Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
 ·Shaw
| reply to howrman
Re: Who Accessed His WAP?
As you are finding out, prosecuting IT crimes is very difficult. Often we have no problem finding the source system of the offense and often we have the alias or hacker nic (and we in reality we already know who it is), but making that final connection and having the proof which connects an actual person to the system/offense/etc is the real challenge. Most IT criminals (and I can call them that as they were convicted and sentenced) were convicted based on the testimony of a cohort, or 'self convicted' such that the dependency of the electronic evidence was actually minimal (more just icing on the cake sort of thing).
Now how to prove they posted this, within all practical limits, impossible. You don't know at the time if their wifi connection was secure, the likelihood of logs and such almost zero, could someone have brute forced their password etc, make this a tough case. Now did he brag to anyone about how he slandered your name on this forum, your more likely to get somewhere following this approach. Access to his computer and information on it, difficult and even then expensive and with no guarantee that there will be anything useful in pleading your case and the absence of evidence would destroy your case (he might have very well deleted/wiped all logs, history, temp files, etc). Now even the best most hitech hackers on the planet make mistakes, and sometimes miss stuff when covering their tracks, but you are unlikely to get the type of resources needed to find those mistakes and time is of the essences as these 'mistakes' can be corrected and hence lost as evidence.
I realize that this is very much different then a personal attack and is a professional attack which might affect your career and professional future, but might I suggest that you consider that you case might not get a favorable ruling given the elusive nature of electronic evidence and either look for alternative evidence (certainly gather what electronic evidence you can) and/or look for other ways to reaffirm your professional relationships.
Certainly anyone who reads online discussion forums knows or should know that postings that are 'out of character' should be viewed as suspicious in terms of ownership as its a risk that everyone in that community shares.
Blake
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool |
|
munky99999
Munky
join:2004-04-10
canada
clubs:
| reply to howrman
quote:
ah i see.
ask for the defendent's wireless security configuration to decide whether that warrants his defense.
do you have a lawyer?
You get the configuration and find out. Hey it is secure. The new argument becomes. "I secured it due to this event bringing it to my attention." You are no further ahead. Legally speaking the op has to prove he did it; and the defendant just used the pretty much game winning argument in that.
quote:
Then you should know that you should be suing for allowing the content to be posted in your name. Without the ISP and website divulging specific info on MAC addresses, you can't even prove that the IP wasn't spoofed.
Ip addresses prove nothing, mac addresses prove nothing. All of which can be faked very very easily.
quote:
No. I'm suggesting that you sue the same individual, but for allowing his network to be used for the posting.
Sort of like suing the owner of a vehicle that crashes into to you but the driver is unknown because they left the scene?????
So Im sleeping at home. Someone steals my car and crashes it into a bank and steals money. The bank can sue me? Not a chance.
quote:
In reality, I don't think it's going to be very hard to prove that the defendant posted the comment
Hard.
quote:
Given the fact that he harbored animosity towards me, it would be one hell of a coincidence if some stranger just happened to come along at 10 p.m. on a Friday night to access his WAP on the 11th floor of an office building to post something about me.
11th floor kindof doesnt make a difference; wlan goes fair distances. Also "harbouring animosity" is hardly illegal.
I assume you someone were able to obtain IP address; then got an applicable warrent from his ISP to prove it was even his network that did it. Not that you just have a hunch that it was him. On top of that... Dynamic DNS is extremely common. Similar or exact same IP is next to impossible to hold onto most of the time. |
|
Greg_Z
Premium
join:2001-08-08
Springfield, IL
·Comcast
| reply to howrman
Read this »www.sj-r.com/breaking/x124614564···ake-page and then realize, that you can do more by acting, then coming onto a web forum and ranting about why a coworker "demoralized" you. If it is that bad, then this is probably not the first time, nor the last time that you will deal with this in the real world.
The way it works, is no matter what is stated, or who says that it was not them. If it was their Internet connection through a provider, then you should of taken care of this by serving them with a day in mediation or court. Or even easier, put on the boxing gloves and have at it.
--
I threw out the map a long time ago. Now I follow my own direction! |
|
howrman
join:2000-07-08
Philadelphia, PA
3 edits | reply to Greg_Z
I appreciate your thoughts, but you should understand that this is not something that happened because I was online. The comment was posted under my name because an attorney wanted to get even with me for things that transpired in the course of litigation. Therefore, you advice to "not get online" wouldn't have helped.
