Privacy Protection and Computer Forensics(Artech House Computer Security Series)

Team DDU......Page 1
Contents......Page 8
Introduction......Page 16
1.2.1 As an employee......Page 22
1.2.2 As an employer or corporate executive......Page 23
1.2.3 As a law enforcement official......Page 24
1.2.4 As an individual......Page 25
1.2.5 As a lawyer for the defense......Page 26
1.3 If you have done nothing illegal, you have nothing to fear: not true anywhere!......Page 27
1.4.1 User rights to privacy?......Page 29
1.4.3 Forensics is deceptively simple but requires vast expertise......Page 30
1.4.4 Computer forensics top-level procedure......Page 32
1.4.5 Forensics specifics......Page 34
1.4.6 Digital evidence is often evidence of nothing......Page 37
Selected bibliography......Page 43
2.1.1 General......Page 44
2.1.2 Disk wiping......Page 47
2.1.3 File- and disk-wiping software......Page 49
2.1.4 Magnetic microscopy forensic examination of disks......Page 52
2.2.1 Cluster tips or slack......Page 53
2.2.2 Free space......Page 54
2.2.4 Spool and temporary files......Page 55
2.2.7 Data in the registry files......Page 56
2.3.1 General......Page 57
2.3.2 Securely wiping the swap file......Page 59
2.4.1 Why is the Registry a major source of forensic evidence?......Page 60
2.4.2 Where is all this private information hiding in the Registry?......Page 62
2.4.4 Cleaning up sensitive data in the Registry......Page 63
Reference......Page 65
3.1 Digital watermarking......Page 66
3.2 The British RIP Act and the US Carnivore (DCS1000)......Page 70
Selected bibliography......Page 72
4.2 Temporary physical access to one's computer......Page 74
4.3 Commercial hardware keystroke loggers......Page 75
4.4 Commercial software keystroke loggers......Page 78
4.5.1 By one's ISP or by anyone having compromised the ISP's security......Page 79
4.5.3 By remote Web sites that one accesses......Page 80
4.6.1 By commercial spyware and adware......Page 81
4.7.1 General......Page 85
4.7.2 Protective measures......Page 86
4.8 Being on a network, cable modem, or xDSL modem......Page 90
4.10 Insertion of incriminating data in your computer by others......Page 91
4.11.2 The fallacy of password protection offered by popular commercial software......Page 92
4.11.6 The fallacy of protecting data by repartitioning a disk for a smaller capacity than the disk really has......Page 93
4.11.9 The fallacy that overwriting a file removes all traces of its existence......Page 94
4.11.11 Other protection fallacies that don't deliver......Page 95
Selected bibliography......Page 96
References......Page 97
5 Why Computer Privacy and Anonymity?......Page 98
5.1 Anonymity......Page 100
5.1.1 Practical anonymity......Page 102
5.2.1 You cannot trust TRUSTe?......Page 103
5.2.2 Is privacy a right?......Page 104
5.2.3 The impact of technology on privacy......Page 107
Selected bibliography......Page 109
6.2 Recommended best practices......Page 112
6.2.1 If using Windows NT......Page 117
6.2.2 If using Windows 2000......Page 119
6.2.3 If using Windows XP......Page 123
6.2.4 Heroic protective measures regardless of the version of Windows......Page 125
6.2.5 Last but not least......Page 126
6.3.2 Online activation and online snooping by software......Page 127
6.3.3 Microsoft documents that call home......Page 129
6.3.5 TCPA/Palladium......Page 130
6.3.6 The vulnerability of backups......Page 131
6.4 Protecting sensitive data on hard disks......Page 132
6.4.1 Full disk encryption......Page 133
Reference......Page 135
7 Basic Protection from Computer Data Theft Online......Page 136
7.2 Installation of Windows for secure online operation......Page 138
7.3.1 Web browser hijacking......Page 139
7.3.3 E-mail bombs......Page 142
7.4.3 Assorted cleaners of browsers......Page 143
7.5.1 Don't's......Page 145
7.5.2 Do's......Page 146
8 Practical Measures for Online Computer Activities......Page 148
8.1 Netscape Navigator/Communicator......Page 149
8.2 Microsoft Internet Explorer......Page 154
8.3.1 Free Web-based e-mail offers that require JavaScript: don't!......Page 159
8.3.3 Eudora e-mail software......Page 160
8.4 Secure e-mail conduct online......Page 162
8.4.1 Self-protecting e-mail......Page 165
8.4.2 Accessing e-mail from anywhere on Earth......Page 169
8.5 E-mail forensics and traces: the anonymity that isn't......Page 170
8.5.1 Tracking suspect e-mail......Page 173
8.5.2 Sending anonymous e-mail: anonymous remailers......Page 175
8.5.3 General network tracing tools......Page 179
9.1 Virus/Trojan/worm protection......Page 180
9.2.1 Protection from keystroke-capturing software......Page 181
9.3 Protection from commercial adware/spyware......Page 182
9.4 Protection from Web bugs: an insidious and far-reaching threat......Page 184
9.5 Using encrypted connections for content protection......Page 185
