Forwarded from: William Knowles <wkat_private> http://australianit.news.com.au/articles/0,7204,6751835%5E16123%5E%5Enbv%5E,00.html Sian Powell and Chris Jenkins JULY 15, 2003 AUSTRALIAN Federal Police cyber-crime expert Nicholas Klein used a specialist forensic handheld disk duplicator to crack the laptop of alleged Bali terrorist Imam Samudra without altering the data it contained. Samudra has been charged as one of the organisers of the Bali bombings that killed 202 people on October 12 last year. During court proceedings in Indonesia, Mr Klein testified the Acer laptop belonging to Samudra had not been altered in any way since it had been seized. Samudra denied much of Mr Klein's testimony, saying he had seen his laptop open on a table at police headquarters, and claimed police put files on the machine. He angrily thrust his fist at Mr Klein when both men approached the bench during the trial. "We used a forensic software program and we looked at all the data on the computer's hard disk. When we examined the computer; we didn't turn it on," Mr Klein said. In court, Mr Klein said the Logicube hard-drive duplication system - a standard tool in computer forensic work - had been used to retrieve the data. Maker Logicube says the handheld disk duplication system has an error rate of less than one in four billion. The Logicube procedure, Mr Klein told the court, involved connecting "an original hard disk to one side and an empty hard disk to the other side. "The device makes an exact copy of the hard disk, and it is also made so that the original hard disk doesn't have any information changed, altered or added in any way," he said. Mr Klein told the court "many things" were found on the clone, including graphics, pictures, and elements from an internet site called Istimata.com. The data included "a statement claiming responsibility for the Bali bombings". The copying was done at the Polda police headquarters in Bali on December 18-19 and took many hours, Mr Klein told the court. The Australian Federal Police also kept a copy of the clone. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Jul 18 2003 - 03:56:44 PDT