ebook img

Privacy Protection and Computer Forensics(Artech House Computer Security Series) PDF

366 Pages·2004·4.03 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Privacy Protection and Computer Forensics(Artech House Computer Security Series)

Privacy Protection and Computer Forensics Second Edition Forquitealongtime,computersecuritywasarathernarrowfieldofstudythatwaspopu- latedmainlybytheoreticalcomputerscientists,electricalengineers,andappliedmathema- ticians.Withtheproliferationofopensystemsingeneral,andoftheInternetandtheWorld Wide Web (WWW) in particular, this situation has changed fundamentally. Today, com- puter and network practitioners are equally interested in computer security, since they require technologies and solutions that can be used to secure applications related to elec- tronic commerce. Against this background, the field of computer security has become very broadandincludesmanytopicsofinterest.Theaimofthisseriesistopublishstate-of-the- art,highstandardtechnicalbooksontopicsrelatedtocomputersecurity.Furtherinforma- tion about the series can be found on the WWW at the following URL: http://www.esecurity.ch/serieseditor.html Also, if you’d like to contribute to the series by writing a book about a topic related to computersecurity,feelfreetocontacteithertheCommissioningEditorortheSeriesEditor at Artech House. ForalistingofrecenttitlesintheArtechHouse ComputerSecuritySeries,turntothebackofthisbook. Privacy Protection and Computer Forensics Second Edition Michael A. Caloyannides Artech House Boston (cid:127) London www.artechhouse.com LibraryofCongressCataloging-in-PublicationData AcatalogrecordforthisbookisavailablefromtheU.S.LibraryofCongress. BritishLibraryCataloguinginPublicationData AcatalogrecordforthisbookisavailablefromtheBritishLibrary. CoverdesignbyYekaterinaRatner ©2004ARTECHHOUSE,INC. 685CantonStreet Norwood,MA02062 Allrightsreserved.PrintedandboundintheUnitedStatesofAmerica.Nopartofthisbookmaybereproduced orutilizedinanyformorbyanymeans,electronicormechanical,includingphotocopying,recording,orbyany informationstorageandretrievalsystem,withoutpermissioninwritingfromthepublisher. Alltermsmentionedinthisbookthatareknowntobetrademarksorservicemarkshavebeenappropriately capitalized.ArtechHousecannotattesttotheaccuracyofthisinformation.Useofaterminthisbookshouldnot beregardedasaffectingthevalidityofanytrademarkorservicemark. InternationalStandardBookNumber:1-58053-830-4 10987654321 Tomylateparents,AkylasandEtta.Parentsneverdie;theylivethroughtheirchildren’s thoughtsandactionsandthroughtheirchildren’schildren. . Contents Introduction . . . . . . . . . . . . . xv 1 Computer Forensics . . . . . . . . . . . 1 1.1 Whatiscomputerforensics? 1 1.2 Whyiscomputerforensicsofvitalinteresttoyou? 1 1.2.1 Asanemployee 1 1.2.2 Asanemployerorcorporateexecutive 2 1.2.3 Asalawenforcementofficial 3 1.2.4 Asanindividual 4 1.2.5 Asalawyerforthedefense 5 1.2.6 Asaninsurancecompany 6 1.2.7 Asauserofothers’computers 6 1.3 Ifyouhavedonenothingillegal,youhavenothingtofear: nottrueanywhere! 6 1.4 Computerforensics 8 1.4.1 Userrightstoprivacy? 8 1.4.2 Theforensicsinvestigatormustknowupfront 9 1.4.3 Forensicsisdeceptivelysimplebutrequiresvastexpertise 9 1.4.4 Computerforensicstop-levelprocedure 11 1.4.5 Forensicsspecifics 13 1.4.6 Digitalevidenceisoftenevidenceofnothing 16 Selectedbibliography 22 2 Locating Your Sensitive Data in Your Computer . . 