Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Tech Forensics Take Center Stage in Manning Pre-Trial

Unknown Lamer posted more than 2 years ago | from the next-time-use-a-better-passphrase dept.

Security 172

smitty777 writes with some updates from Bradley Manning's Article 32 hearing: "Wired has been reporting all [yester]day on the prosecution's technological evidence against Bradley Manning. The first is on the technology and techniques used by Manning. In the second, the examiners admit they didn't find any matching cables on Manning's computer. And finally, evidence that Manning chatted directly with Assange himself." The prosecution was able to access chat logs and other bits of evidence (which had been deleted, but not scrubbed from the disk) thanks to PFC Manning's use of the same password for his OS login and encryption passphrase. Oops.

Sorry! There are no comments related to the filter you selected.

"not scrubbed from the disk" ,"Same password" ?? (2)

zero.kalvin (1231372) | more than 2 years ago | (#38433166)

Come one, for a person who do the work he was doing, he have known better! He should only blame himself for these mistakes.

Not so fast... (3, Insightful)

neokushan (932374) | more than 2 years ago | (#38433226)

From the first article...

In those chats, Manning told Lamo that he had “zero-filled” his laptops, referring to a way of securely removing data from a disk drive by repeatedly filling all available space with zeros. The implication from Manning was that any evidence of his leaking activity had been erased from his computers. But Shaver’s testimony would seem to indicate that either the laptops weren’t zero-filled after all, or that it had been done incompletely.

So Manning certainly knew about this kind of thing, but either didn't do it or didn't do it correctly. I wonder how difficult it is to mess something like that up?

Re:Not so fast... (3, Interesting)

vlm (69642) | more than 2 years ago | (#38433340)

Or he most certainly did, or at least he set up an automated system to do it, etc.

But, no one can/will publicly admit the truth, that either the automated system to do that can be selectively remotely subverted on command (perhaps a routine investigation into him "fishing expedition" found more than expected?) OR the secret truth that cannot be discussed is that classified data recovery operations can read overwritten data much better than public recovery operations.

Most likely this is one of those "lawyers approach the bench" undocumented moments where both sides were informed that public discussion of these classified projects in this trial will be prosecuted, etc... The less this seemingly important topic is discussed during the trial, the more likely they're covering up some interesting technical means.

Having worked in a Army reserve unit in the early 90s in an IT-like capacity, we were told if we were overrun, the ammo depot's records had to be wiped by thermite, not "writing zeros" or whatever. This is public knowledge, read the public TMs. There is probably a very good reason when going up against "the bad guys" you only trust thermite, and going up against internal investigators and auditors, "trust us, writing zeros is good enough"

Re:Not so fast... (3, Interesting)

Alranor (472986) | more than 2 years ago | (#38433884)

Having worked in a Army reserve unit in the early 90s in an IT-like capacity, we were told if we were overrun, the ammo depot's records had to be wiped by thermite, not "writing zeros" or whatever. This is public knowledge, read the public TMs. There is probably a very good reason when going up against "the bad guys" you only trust thermite, and going up against internal investigators and auditors, "trust us, writing zeros is good enough"

Of course, that might have something to do with the fact that zeroing out the hard drives takes a not insignificant amount of time compared with just blowing them up. I've never been in the military myself, but I would hazard a guess that you might be under some time pressures if your base is being overrun by the enemy.

Re:Not so fast... (1)

FileNotFound (85933) | more than 2 years ago | (#38435186)

You do not take chances with classified data. It's just not done. Every media ever labeled anything other than unclassified is destroyed once it has served it's purpose.

Re:Not so fast... (1)

3nails4aFalseProphet (248128) | more than 2 years ago | (#38435922)

I'm with Alranor. Having spent several years on subs, sometimes in "interesting" locations, I second the notion that "burn it with fire" is likely used if there is threat of capture due to the need for speed of disposal, and also because it doesn't matter how the sensitive data is stored... paper, mag tape, hd, ssd, dvd... high enough heat destroys them all. It also doesn't require anything to still have power to "write zeros".

Re:Not so fast... (1)

lambent (234167) | more than 2 years ago | (#38433930)

see, the thing is, that later on in the article the general incompetence of the systems support people is discussed. i mean, they have 11TB of shared drive space so employees can share movies and music, but they don't have enough space on their servers to keep adequate logs of activity.

frankly, occam's razor applies, here. the reason you were told not to trust writing zeros is probably because the likelihood that you'd've screwed it up was too high. which is probably what happened to bradley manning.

also, writing zeroes takes a long time. thermite is much, much faster.

Re:Not so fast... (2, Informative)

VortexCortex (1117377) | more than 2 years ago | (#38433938)

The magnetic data is analog.  so, it's less 1's and 0's than 1.0031 and 0.073...
Overwriting with zeros could leave some evidence of the previous data eg (w/ a 1/100th retention: 0.010031 and 0.0073).
Amplify those by 100 and you get back your 1.0031 and 0.073.  It takes a very sensitive head, multiple reads, and a totally different drive enclosure, but you get the basic idea.

So, what if you write over the data with pseudo random noise? That's better, but not quite good enough.  The problem is that we know what the "top layer" of data is, so we can subtract out that layer of noise.

Eg: Let's say we have a multiple zero written surface, we're starting from scratch, and we write: 1010
1.0
0.0
1.0
0.0

Now, let's say that we overwrite this with 1100
1.01
1.00
0.01
0.00

We can read back the 1100 and subtract the noise from our signal.
0.01
0.00
0.01
0.00

Amplify the signal by a gain of 100.
1.0
0.0
1.0
0.0

With VERY sophisticated and sensitive gear you could even read back data after multiple writes.  The best part is that the CRC checksums of the sectors will help you verify the data is correct.  It's best to overwrite multiple times with a good source of (pseudo)randomness, like a cipher in CBC mode with a strong key and pseudo-random data stream.  I'd say 3 times would be more than enough to obfuscate the data, but what do I know?