Second, your statement that I "cannot do anything about what is stated on the Internet" is incorrect. In this case, I was able to track down the person who posted the comment and I am able to hold him legally accountable. I think it important that people not take the limited anonymity afforded by the Internet as a license to engage in conduct in which they would never engage in the "real" world. Personal responsibility is a cornerstone of civilization. |
|
Greg_Z
Premium
join:2001-08-08
Springfield, IL
·Comcast
| reply to howrman
This is one of those matters, that you should put behind you, and remember, that if you do not want something stated about you on the Internet, then do not get online. Remember, with public postings about anyone on the Internet, it is the same if someone does the same in public, or on a billboard. You can ask the person to stop talking about you in public, have the billboard removed, but cannot do anything about what is stated on the Internet, due to ownership falls away by the site owner.
Personally, I would take it as a lesson learned, and unless it comes up if you run for a public office, forget about it.
--
I threw out the map a long time ago. Now I follow my own direction! |
|
howrman
join:2000-07-08
Philadelphia, PA
| reply to MnR
The county in which my office is located has about 70 judges. I regularly practice in 4 other counties that have another 150 or so judges. It's not really practical to meet with all of those judges and I have no way of knowing which ones are aware of the statement that was falsely attributed to me. There's also the possibility that clients or prospective clients saw the posting. How would you suggest I contact all of them?
Moreover, why shouldn't the person who posted the comment be made to compensate me for my damages and be held accountable for his conduct? Judges don't usually get annoyed at having someone "dragged into their courtrooms" on a meritorious claim. After all, that's why the courts exist. |
|
MnR
Premium
join:2002-05-27
Iron Mountain, MI
| reply to howrman
Hi,
Why don't you save a lot of the courts time by scheduling a meeting with the judges to talk with them about this statement?
You are supposedly a person of intellect and a professional You should be able to talk to the judges that you are dealing with and explain the situation to them. They would think more of you for doing it that way then dragging this matter into their courtroom....
MnR
--
No one is listening until you make a mistake! |
|
Greg_Z
Premium
join:2001-08-08
Springfield, IL
·Comcast
| reply to howrman
said by howrman  :I have filed suit against a person who I believe posted defamatory comments on a web site. Subpoenas to the web site and ISP confirm that the comments came from the defendant's IP address. However, the defendant asserts that an unknown person gained access to his unsecured wireless connection and posted the statements. The bolded underlined section explains it all.
--
I threw out the map a long time ago. Now I follow my own direction! |
|
Angelo_
The Network Guy
Premium
join:2002-06-18
1 edit | reply to Anon
i see no merit in your complaints...
you don't have
1) proof
2) any real motives
no judge in his right mind will rule in your favour, this is just a waste of both of your time... just get over it and move on like most of us do. |
|
no_one
@maricopa.edu
| reply to howrman
Re: Who Accessed His WAP?
said by howrman :Sorry if I wasn't clear before as to the nature of the conduct that gave rise to the suit. The defendant posted a comment under my name that was critical of judges before whom I practice. Thus, he wanted those judges to believe that I was publically expressing unprofessional comments about them. If it was merely a matter of a person expressing opinions about me, I couldn't and wouldn't sue. Opinions are protected free speech. As such, they are not actionable. The problem here is that the defendant fraudulently represented that he was me and he falsely attributed damaging statements to me. What would you do under these circumstances to seek redress? If the judges know you and the other person then you should be fine. If a judge cannot tell you are telling the truth that you did not post it well something is wrong.
Basically saying if you have strong character and such the judges will ignore the posted garbage.
I mean clients and others are not always happy people with outcomes so rude comments or other type of comments are probably not uncommon. |
|
stinger
join:2001-03-22
Florissant, MO
clubs:
| reply to mmainprize
The computer's hard drive will have evidence of every activity unless...
1. The hard drive has been low-level formatted or fully formatted using secure data wiping.
OR
2. The owner is as paranoid as I am and has installed electro-magnetic loops around every doorway that can be activated at the flip of a switch, thus destroying any drive or magnetic media that passes through them.
