Vista Makes Forensic PC Exam Easier for Lawyers 343
Katharine writes "Jason Krause, a legal affairs writer for the American Bar Association's 'ABA Journal' reports in the July issue that Windows Vista will be a boon for those looking for forensic evidence of wrongdoing on defendants' PC's and a nightmare for defendants who hoped their past computer activities would not be revealed. Krause quotes attorney R. Lee Barrett, 'From a [legal] defense perspective, [Vista] scares me to death. One of the things I have a hard time educating my clients on is the volume of data that's now discoverable.' This is primarily attributable to Shadow Copy, TxF and Instant Search."
Re:Another Use for VMWare (Score:5, Insightful)
Re:Another Use for VMWare (Score:2, Insightful)
Re:It's not the function that's the problem (Score:1, Insightful)
Re:Another Use for VMWare (Score:5, Insightful)
Re:Just some more... (Score:5, Insightful)
As for privacy, to the extent that this sort of thing requires a legal order to hand over the information, I can't really see that it's an issue of privacy. If it is accepted that preserving the rule of law sometimes requires surrendering information that would otherwise be considered private, then that is the end of the matter: the information in such instances has ceased to be private.
If a PC is stolen, that is another matter, but in such cases, encryption can be used to prevent private data falling into the hands of thieves. This arguably makes a PC with appropriate encryption enabled safer than paper records.
Re:Just some more... (Score:1, Insightful)
People who need to keep their computing history private will know to encrypt their block devices and disable unnecessary indexing and data safekeeping. People who are too dumb or lazy to do that are going to get bitten by random "marked as deleted" filesystem remnants on any OS. People who accidentally delete their master thesis on the day before it's due will thank Bill Gates for Shadow Copies. People who buy cheap power supplies will thank Bill Gates for TxF when their computer crashes due to a short voltage spike and their data remains consistent (or they will curse him because they think Vista crashed and they don't know what kept them safe).
Comment removed (Score:2, Insightful)
Re:Just some more... (Score:5, Insightful)
Right, karma to burn. How the hell is this "Informative"? "+5 Groupthink", or "+5 Telling me what I want to hear", sure. But there is no information here at all - Vista does have some "good features", regardless of what some people think. Answering your points specifically
1) Eye Candy: If you don't like it, turn it off.
2) Missing or shitting drivers: I have not noticed, nor do I know anyone who has noticed, Vista not supporting hardware that XP supported. Shitty drivers, well, this is a more reasonable concern, but it applies in my experience only to graphics, and then only to people for whom a 5-10% drop in performance (until nVidia get their ass in gear) is a "shitty problem". It's *vastly* better than Linux in this regard.
3) UAC: You're doing it wrong. I have not seen a UAC prompt that wasn't because I launched an app that required admin priviledges for weeks. Sure, when you're setting up the system, you get them a lot - much like in Linux, where you prefix half the first weeks commands with "sudo". After that, if you're seeing it more than once or twice a week, you need to seriously look at what kinds of software you're running that constantly need "root" access.
As to a sample of "good points"
1) New graphics and sound stack is vastly superior - I can set sound volume on a per application basis, automatically, using an simple interface built right in. No more stupid Flash in Firefox blaring away at 80db when I'm listening to music via iTunes.
2) Integrated search - Works as well as Spotlight for me, and I thought Spotlight was the best thing since sliced bread.
3) UAC - Yes, in my eyes, this is a good thing (and the biggest step forward in Vista). Windows no longer uses an "Admin for everything" model, something most people have been crying out for it do have for years.
Does it add anything *huge* over OS X, or even XP? No. Since when has a new OS release added anything world changing? They have been, since OS X 10.0, Linux 2 and Windows 2000, incremental. Is the DRM stuff a bad route? Yes. Does Vista use too many resources? Well, the idle footprint over my OS X machine isn't significantly greater - I would say it *does* use a too much, but frankly, as my machine is fairly modern, I don't notice. In many operations, it's faster than XP.