Now, a factor of 100 is a gross simplification for example purposes only. This was a bigger concern with older hard drives; Modern hard drives store the magnetic fields in such a way that it's even harder to recover, but the truth is it's not digital.  It's still analog underneath, and subject to the same type of retrieval practices with very good gear.

SSDs use ware leveling, so over writing data does nothing but place the new data somewhere else, leaving the old data intact.

In any event, if you want the data really gone, just hit it with a hammer a few times... Thermite may attract more attention than its worth.

Re:Not so fast... (1)

LordLimecat (1103839) | more than 2 years ago | (#38434682)

Hammer isnt going to destroy the magnetic domains. Someone with really good gear could in theory make a digital reconstruction of the drives by reading off the broken pieces of the platter.

If you are going to destroy the drive anyways, throw it in an incinerator or degauss it, or else take a grinder to the platters (id like to see someone reconstruct the drive from abraded dust).

Re:Not so fast... (1)

Khyber (864651) | more than 2 years ago | (#38436326)

"Hammer isnt going to destroy the magnetic domains"

Umm, with the right impact, the heat and force imparted via thermodynamics to the platter can indeed change magnetic domains.

Re:Not so fast... (0)

Anonymous Coward | more than 2 years ago | (#38434060)

The secure data standards suggested by the NSA, I think it was (might have been someone else), for data wiping are to flash 0 then 1 seven times before considering the disk clean. My understanding is that some small amount of residual charge remains after a single wipe that can be detected by removing the platers and using a more sensitive read head. It takes multiple wipes to make the residual charge lost in the noise of the other state changes.

Re:Not so fast... (1)

LordLimecat (1103839) | more than 2 years ago | (#38434626)

OR the secret truth that cannot be discussed is that classified data recovery operations can read overwritten data much better than public recovery operations.

Which is why when people talk about the theoretical difficulties and the implausibility of recovering data off of overwritten sectors, its a worthless assurance. Noone has demonstrated a mathematical impossibility, they just say "we dont think anyone can do this".

If you want data really, truly, for realsies gone, degauss the disk, or raise it to the curie point.

Re:Not so fast... (0)

Anonymous Coward | more than 2 years ago | (#38434846)

OR the secret truth that cannot be discussed is that classified data recovery operations can read overwritten data much better than public recovery operations.

Read data that has been overwritten? Computers aren't magic, bro.

Re:Not so fast... (1)

Trixter (9555) | more than 2 years ago | (#38435136)

There is probably a very good reason when going up against "the bad guys" you only trust thermite, and going up against internal investigators and auditors, "trust us, writing zeros is good enough"

It depends on the drive technology. If you were in the service in the 1970s/1980s, where hard drive tech was MFM or RLL or similar, then yes, thermite was the correct option. For 2011-era SATA drives, zeros are almost good enough, and overwriting with a random data stream is most definitely good enough (the amount of time and equipment needed to try to recover a modern drive that has been overwritten with a random data stream is so prohibitive that it is usually easier and cheaper to just threaten someone with harm to coerce information out of them).

Re:Not so fast... (1)

blueg3 (192743) | more than 2 years ago | (#38435464)

It's because writing zeroes takes time and is easy to screw up -- power loss, drive failures, etc. will stop the erasure process. Thermite is fast, reliable, and gives visual feedback that the operation has completed successfully.

Re:Not so fast... (2)

loxosceles (580563) | more than 2 years ago | (#38435608)

The standard recommendation I've seen is to overwrite at least 3, perhaps 5, 7, or even 9 times[0], often with a final all-zero overwrite[1] at the end (since an all-zero nominal image might discourage someone from looking harder, while a disk full of random-looking data can only result from a random overwrite or a full-disk encryption system).

The "kill it with fire" technique is more a question of speed and when you can afford to destroy disks. I've heard the NSA burns their disks, and Google physically mangles disks, but consider that those organizations are going to get rid of disks either when the device using them is past its useful lifetime, or when the disk starts failing. At that point the future value of keeping the disk around is low. It's more cost effective to use a quick method that prevents data recovery (of the desired level depending on threat model), rather than tying up computers and personnel in lengthy overwrite procedures when the disk is probably going to be thrown out anyway.

The reason for multiple overwrites is that if you look at absolute magnetic readings from the disk at each bit storage position, it's not digital. Instead of "1" or "0", you might see .998 or .005.

The one in-depth article I read a while back said that an overwrite moves the charge roughly 90% of the way to the opposite value. If a bit was "1" and is overwritten with "0", the new value would be 0.1 Subsequent overwrites similarly attenuate past data. Given disk error rates today, I think 90% is optimistically high.

For the sake of simplicity, if each overwrite pass changes the data value exactly 90% of the way from the current value to the target value, every bit on the disk is going to be either between 0 and 0.1 or between .9 and 1.0. More specifically, there are four possibilities for each bit. If the reading is close to the range 0.00 to 0.01, both the current and last image stored a zero. If the reading is close to the range 0.09 to 0.10, the current image is zero and the last image was a 1. Similarly for 0.90 to 0.91 and 0.99 to 1.00 ranges.