Sorry, must go...the black helicopters are back!  |
|
mmainprize
join:2001-12-06
Houghton Lake, MI
| reply to howrman
You follow the trail. If you have found a IP and that point to him as you say, then you should be able to get more proof from his PC. You just need to get the court order to have the Cops or FBI take his PC's and look for the proof. If he did post that info on that web site then the logs on his PC's for web surfing will show that he did go there to that site and on what date. Those log do last for months unlike the personal router logs.
If his router is open than you could hire a hacker to find that info before you go to the courts. But then you will be doing the same things he has done, in a round about way. |
|
lmacmil
join:2001-01-26
South Bend, IN
| reply to howrman
said by howrman :What would you do under these circumstances to seek redress? A couple of busted kneecaps? |
|
PeteC2
Got Mouse?
Premium,MVM
join:2002-01-20
Bristol, CT
clubs:
 ·AT&T Yahoo
| reply to docrice
I do not believe that you will be able to definitively prove the author of the offending emails either way, as not only is proving that his machine was not "hi-jacked", difficult, you further could not prove that someone else simply may have typed that from that site...
However, as there is a proven history of conflict here, and it is known that at the very least, the fraudulent emails originated from his ISP address, I would rather suspect that it is more incumbent on the defendant to prove that they did not originate from him, yes?
After all, this is a civil suit, not a criminal trial.
--
Deeds, not words |
|
docrice
join:2008-03-31
Fremont, CA | reply to howrman
I personally wouldn't know where to start since I'm legally ignorant about how to go about such things. I'd check with the EFF though as they might have a much better idea what to do. |
|
howrman
join:2000-07-08
Philadelphia, PA
| reply to no_one
Sorry if I wasn't clear before as to the nature of the conduct that gave rise to the suit. The defendant posted a comment under my name that was critical of judges before whom I practice. Thus, he wanted those judges to believe that I was publically expressing unprofessional comments about them.
If it was merely a matter of a person expressing opinions about me, I couldn't and wouldn't sue. Opinions are protected free speech. As such, they are not actionable. The problem here is that the defendant fraudulently represented that he was me and he falsely attributed damaging statements to me.
What would you do under these circumstances to seek redress? |
|
no_one
@QWEST.NET
| reply to howrman
said by howrman :I'm not aware of any legal basis for imposing liability on the owner of an unsecured WAP for things that are posted through that connection. In fact, I'm pretty sure that the Decency Act protects them. That's why your ISP isn't responsible for things that you post using its connection. In reality, I don't think it's going to be very hard to prove that the defendant posted the comment. Given the fact that he harbored animosity towards me, it would be one hell of a coincidence if some stranger just happened to come along at 10 p.m. on a Friday night to access his WAP on the 11th floor of an office building to post something about me. I would say something. Then again you now have a track record of sueing.
If it is just a personal comment right or wrong who cares? Get over it grow some thicker skin. If someone say dumps all your private client files on the web that is different. |
|
docrice
join:2008-03-31
Fremont, CA
| reply to howrman
While I'm obviously not a legal expert (or even amateur), I've seen presentations by folks who are more knowledgeable about Internet-related applications of the law and it's not very cut-and-dry most of the time since proving intent based on traditional evidence is rather difficult. Just like in digital forensics, solid evidence is always up for interpretation of credibility since the method of collection, plus how well the forensics investigator is able to defend the collection process plays a hand depending on how the defense / prosecution wants to tell the story. Simple chain of custody isn't enough, apparently from what I'm told.
You might want to check out some Black Hat sessions by Jennifer Granick (I think she works for the Electronic Frontier Foundation now) and she gets right into it. |
|
howrman
join:2000-07-08
Philadelphia, PA
| reply to voiplover
I'm not aware of any legal basis for imposing liability on the owner of an unsecured WAP for things that are posted through that connection. In fact, I'm pretty sure that the Decency Act protects them. That's why your ISP isn't responsible for things that you post using its connection.
In reality, I don't think it's going to be very hard to prove that the defendant posted the comment. Given the fact that he harbored animosity towards me, it would be one hell of a coincidence if some stranger just happened to come along at 10 p.m. on a Friday night to access his WAP on the 11th floor of an office building to post something about me. |
|