Should we all move to desktop Ubuntu? I don't know - I use Linux on servers, but it's still not ready for desktops, in my eyes. A technically semi-literate friend installed it on his Laptop, as someone had preached too him, and it *mostly* worked - except sound, which was a huge pain in the ass, and even I (with years of Linux experience) couldn't make work. Mostly is not good enough (he bought an OS X laptop to replace it, and is very happy). When Linux sorts out these issues, and gets a decent suite of end user software (no, Openoffice is not good enough to be an Office replacement), I might consider putting friends and familiy onto it.
Is Vista the devil? No. It's no worse than XP, and has several significant features that make it better, much like XP over 2000.
Re:Not to worry (Score:4, Insightful)
Re:Just some more... (Score:3, Insightful)
Allow me to edit the above:
If you wish to secure your data from unwanted intrusion, you'd probably be wise to avoid using Vista which records your activities using methods not found in previous Microsoft systems, or other systems in general.
Where are the privacy trolls now (Score:1, Insightful)
Those same people come into these articles and comment about how security choices allows information to be free. Geez, make up your minds
Re:Just some more... (Score:5, Insightful)
The reality is that most users like the ability to index and search their data, and to recover previous versions of a file, as well as the better reliability offered by transactional file operations. In the general case of a non-criminal user, these features provide far greater benefits than the potential harm of having their activities more effectively analysed by law enforcement officials, in the highly improbable case of a legal order to hand over their data.
Re:Another Use for VMWare (Score:5, Insightful)
Personally, if I had any really bad shit on my system I'd probably just have a buried NAS box somewhere on (or even off) the premises. Probably would be best if there were a hardwired connection to it: wouldn't want the Feds to use a sniffer and figure out you have the thing. Oh sure, if they really wanted to they could find it, but why make it easy? Hide the cabling and hide the point at which it attaches to the rest of your LAN. Probably want the box to run a watchdog task that will disable it completely if it detects that specific machines on the LAN have disappeared (as in "having been confiscated".) That way, even if someone performing forensics notices that there was another network drive mapped, by the time they get back to search for another machine it won't be detectable unless they start tearing down your walls.
Of course, you'd be a lot safer not having that bad shit in the first place.
Re:(il)legitimate FUD attempt. (Score:3, Insightful)
YOU should be the one to decide if your OS phones home, if it stores every keystroke you ever made, if it keeps copies of all the files you ever had, etc.
Just like a bad doctor who decides for his patient, Microsoft has decided to take choice away from the user. The only choice you are limited to now if you don't want the OS to do this is to choose another OS.
Re:Computer OS (Score:5, Insightful)
Re:Another Use for VMWare (Score:3, Insightful)
Very true, however if enough individuals begin to mount such defenses (and they are readily available to all) a change in the culture has been made. The act of convincing a significant number of people to defend themselves against potential governmental intrusion is what is important here. Doesn't matter whether they have anything specific to hide, in fact the more people who have nothing to hide that do protect themselves in this way, the safer all of us will be. I'm one of those people: my life is an open book, I have performed no criminal activity of any kind. However, as a matter of principle I can assure you that law enforcement would have to spend significant resources to get their fingers on my data without my willing cooperation. Now I might consent to give them that, but they would have to guarantee certain safeguards before I'd permit anyone to go through my stuff, and I would insist on having my attorney involved to protect what rights I still have. The reason I feel this way is because I no longer have any faith in law enforcement, because it's all to easy to criminalize someone for an activity they had no idea was illegal. They have plenty of law on their side, and I want to make sure that, if push comes to shove, I can use the law to protect myself as well. Allowing the cops to peruse your network at their convenience is not the way to do that. My father used to tell me that all governments want more and more authority over their citizens, and the only way slow that process down is to make them fight for it at every opportunity.
Besides, things are qualitatively different nowadays. In past, cops could just walk in and take your file cabinets and that was that. Now they may have to ask for encryption keys: that puts a fair amount of control back in the hands of the individual
Tough.