With a perfectly accurate magnetic detector and a HDD write mechanism that is perfectly accurate, and a perfectly linear and resilient magnetic layer on the disk, you could discover past images one by one... once you determine the last image logical value, you apply a function, possibly a linear map, to strip out the computer-visible layer and derive the exact magnetic reading as it would have been before the last overwrite. Repeat, wash, rinse...

The objective of overwriting several times is to push the magnetic differences caused by the last "real" stored data into the range where it's obscured by noise, either noise of the magnetic imager used to take raw magnetic readings, or much more likely, noise of the HDD writing mechanism (it isn't writing a perfect "1" value each time), or noise or imperfections of the magnetic substrate leading to imperfect magnetic storage.

I think recommendations for 35 overwrites, or even 9 overwrites, may be overestimating the capabilities of an adversary. Not because of anything the adversary does, but because of modern hard drives. Data is crammed into such small magnetic wells that the absolute magnetic readings are less consistent than ever before. Given the error rates of modern TB-sized disks, I would expect many blocks with unrecoverable (2+ bit errors per block) read errors upon reconstruction of even the second to last magnetic image. Repeating the process, I would expect errors to increase non-linearly. My WAG is that before 9 overwrites you're in a situation where even a perfect magnetic detector is reading only low-level noise from the drive. (I'm talking about noise from the non-perfect magnetic layer on the disk surface, and fluctuating magnetic field write strength from the drive head.)

[0] see, for instance, http://www.securityfocus.com/archive/1/310128 [securityfocus.com]

[1] An all-zero overwrite simply provides a surface layer of plausible deniability if nobody uses a magnetic imager and instead uses commodity hardware to check drive contents. A disk area filled with statistically random data, AFAIK, has only two causes: 1. a full-disk encryption program in a mode that doesn't use a header (e.g. Truecrypt's hidden containers), or 2) a secure overwrite pass. Both might draw unwanted attention in certain instances, where an all-zero disk might be mistaken for an unused drive.

Re:Not so fast... (0)

Anonymous Coward | more than 2 years ago | (#38436036)

And the crew of the surviellance plane that went down in China were told to destroy their equipment by pouring coffee on it and hitting it with hammers. Clearly, you should take any methods used by the military as a model for your own best practices.

Re:Not so fast... (1)

UBfusion (1303959) | more than 2 years ago | (#38436164)

Using thermite on my hard drive would be perceived by the interested parties as a confession of my guilt. If I were in his shoes I'd never use it, I'd just use non-destructive methods like the ones he did.

Re:Not so fast... (3, Insightful)

jimicus (737525) | more than 2 years ago | (#38433438)

So Manning certainly knew about this kind of thing, but either didn't do it or didn't do it correctly. I wonder how difficult it is to mess something like that up?

Extremely easy.

Any modern operating system uses swap space - and while there's usually a way to ask the OS never to swap a program out, it's seldom exposed to the user. It normally relies on the program itself requesting this, and not everything will. Though a program may be exited later, the area of swapfile it used to use is not necessarily freed from disk.

On top of that, a few programs (eg. Gimp) deal with their own memory management to a certain extent and so operate their own swap independently of the OS - they may also keep other temporary files floating around and don't always delete them. Or they may not save a file in the way you expect - when you hit "save", it's not unusual for a program to:

  - Create a new file.
  - Dump the data into the new file.
  - Rename the old file.
  - Rename the new file so it has the same name as the old one.
  - Delete the old file.

This drastically reduces the risk of the app dying part way through the save process resulting in a corrupted file. It may result in a file that hasn't been saved, so some work may be lost, but it won't lose the lot. Of course this has the side-effect that there's an old file sat on the disk somewhere containing much the same data.

On top of that, very small files will be stored directly in the MFT on Windows. Now the size of file we're talking about is probably not big enough to contain any serious information, but it may well give a forensic investigator a clue as to what's been done.

I can think of a few scenarios in which Manning could easily mess up:

1. Several "secure delete" utilities offer the option to securely delete individual files. Which they will, but as discussed above that may not achieve much.
2. Using a tool to wipe all free space - these usually work by creating a file and filling it with zeroes until the OS eventually returns a disk full error, then deleting the file. I have no idea what - if anything - they'll do with any data still sitting around the MFT. Not to mention the fact that they won't help if there's any incriminating files sitting around that weren't deleted in the first place - and as we've established, it's quite possible for an application to do this totally invisibly to the end user.

Realistically Manning would need to run DBAN or something similar on the entire disk. This will wipe the OS, so the affected computer would need to be reimaged.

Re:Not so fast... (1)

Qzukk (229616) | more than 2 years ago | (#38433874)

there's usually a way to ask the OS never to swap a program out, it's seldom exposed to the user.

This is why I don't use PuTTY's pageant on windows without disk encryption. It specifically states in it's faq that even with the functions it has available, it cannot guarantee that windows won't swap it to disk [greenend.org.uk] .

Re:Not so fast... (3, Informative)

Sloppy (14984) | more than 2 years ago | (#38433980)

Any modern operating system uses swap space - and while there's usually a way to ask the OS never to swap a program out, it's seldom exposed to the user. It normally relies on the program itself requesting this, and not everything will. Though a program may be exited later, the area of swapfile it used to use is not necessarily freed from disk.

Yeah, there are lots of ways to screw up, but swap is one of the easiest things to get right. Since the user doesn't need to know a key, the machine can pick a totally random one (256 real bits, no guessable passphrase with less actual entropy) for it at every boot. Swap can be as solid as your best symmetric cipher, and that's pretty damn good. All the PK used on the internet will fail long before this level of tech does. Set things up right and swap may be the #1 safest place on your disks, the catch being that your lose it every time your reboot. ;-)

Re:Not so fast... (0)

Anonymous Coward | more than 2 years ago | (#38434530)

I have my swap partition configured for random password encryption so anytime the computer shuts down and is rebooted there is no way to retrieve the content of the swap partition.

