Ask Lemmy
A Fediverse community for open-ended, thought provoking questions
Rules: (interactive)
1) Be nice and; have fun
Doxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them
2) All posts must end with a '?'
This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?
3) No spam
Please do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.
4) NSFW is okay, within reason
Just remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com.
NSFW comments should be restricted to posts tagged [NSFW].
5) This is not a support community.
It is not a place for 'how do I?', type questions.
If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.
6) No US Politics.
Please don't post about current US Politics. If you need to do this, try !politicaldiscussion@lemmy.world or !askusa@discuss.online
Reminder: The terms of service apply here too.
Partnered Communities:
Logo design credit goes to: tubbadu
view the rest of the comments
Law enforcement fabricating evidence is probably a much bigger issue. No matter how well you verify the accurarcy of your own evidence, if the system is corrupt, then it doesnt matter. Digital media is only one small part of that problem. Server logs, message logs, existence of files on your confiscated devices, call logs, etc. can all be fabricated by police. Fabricating images is just a cherry on top.
Cops can just raid your house, confiscate your drives, carefully plant CP on them and claim that you were in posession of CP. Im pretty sure this has happened before.
See, this is why I hate the typical social media (yes, including reddit and lemmy) bandwagon of always sideing against the accused for any sex-related charges. Like... c'mon, it hasn't even been proven in court. If they "find CSAM" or has a random person making SA claims against a democratic socialist candidate running for high office, I'm gonna be very skeptical of the claims. Could've been falsified to derail a campaign.
You know there are Windows audit logs that can show tampering like adding files after the equipment has been confiscated.
And before you say well they can edit/remove the logs, it tracks that stuff too.
You know I can read and write to a "Windows" machine without ever booting up Windows? It can't track anything if it hasn't been booted.
yes, and when a forensic expert does their check on the system and see a file existing that the audit log says was never written by windows how can prosecution say it was on the drive when they cloned it?
In our made up scenario here I have a couple of thoughts. First, they make an entry in the log since they can write to the drive. Or find out the retention period of the logs, and date the file before any existing log entries and then just state that it has been on there long enough for the logs to roll off. My point is that you cannot trust these logs when a drive can be written to externally. Another option, remove the logs, install them on a windows machine not connected to any network. Change the date/time to something you want, boot windows and drop the file on the machine, making a log entry. Maybe resort the logs, or just copy the log entry back over to the original machine. There are plenty of ways these logs could be faked or modified. When someone has physical access, all bets are off and everything becomes suspect.
Btw, 20 years ago I had to testify in court as a photographer that the images I had, that were introduced as evidence to the court, were the originals and that is what I saw through my viewfinder. So none of this is new, and courts have always needed to have provenance.
A. That would require the courts to be capable of having actual technical understanding which they absolutely do not if you look at the kind of rulings there have been for IT related stuff in the recent past.
B. Of course you can fake any kind of log in undetectable ways. Police has all sorts of deals with zero day software vendors these days. So even if it were so magically foolproof (which it isnt, nothing is) then you can never be sure.
C. Doesnt need to be "found" on a windows computer, they can just put it on a random USB drive and that would most likely hold up in court.
Why would the courts need to understand? That is why technical experts are called to support evidence
Which are then ignored usually. If courts actually listened to experts we wouldnt have climate change, governments spying on their citizens, countries supporting israels genocide, big tech privacy violations, etc.
But courts don't call on experts in these cases, they are called by the prosecution or defence to support or pick away evidence.