9.6 Using proxy servers for anonymity......Page 188
9.7 Using encrypted connections to ISPs for content protection......Page 190
9.7.1 SSL......Page 191
9.8 SSH......Page 192
9.9 The failed promise of peer-to-peer clouds......Page 193
9.10 Caller ID traps to avoid......Page 194
9.12 Traps when using FTP......Page 195
9.14 Pitfalls of online banking......Page 196
9.15 Secure Usenet usage......Page 197
9.15.1 Anonymity from other Usenet readers......Page 199
9.15.2 Anonymity from one's in-country ISP......Page 200
9.15.3 Usenet privacy in oppressive regimes......Page 201
9.16 Ports to protect from......Page 202
9.17 Sniffers......Page 205
9.18 Firewalls......Page 206
9.18.1 Personal software-based firewalls......Page 208
9.19 Software that calls home......Page 209
Reference......Page 210
10.1 Introduction......Page 212
10.2 Availability and use of encryption......Page 214
10.2.2 Conventional (symmetric) encryption......Page 216
10.2.3 Public-key encryption......Page 218
10.2.5 Voice encryption online......Page 221
10.3 Attempts to control against encryption......Page 222
10.4 Legal issues......Page 223
10.4.1 Crypto laws around the world......Page 224
10.4.2 Can encryption bans work?......Page 225
10.5 Societal issues......Page 229
10.6 Technical issues......Page 230
10.7 Countermeasures......Page 231
10.8 State support for encryption......Page 232
10.9 The future of encryption......Page 233
10.10 Quantum cryptography......Page 234
10.10.1 Quantum computing......Page 235
10.12 Comments......Page 236
Selected bibliography......Page 237
References......Page 239
11.1 Introduction......Page 240
11.2 Entire-disk encryption......Page 241
11.3 Encrypting for e-mail: PGP......Page 242
11.3.1 How PGP works......Page 245
11.3.2 Do's and don'ts of PGP installation and use......Page 247
11.3.3 The need for long public keys......Page 254
11.3.4 The man-in-the-middle problem......Page 255
11.3.6 DSS?......Page 256
11.3.8 A minor flaw in PGP......Page 257
11.3.9 PGP weaknesses......Page 259
11.4 Encrypting one's own files: encrypted disk partitions......Page 260
11.5 Steganography......Page 264
11.5.2 Detecting steganography: steganalysis......Page 267
11.5.3 Other ways that steganography can be detected......Page 268
11.5.4 Recommendations for maintaining privacy through steganography......Page 269
11.6 Password cracking......Page 270
11.7 File integrity authenticity: digital digests......Page 273
11.8.1 Protecting sensitive data from a repressive regime......Page 274
11.8.3 Getting discovered as a desirable persona......Page 275
Selected bibliography......Page 276
References......Page 277
12 Link Encryption: VPNs......Page 280
12.1 Split tunneling......Page 282
12.2 IPsec......Page 283
12.3 Summary......Page 284
Selected bibliography......Page 285
13.1 Background......Page 286
13.2 The 802.11 technologies......Page 287
13.2.1 WEP insecurity......Page 289
13.2.2 War driving and war chalking......Page 291
13.2.3 Using Wi-Fi while traveling......Page 292
13.2.4 WPA......Page 293
13.2.5 Securing 802.11......Page 294
13.3 Bluetooth wireless link security issues......Page 295
13.3.1 Bluetooth security threats......Page 296
13.3.2 Recommended steps for enhancing security of Bluetooth devices......Page 298
Selected bibliography......Page 299
14.1 Commercial GPS devices......Page 300
14.2 RF ID devices......Page 302
14.3 Modern vehicles' black boxes......Page 304
14.4 Cell phones......Page 306
14.5 Prepaid calling cards......Page 307
14.6 Credit cards......Page 308
14.8 Fax machines and telephone answering machines......Page 309
14.10 Frequent-anything clubs......Page 310
References......Page 311
15.1 Are they effective? It depends......Page 312
15.2 Biometrics can be easily spoofed......Page 314
15.3 Identification is not synonymous with security......Page 319
15.4 Societal issues......Page 320
References......Page 321
16.1 Software agreements that shift the legal liability to the user......Page 322
16.3 E-mail......Page 324
16.4.1 U.S Digital Millennium Copyright Act of 1998......Page 326
16.4.2 The Uniform Computer Information Transactions Act......Page 329
16.5 Can one be forced to reveal a decryption key?......Page 330
16.6 Why is electronic evidence better than paper evidence?......Page 333
16.7 Civil legal discovery issues......Page 336
16.8 International policy on computer-related crime......Page 339
16.9 What is computer crime?......Page 340
16.11.1 Collection......Page 341
16.12 Federal guidelines for searching and seizing computers......Page 342
16.13 Destruction of electronic evidence......Page 347
16.15 New international computer crime treaty......Page 348
16.16 The post-September 11 reality......Page 349
16.17 The sky is the limit-or is it the courts?......Page 352
References......Page 353
About the Author......Page 354
Index......Page 356