Re:Not so fast... (1)

Sloppy (14984) | more than 2 years ago | (#38435536)

Exactly. That's how to do it. Set it up once like that, and then you don't need to worry about swap anymore. I think Linux has had this easy-to-do since the 2.2 days and OpenBSD was (I think?) doing it before that. And that was back when processors were an order of magnitude slower than today's stuff.

The other problems jimicus mentions still stand, but the swap problem is so solved.

Re:Not so fast... (1)

VortexCortex (1117377) | more than 2 years ago | (#38434008)

<quote>2. Using a tool to wipe all free space - these usually work by creating a file and filling it with zeroes until the OS eventually returns a disk full error, then deleting the file. I have no idea what - if anything - they'll do with any data still sitting around the MFT. Not to mention the fact that they won't help if there's any incriminating files sitting around that weren't deleted in the first place - and as we've established, it's quite possible for an application to do this totally invisibly to the end user.</quote>

HAHAHA.  POSIX states that writing zeros doesn't actually have to do anything but remember that it's supposed to return zeros for those blocks.  Thus, you can store a file that's 1TB of zeros on a 100GB drive... Morons everywhere.

Re:Not so fast... (1)

jimicus (737525) | more than 2 years ago | (#38434464)

HAHAHA. POSIX states that writing zeros doesn't actually have to do anything but remember that it's supposed to return zeros for those blocks. Thus, you can store a file that's 1TB of zeros on a 100GB drive... Morons everywhere.

One would hope that anyone writing such a utility would have the good sense to fill the file up with something other than zeroes for precisely this reason.

Personally, I wouldn't stake my freedom on a gamble like that. You would be amazed how many applications are written with so little knowledge of the operating system's core API...

Re:Not so fast... (2)

huge (52607) | more than 2 years ago | (#38434032)

it's not unusual for a program to:

- Create a new file.
- Dump the data into the new file.
- Rename the old file.
- Rename the new file so it has the same name as the old one.
- Delete the old file.

This. Some of the more recent applications may replace last three steps with atomic rename so that new file replaces the old one. Linux has supported atomic rename already for a good while and so do Vista and later versions of Windows. Even after this data from the old file and new file are still retained on disk, even though space used for the old file will be marked 'free'.

Re:Not so fast... (1)

alen (225700) | more than 2 years ago | (#38433442)

when i worked for Uncle Sam the only sure way was to scrub the hard drive with wire brushes. a lot of the people that worked on Top Secret data would do that to their old hard drives when getting rid of old computers. for less sensitive data the standard was five complete passes over a hard drive to flip the bits. once or twice and a pro can still get data off it.

Re:Not so fast... (1)

guruevi (827432) | more than 2 years ago | (#38433880)

BS. Even if you just flip the bits twice (once to 0, once to 1) the data is virtually unrecoverable. There is not a single disk recovery company that can recover a deleted disk. Also, scrubbing with brushes would require you to open it and the particles you release by scrubbing the plates may be dangerous to your health. Use a magnet, fire or thermite.

Re:Not so fast... (1)

LordLimecat (1103839) | more than 2 years ago | (#38434738)

BS. Even if you just flip the bits twice (once to 0, once to 1) the data is virtually unrecoverable.

This is speculation. Every time this comes up on slashdot, people talk about how difficult it is, without ever demonstrating why its not possible (note the "VIRTUALLY unrecoverable"). There is no physical or mathematical reason why it cannot be done, just speculation on what level of sophistication the would-be attackers have.

Re:Not so fast... (1)

Toonol (1057698) | more than 2 years ago | (#38436506)

There is no physical or mathematical reason why it cannot be done,

Yes there is. You don't know whether a relative voltage level of 0.01 indicates that this was a 1 overwritten with a zero twice, or a 0 overwritten with a 1 then with two zeros. You cannot know. The voltage level is set by the cumulative (lessening) effect of every write that ever occurred on that spot on the platter, and you do not know how many writes occurred.

Re:Not so fast... (1)

kcitren (72383) | more than 2 years ago | (#38434070)

Can you find me a study showing that even after 1 or 2 overwrites that a professional can retrieve the data? NISPOM now states that for fixed magnetic media, the clear method is " Overwrite all addressable locations with a single character." while the sanitation method is "Degauss with Type I, II, or III degausser."

Re:Not so fast... (1)

kcitren (72383) | more than 2 years ago | (#38434096)

Mind you, that's not for classified materials, classified still requires some type of physical destruction.

Re:Not so fast... (1)

blueg3 (192743) | more than 2 years ago | (#38435494)

The evidence suggests that the disk was partially zeroed, then that operation was cancelled and the disk was simply reformatted without first erasing it.

Re:Not so fast... (2)

budgenator (254554) | more than 2 years ago | (#38435918)

So Manning certainly knew about this kind of thing, but either didn't do it or didn't do it correctly. I wonder how difficult it is to mess something like that up?

Well,

Johnson testified that he found two attempts to delete data on Manning’s laptop. Sometime in January 2010, the computer’s OS was re-installed, deleting information prior to that time. Then, on or around Jan. 31, someone attempted to erase the drive by doing what’s called a “zerofill” — a process of overwriting data with zeroes. Whoever initiated the process chose an option for overwriting the data 35 times — a high-security option that results in thorough deletion — but that operation was canceled. Later, the operation was initiated again, but the person chose the option to overwrite the information only once — a much less secure and less thorough option.

