4 posts • joined 13 May 2008
Sounds like the evidence image was provided on a CD? Meaning it could never have been a full disk image unless it was a circa 1990 4GB drive or an encase EWF format image? which is very very unlikely.
Unless they actually cut/copied the image from the original pc then put it on a CD and handed it in? then couldnt find it on the original machine? in which case wasnt a bit-for-bit clone taken at the time of seizure? uhm, what about using encase/ftk to recover? or are they actually working from a live machine? non-writeblocked?
Not enough info here, sounds innacurate/moronic to say the least.
Memory dumps on the live machine if possible?
One has to ask how the spyware landed on her PC in the first place - spyware of that nature, don't they have proper forensic procedures to determine this? and clear her name if not instantly? why would this trial be dragged on so long? ...yet another failing of the system.
"Sure, it's a grey area, and some people have "ethical concerns" over whether it should be done or not, but frankly, if it can be done, it should. Fix them and move on."
I assume this was some sort of dry humour or otherwise ludicrous joke.
You advocate giving remote-access to systems owned by consumers to the government? in essence this is probably something they can already do, however opening the door for them is insane, you have even less privacy than you do already, not to mention this completely violates your rights to privacy of at least some nature - and who in the DOD would have access to this remote-"tool"? and the sign-off on it? hmm..