23 2.1 Deletingdoesnotdelete—whatdoes? 23 2.1.1 General 23 2.1.2 Diskwiping 26 2.1.3 File-anddisk-wipingsoftware 28 vii viii Contents 2.1.4 Magneticmicroscopyforensicexaminationofdisks 31 2.2 Whereisthesensitivedatahiding? 32 2.2.1 Clustertipsorslack 32 2.2.2 Freespace 33 2.2.3 Theswapfile 34 2.2.4 Spoolandtemporaryfiles 34 2.2.5 Forensicsonnonmagneticdisks 35 2.2.6 Historyfiles 35 2.2.7 Dataintheregistryfiles 35 2.2.8 Datafromsloppyuseofpersonalencryptionsoftware 36 2.2.9 Nonvolatilememory 36 2.3 Theswapfileasasourceofforensicdata 36 2.3.1 General 36 2.3.2 Securelywipingtheswapfile 38 2.4 TheRegistryasasourceofforensicdata 39 2.4.1 WhyistheRegistryamajorsourceofforensicevidence? 39 2.4.2 WhereisallthisprivateinformationhidingintheRegistry? 41 2.4.3 BackinguptheRegistryandrestoringacorruptedone 42 2.4.4 CleaningupsensitivedataintheRegistry 42 Reference 44 3 Specialized Forensics Applications . . . . . . 45 3.1 Digitalwatermarking 45 3.2 TheBritishRIPActandtheUSCarnivore(DCS1000) 49 Selectedbibliography 51 4 How Can Sensitive Data Be Stolen from One’s Computer? . . . . . . . . . . . . . 53 4.1 Physicalpossessionofone’scomputer 53 4.2 Temporaryphysicalaccesstoone’scomputer 53 4.3 Commercialhardwarekeystrokeloggers 54 4.4 Commercialsoftwarekeystrokeloggers 57 4.5 Goingonline 58 4.5.1 Byone’sISPorbyanyonehavingcompromisedtheISP’s security 58 4.5.2 Byalegaloranillegaltelephonetap 59 4.5.3 ByremoteWebsitesthatoneaccesses 59 4.6 Spywareinyourcomputer 60 4.6.1 Bycommercialspywareandadware 60 4.7 vanEckradiationusingcommerciallyavailablesystems 64 4.7.1 General 64 Contents ix 4.7.2 Protectivemeasures 65 4.7.3 Opticalemanationsandtheirinterception 69 4.8 Beingonanetwork,cablemodem,orxDSLmodem 69 4.9 Othermeans 70 4.10 Insertionofincriminatingdatainyourcomputerbyothers 70 4.11 Securityprotectionstepsthatdon’tworkwellenough 71 4.11.1 ThefallacyofCMOSpasswordprotection 71 4.11.2 Thefallacyofpasswordprotectionofferedbypopular commercialsoftware 71 4.11.3 Thefallacyofprotectionbyhidingfilesfromview 72 4.11.4 Thefallacyofprotectionbyhidingdataintheslack 72 4.11.5 Thefallacyofprotectionbyplacingdatainnormallyunused locationsofadisk 72 4.11.6 Thefallacyofprotectingdatabyrepartitioningadiskfora smallercapacitythanthediskreallyhas 72 4.11.7 Thefallacyofprotectionthroughpassword-protecteddisk access 73 4.11.8 Thefallacyofprotectionthroughtheuseofbooby-trap software 73 4.11.9 Thefallacythatoverwritingafileremovesalltracesofits existence 73 4.11.10 Thefallacyofencryptionprotection 74 4.11.11 Otherprotectionfallaciesthatdon’tdeliver 74 Selectedbibliography 75 References 76 5 Why Computer Privacy and Anonymity? . . . . 77 5.1 Anonymity 79 5.1.1 Practicalanonymity 81 5.2 Privacy 82 5.2.1 YoucannottrustTRUSTe? 82 5.2.2 Isprivacyaright? 83 5.2.3 Theimpactoftechnologyonprivacy 86 Selectedbibliography 88 6 Practical Measures For Protecting Sensitive Information . . . . . . . . . . . . . 91 6.1 InstallingsecureWindows 91 6.2 Recommendedbestpractices 91 6.2.1 IfusingWindowsNT 96 6.2.2 IfusingWindows2000 98 6.2.3 IfusingWindowsXP 102

Description:
This revised edition of an Artech House bestseller goes far beyond the typical computer forensics books on the market, emphasizing how to protect one's privacy from data theft and hostile computer forensics. The second edition has been updated to offer more detailed how-to guidance on protecting the
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.