All the data that Johnson was able to retrieve from un-allocated space came after that overwrite, he said. Jolt in WikiLeaks Case: Feds Found Manning-Assange Chat Logs on Laptop [wired.com]

First you actually have to shred [wikipedia.org] the files you don't want around, then do a quick single pass ZeroFill then on a frequent basis defrag the harddisk and do a high-level ZeroFill; few will have the patience to do this consistently enough to be effective. It's simply human nature to get sloppy and over-confident after a while.

Re:"not scrubbed from the disk" ,"Same password" ? (1)

am 2k (217885) | more than 2 years ago | (#38433288)

He attempted to delete the information by zero-filling the disk. The same password issue stems from being the default on the operating system (Mac OS X). I guess the forensics contractor reversed the hash from the login information and retrieved the password that way. This requires some serious computing power for the password used.

I guess 11 digits can be considered mightily unsafe now. Obligatory xkcd reference [xkcd.com] .

Re:"not scrubbed from the disk" ,"Same password" ? (1)

blueg3 (192743) | more than 2 years ago | (#38435264)

Modern Mac OS X uses a single SHA-1 hash (salted) to store passwords. Older versions of OS X uses somewhat less-secure hashes, and if you've interacted with a Windows network you may have things like an NTLM hash to work with.

While the password is 11 characters, it's well within the set of passwords that a good dictionary attack generator will hit -- a word, a year, and some symbols. SHA-1 is cheap to crack.

This is a good example of why operating systems storing passwords should use key strengthening. A 1024-round HMAC is still trivially cheap to compute for a single password. Even if cracking this password took them only a month (a reasonable time for a long, guessable password), increasing the difficulty by 1024 would render it impossible to crack.

Re:"not scrubbed from the disk" ,"Same password" ? (2)

Sloppy (14984) | more than 2 years ago | (#38435946)

He should only blame himself for these mistakes.

Obviously, but Manning's not-having-his-shit-together was way deeper than technical. His situation was one where you don't even want to be a suspect or "person of interest." Once you have determined investigators looking at you, it's like having a determined burglar specifically interested in your house. He was one of tens (hundreds?) of thousands of people with access to these supposedly-sensitive documents, safely lost in a totally unmanageable crowd, and he told someone "look at me! look at me!"

I don't know if it even makes sense to "blame" him for getting caught, because at some point he apparently decided it was ok to get caught.

Military vs. Civilian Justice (2)

Sadsfae (242195) | more than 2 years ago | (#38433180)

The military justice system is a whole different world than that of civilians, it will be interesting to see if any of the circumstantial evidence will even matter.

Re:Military vs. Civilian Justice (1)

Xest (935314) | more than 2 years ago | (#38433222)

I was going to ask, in a military trial, does the evidence even matter? Isn't the case basically just decided on by some high ranking military personnel? Is there any law or repercussions that would convince them to give a toss what the evidence says anyway?

If this was a civilian trial it'd all be rather interesting to hear the arguments and see how they justify the decided punishment in the face of given evidence (or in the face of his unlikely acquittal), but in a military trial I don't think it all even matters does it? If the military has prejudged him to be guilty, and don't care for any outcome other than that then that's what'll happen regardless of the merits of his case no?

Re:Military vs. Civilian Justice (5, Informative)

blizz017 (1617063) | more than 2 years ago | (#38433346)

1. He's not at trial yet; this is an Article 32 hearing.. basically a grand jury hearing/pre-trial. 2. At Trial, he would have a jury of his peers; far more so than you'd find in a civilian courtroom. He's and enlisted soldier, so if his defense team opted, they can have a jury full of enlisted soldiers. 3. Contrary to what you wish to believe; military court martials aren't show trials. I'd argue that they're ultimately far more fair and impartial than you'll ever find in a civilian courtroom where a DA and/or Judge may have a political agenda to fulfill.

Re:Military vs. Civilian Justice (2)

Xest (935314) | more than 2 years ago | (#38433476)

"Contrary to what you wish to believe;"

You know, not everyone on Slashdot has their viewpoints set in stone. There are at least one or two of us here still that are capable of taking in new information and changing our viewpoint based on the balance of evidence, rather than posting asserting that some preconceived notion is correct, despite not actually knowing that to be the case with some degree of accuracy.

I don't know a lot about US military trials, which is why I phrased my post largely as a question, as what I understood to be the case thus far was based largely on previous posts on the subject.

So to continue the point, what exactly is the goal of this pre-trial, what does it determine? how is the jury of peers decided? is it determined by a genuinely randomly selected set of soldiers? is there any scope for corruption to allow it to effectively become a show trial?

Re:Military vs. Civilian Justice (-1)

Anonymous Coward | more than 2 years ago | (#38433614)

Merely putting question marks at the ends of your sentences it doesn't excuse your accusatory tone. Much of what you wrote were not questions at all, but rather your opinions couched in a weasely way, in much the way some TV "journalists" do. And when their opinions are shown to be unfounded they can say "I was just asking a question."

Re:Military vs. Civilian Justice (1)

Xest (935314) | more than 2 years ago | (#38434266)

Well, obviously they were questions, so your assertion to the counter is completely false. The fact you see them as negative merely highlights the point that you disagree with my previous view of the situation, and take offence to that.

But this is really a problem for you to deal with yourself. If you take offence to someone being wrong, and aren't willing to challenge their point, and offer them a chance to reassess their viewpoint before you get angry at them, then you must live a very angry lifestyle. This of course begs the question, if you're so intolerant of other people's viewpoints, then perhaps you're precisely the type of person I was talking about?

