

C64 hardware

[Neo-Rio-101 (700494)]

There are a myriad of other issues with this too. For one, the Commodore 64 uses PETSCII and not standard ASCII. To complicate matters more, he may have even used GEOS to store his data on floppy disks, and without the right conversaion tools, coverting that to plain text, muchless PC readable media, is going to be tricky without the right C64 hardware. If he had all that CMD hardware, or stored all his information on a hard disk or CMD formatted floppy disk, it will be harder again.

Computer Forensics - clear as mud

[gsobol (1000759)]

Well, I can sum up the whole article like this:
Forensic investigators = not stupid
Article author/editor = selling a story / lack of facts
Court system = flaky justice

Being a computer forensic investigator, what I can tell you is that the problem is not with extracting individual files (being current, deleted, overwritten), or even hashing the contents or drive images themselves. Although this does present a certain technical challenge, this can be overcome. Any forensic investigator will tell you that, what he/she finds during his/hers investigation rarely comes under question or scrutiny. You just can not deny the fact that this "stuff" was found on the suspects media. What almost always comes under scrutiny is the technique used in obtaining the evidence. Where the police do have the tools and techniques that have been court tested for the relatively modern machines and OSes, there is no such tool or a battle tested procedure for capturing and processing data from the Commodore 64. That's what the challenge is all about. It's all about how do you get your evidence, and prevent the defence from shooting it down on a technicality that your approach was not forensically sound, because you have not used the court "approved" forensic tools and techniques. -- a side note: there are no court approved forensic tools, at least not in the USA. There are forensic tools that have gone through court scrutiny and been found to be acceptable, but only in conjunction with a proper forensic sound procedure. The tool is only a tool, like a hammer, it can be used to drive a nail into a wall, or crack someone's skull. Define a proper and sound use :) -- It's easy for technical people to understand the realities and limitations of the technology. It's easy to understand that when you copy the contents of the files from one OS to another the contents do not usually change. But for an average person on the jury, if one computer is old and the other computer is new, and they don't speak the same language, well that means that someone had to translate it, right? And if someone translated it, could they have made a mistake? Of course they could! Of course they DID! Again, the hard evidence - the files, the pictures, the notes, etc.. - do not come under scrutiny. It's the techniques, the procedure, the competence of the investigators that get's questioned, and thanks to our "well educated" and "intelligent" jury, sometimes the guilty go free.

Oh so very relevant...

[Phil John (576633)]

...the police suspect that he may have had an accomplice. Apparently the normal M.O. for this type of criminal relies on having another person in the mix (lookout during original kidnap, looking after victim if other needs to go anywhere for an extended period etc.).

Marc Dutroux (the Belgian Paedophile) had several accomplices - one of whom was directly responsible for Julie and Melissa's death by not feeding them whilst Dutroux was in prison on another charge.

Re:Clues? How about relevance?

[MichaelSmith (789609)]

The kidnapper is dead. It's a little late to be looking for clues!

Its one of those "without a trace" scenarios. Maybe the dead kidnapper has girls buried in basements all over Austria. You have to crack the C64 file system before they starve to death.