Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment Re:Great... (Score 1) 382

Real computer forensics involves getting the computer powered down, removing the disk, setting it up in a test jig with write protect enabled, and reading the complete image from the disk onto a sterile environment for analysis.

That was true.. in 1998 (the fact that it's still such a pervasive misconception is a seperate problem). We now know there's a wide variety of critical information that isn't available when a computer's powered off - if a (trojan) malware object was present on the drive at capture, with a purely offline view can you prove whether it was loaded into the OS when the evidence was seized? How about open file handles/network connections? Encryption keys?

If he has interfered with the computer in any way by plugging in a USB key, then the evidence is contaminated.

The article probably oversimplifies, simple USB keys that just come pre-loaded with software to search drives aren't that interesting anymore, the idea is probably close to Tribble or something similar. Not that there aren't problems with those kinds of devices... Rutkowska, 2007 (pdf)

The Media

Submission + - Why do gamers hate on gaming so much?

DJ Truncheon writes: "Gamers are the most furiously opinionated of all hobbyists. Why do they love to hate their favorite pastime so much? GamesRadar pulls no punches in this critical look at the gaming community. Choice quote: "The snarky opinion is the cultural capital of the gaming community; it's the way we give our chosen activity relevance and context and prove that we're not just wasting our time (as so many parents and educators would have us believe).""

Unix will self-destruct in five seconds... 4... 3... 2... 1...

Working...