Re:Military vs. Civilian Justice (1)

jbeaupre (752124) | more than 2 years ago | (#38433844)

I'm not in the military, but found this interesting article that gives details on what you are asking: http://usmilitary.about.com/od/justicelawlegislation/l/aacmartial2.htm [about.com]

As for a show trial, all trials are show trials to the extent they are intended to serve as a deterrent to others. From traffic court to murder trials. It's the fairness of the trial you're really wondering about.

It'll be as fair as any other high-profile case you've ever seen. Which is to say most of those involved know they are being watched and will either be fair (because that's their nature) or at least try to appear fair, but humans screw up. The appeals system helps.

Re:Military vs. Civilian Justice (1)

Xest (935314) | more than 2 years ago | (#38434188)

I've had a search and can't find much to answer the question as to why military trials are separate in the first place. Part the reason I assumed military trials were separate was because it meant it allowed the military to deal with things in their own way. As part of this I was under the impression it meant without the need for as much rigour as the civilian system. I've previously heard the reason for this is based on the argument that if you're in a warzone for example, that if you suspect with a high degree of certainty that someone is guilty of some crime, but can't prove it, you still need to be able to deal with them, because not doing so would be too risky in a combat situation.

Of course I might be wrong, which is precisely why I was intrigued to hear if there are indeed safeguards in place to ensure in a case like this, where there is scope for a proper investigation and trial, that it will indeed be carried out with the same rigour as you would expect in a civilian trial.

My concern is that if it is indeed the case that the same rigour isn't applied in military trials, then a military trial is simply being used to fit Manning up because they knew full well they couldn't get him in a civilian trial. The precedent for this would of course be Guantanmo, where the idea of military trials was put forward precisely because the US government supposedly knew it had no chance of conviction of most Guantanamo inmates under civilian trials.

Re:Military vs. Civilian Justice (1)

das3cr (780388) | more than 2 years ago | (#38435434)

It's seperate because he is charged under the UCMJ and not under civilian law or statute. There are a lot of good reasons for this. For example. Commanders maintain good order and discipline within the ranks by administering punishments as laid out under the UCMJ. Non judicial punishments for smaller infractions and Judicial punishments for those infractions that demand it.

Re:Military vs. Civilian Justice (1)

Xest (935314) | more than 2 years ago | (#38435804)

Yes, but you've simply reiterated that they are separate - that much is clear. The question is why are they separate, why can't those infractions be dealt with under pre-existing civilian law and justice systems that everyone else is subject to?

There's obviously a reason for handling military justice separately, but I'm not clear what it is - as I say, they closest I've found to an explanation previously is precisely so that the military can deal with things more informally, and hence in a more timely manner, but as I say, if that is the case, is that really appropriate for a case that deserves much greater scrutiny? and again, as I say, if that isn't the case then I'd love to better understand the real reason for even having the separate justice systems.

Re:Military vs. Civilian Justice (0)

CarbonShell (1313583) | more than 2 years ago | (#38434900)

It is a joke. Just look at the Abu Ghraib trials or others where they were not tried for torture, murder and rape (which they did) but for 'dereliction of duty' or 'illegal discharge of a firearm'.
They are good 'ol boys and the military will protect them with such a show trial they would usually get a death sentence or at least life.

But Manning is not a "good 'ol boy", he broke the unwritten rules. And like in some cheap mafia film, he is going down. Preferably with as much publicity as possible. (anyone honestly think he could ever be let go? how long would he survive?)
They are only trying to get him to confess about the connections with Assange because he is their real target.
They will not stop from doing whatever possible to pin the tail on that donkey. Not like the military, nor their government, really is an honest bunch that would never fake stuff and lie to get what they want.

Re:Military vs. Civilian Justice (0)

Anonymous Coward | more than 2 years ago | (#38433500)

YOU CAN'T HANDLE THE TRUTH.

Re:Military vs. Civilian Justice (5, Insightful)

Hatta (162192) | more than 2 years ago | (#38433948)

3. Contrary to what you wish to believe; military court martials aren't show trials. I'd argue that they're ultimately far more fair and impartial than you'll ever find in a civilian courtroom where a DA and/or Judge may have a political agenda to fulfill.

Bradley Manning was held in solitary confinement for almost a year before he was even indicted. How is that consistent with your even handed, non-political picture of military justice?

Re:Military vs. Civilian Justice (0)

Anonymous Coward | more than 2 years ago | (#38434976)

How is it inconsistent?

Re:Military vs. Civilian Justice (1)

das3cr (780388) | more than 2 years ago | (#38435492)

Most likely he was held in solitary for his own benefit. Contrary to what a lot of people want to believe ... most military people don't like traitors.

Re:Military vs. Civilian Justice (0)

Fned (43219) | more than 2 years ago | (#38436116)

Most likely he was held in solitary for his own benefit. Contrary to what a lot of people want to believe ... most military people don't like traitors.

So was the 23 hours a day where he was prevented from going into REM sleep, for an entire year, for his own benefit, or because military people don't like traitors?

Re:Military vs. Civilian Justice (1)

Anonymous Coward | more than 2 years ago | (#38434134)

1) You have right.

2) No, it will not be just enlisted soldiers - there will still be Officers on the jury. He is entitled to have up 1/3 of the jury panel to be enlisted, and I can assure you, they will *not* be his peers. The enlisted soldiers picked by the military will be career NCOs (E-7, E-8, E-9) with a minimum of 15+ years in service. They will not look favorably on his actions... It is a stacked deck honestly.

3) They can be, but you have to overcome the severe prejudices and ingrained mindsets of the empaneled jury. These are people, who to one degree or another, have held a security clearance or dealt with military secrets, and never let any cats out of any bags. I'll give you a single guess on how they are going to look on it.

Re:Military vs. Civilian Justice (2)

vlm (69642) | more than 2 years ago | (#38433472)

From having been in the military although not involved in the justice system, there are two reasons why military trials tend toward pointlessness.

1) Dumb people and addicts and nuts more or less can't get in the military. Most civilian trials, from talking to jury members, tend to involve some level of comedy, like how stupid / arrogant / high did the defendant have to be to think he'd not get picked up by the cops. Easy, trivial, to catch. But the smart military crooks (most stories I heard were about fencing stolen military property) were smart enough that it takes such a huge effort that the evidence is beyond overwhelming by the time they're arrested, there's no way Perry Mason could possibly get the guy free. Most military crooks tended to get caught by being too greedy, underlying substance abuse, or "hurrying up" toward the end of their enlistment, at least in the supply related stories I heard.

2) No rich people in .mil. Its widely believed that rich people don't do time in the civilian world, because its true. There's no way an enlisted soldier is going to afford OJ Simpson's lawyer. Also an enlisted soldier can donate a little to the correct political action committees, but not enough to matter. Maybe if his dad was an admiral or a general, maybe...

Re:Military vs. Civilian Justice (2)

wygit (696674) | more than 2 years ago | (#38433486)

I remember Heinlein saying If you're guilty, you're better off in a civilian trial. If you're innocent, you're better off in a military trial.
From "Starship Troopers", I believe.

Re:Military vs. Civilian Justice (1)

Sepodati (746220) | more than 2 years ago | (#38433502)

Where did you get the idea that this is all a show from? It's as much a trial as it would be in the civilian system. If there is any prejudgement, it's wrong. I can't say whether this exact trial will be fair or not, but it is supposed to be.

Re:Military vs. Civilian Justice (1)

Hatta (162192) | more than 2 years ago | (#38433982)

The fact that Bradley Manning has suffered almost a year of solitary confinement and only now getting a hearing would lead one to believe that this is all a show.

Re:Military vs. Civilian Justice (1)

das3cr (780388) | more than 2 years ago | (#38435326)

All of the evidence matters. Right now, the Art 32 hearing is just that. It's an assessing of the evidence to see if there is enough evidence to proceed with a trial. The difference being that the procedures, laws and regulations are from the Uniform Code of Military Justice.

The trial will be fair. All the evidence will be considered.

Hero (5, Insightful)

roman_mir (125474) | more than 2 years ago | (#38433210)

You do realize, that unlike your football and basketball stars, you actually have a real hero, don't you? He is in your prison - a political prisoner, because he dared to challenge the government and its illegal activities.

Re:Hero (-1)

Anonymous Coward | more than 2 years ago | (#38433314)

You have a very warped understanding of the word hero.

Real Heros do not throw the lives of others away (1, Insightful)

Shivetya (243324) | more than 2 years ago | (#38433454)

and he is no real hero nor the people who dispensed the information. A real hero would have taken the time to scrub names of people who are informants and such in hostile areas. A real hero would always be on the look out for the the little guy, not simply acting out of anger or spite. A real hero does not act as Manning did.

Yes, there were some good outcomes from what he is accused of doing, however we will never know how many lives were lost because of it. Granted we may not know of lives saved, but I am pretty sure those lost are real.

Re:Real Heros do not throw the lives of others awa (5, Insightful)

Forty Two Tenfold (1134125) | more than 2 years ago | (#38433638)

A real hero would have taken the time to scrub names of people who are informants and such in hostile areas.

Whoever passed the information did so unto the entity that did the scrubing for him. It's unreasonable to expect that he parsed reams of documents to remove stuff.

A real hero would always be on the look out for the the little guy, not simply acting out of anger or spite.

Whoever leaked the docs, was looking out for the helpless and wanted to defend them from US military assholes acting out of infantile anger, spite and sadism.

A real hero does not act as Manning allegedly did.

FTFY, idiot.

we will never know how many lives were lost because of it. Granted we may not know of lives saved, but I imagine those lost are real.

FTFY. That's just your imagination/wishful thinking/bad will/brainwashing.

Re:Real Heros do not throw the lives of others awa (3, Insightful)

AdamJS (2466928) | more than 2 years ago | (#38434796)

In fairness;
-He was assured that the names of sensitive peoples would be scrubbed. Or rather, the truly sensitive cables would not be leaked. And Wikileaks actually did not release many documents purely because of that.
-Wikileaks was using agencies like TheGuardian for the leaks, which assured them that they would properly vet the cables
-The last, drastic and total leak was the result of general incompetence in regards to the total file and the security passcode for it having been posted online by different people, unawares. Oops.

Really, his duty is to the US constitution, and if he believed that there was cause for the leaks - that the army or military or diplomats were treasonous in their duty and that the cables were proof needed to bring this to light - then it's quite understandable that he tried to expose them.

His main mistake was pure naivety or pure dumbassery in trusting a random foreigner with such sensitive data - he had NO way of knowing that this information wasn't going straight into enemy hands - and not trying to bring this data to a local news agency like the NYT (just an example).

Re:Real Heros do not throw the lives of others awa (1)

Fned (43219) | more than 2 years ago | (#38436146)

but I am pretty sure those lost are real.

Really? Why? None of the informants actually named in the documents has been killed yet...

Re:Hero (1)

Sepodati (746220) | more than 2 years ago | (#38433522)

A hero would have exposed corruption, wrongdoing, etc. and not just released a database hoping others would figure it all out. The hero in this scenario would have no need to be anonymous.

Re:Hero (2)

Forty Two Tenfold (1134125) | more than 2 years ago | (#38433668)

A hero would have exposed corruption, wrongdoing, etc. and not just released a database hoping others would figure it all out. The hero in this scenario would have no need to be anonymous.

The alleged hero in this scenario was 22 years old at the time of the event. A 22 year old witness to his "brothers" in arms commiting atrocities.

Re:Hero (1)

AdamJS (2466928) | more than 2 years ago | (#38434828)

You really think he would have even had the time to have scoured the cables?

Re:Hero (-1, Flamebait)

Beyond_GoodandEvil (769135) | more than 2 years ago | (#38433606)

You do realize, that unlike your football and basketball stars, you actually have a real hero, don't you? He is in your prison - a political prisoner, because he dared to challenge the government and its illegal activities.
If by "hero" you mean angry homosexual who didn't like being in the Army, then yes we do. Of course in an all volunteer armed forces, if Manning wasn't enjoying himself, he could have quit. If he wanted to expose wrong doing he could have forwarded any evidence he had to the appropriate civilian oversight(ie Congress). Instead, he got chatted up by an albino w/ an ax to grind against the US and violated several lawful orders during wartime, quite frankly he is lucky he hasn't been shot already.

Re:Hero (1)

Anonymous Coward | more than 2 years ago | (#38433828)

If he wanted to expose wrong doing he could have forwarded any evidence he had to the appropriate civilian oversight(ie Congress).

The Congress already knew about it but decided to do nothing.
The only way to bring justice was to inform the public.

Also, it is never a crime to report a crime.

Re:Hero (1)

AJH16 (940784) | more than 2 years ago | (#38434632)

But he didn't just report what he felt was a crime. He reported what he felt was distasteful and he also reported many things which were completely irrelevant to an entity known to have an ax to grind with the US. The fact that he leaked documents that have no wrongdoing and serve to destabilize not just US interests, but world stability as well and then was bragging about it reveal the true nature of whoever leaked the documents. Either it was Manning or it was someone who intentionally tried to frame Manning. In either case, the perpetrator was clearly no hero and had nobodies "best interest" in mind other than their own ego.

Come off it, you're bisexual too (0)

Anonymous Coward | more than 2 years ago | (#38434848)

'cos when you want sex, you have to buy it.

It's a far greater crime to classify a document as secret when it should not be.

And there is not one case of leaking of any information that put ANYONE'S life in danger, except if you include the NYT (?) who dumped the whole lot out in error, which is hardly Manning's fault, is it.

Re:Hero (3, Insightful)

AJH16 (940784) | more than 2 years ago | (#38434558)

Yes, because heroes leak information on what the government considers sensitive sites that could be vulnerable to terrorist attacks. You have a warped and naive view of what a hero is. Certainly some small amount of the information that came out indicated distasteful activity, however a large portion of it had no possible political purpose other than to try to hurt the US or give "bragging rights". The actions of whoever leaked the documents is not that of a hero trying to protect, but of an arrogant child trying to show off what they could do.

Even if the goal had been to see what they saw as atrocities stopped, it was not the correct forum to do so by and even if the correct forums had been taken, bragging about it demonstrates the true motivations. I hate corruption and abuse as much as anyone, but that doesn't even make the beginning of an excuse for the vast majority of the type of information that was leaked. What possible whistle is being blown by exposing that many neighbors and "allies" of Iran are secretly terrified of them getting nukes and begging for it to be stopped. All it does is make the situation more dangerous, less likely to be resolved peacefully and accomplishes nothing. There is no point to it.

The calls to go after Assanage seems foolish to me as he isn't a US citizen and I don't see how US law applies to him, but he could reasonably be considered a person non grata. Whoever leaked the documents however, did so from the US and is an enemy of the US and in fact world peace, whether intentionally or not and should be prosecuted as such. Arguably doing some small amount of good (in the wrong way) does not make up for the huge amount of inexcusable, irresponsible harm which was done.

Re:Hero (1)

couchslug (175151) | more than 2 years ago | (#38434770)

He's not more than an attention whore who could have, as any G.I. who has had access to even low-level classified knows, pursued his agenda via legal channels over time and built a case if his evidence was sufficient.

That appears to have been too much work compared to doing a data dump.

He violated tregulations. That was an adult choice.

Re:Hero (0)

Anonymous Coward | more than 2 years ago | (#38436156)

A hero would plead guilty and say he did it. Not hide and say he has gender issues.

Real insanity! (1)

aglider (2435074) | more than 2 years ago | (#38433218)

Anything into a computer is a file. Which can be created, deleted and changed at your will.
Do you really think you can put someone in jail because of a bunch of files in his computer?
Ah!

Re:Real insanity! (1)

AJH16 (940784) | more than 2 years ago | (#38434312)

Yes, yes I do. Because your statement seems to show a great lack of understanding of digital forensics. Great care is taken to ensure and verifiable prove that the data is not altered from the state it was when the system is taken in. There must still be a reliable link made to indicate that the files were created by the individual and not by a third party, but the files are significant evidence if they can be linked to him.

Info Doesn't Add Up (2, Interesting)

am 2k (217885) | more than 2 years ago | (#38433230)

Maybe it's the usual journalist dumbing-down, but the forensics info doesn't add up:

Then, on or around Jan. 31, someone attempted to erase the drive by doing what’s called a “zerofill” — a process of overwriting data with zeroes. Whoever initiated the process chose an option for overwriting the data 35 times — a high-security option that results in thorough deletion — but that operation was canceled. Later, the operation was initiated again, but the person chose the option to overwrite the information only once — a much less secure and less thorough option.

So it's "only" zero-filled.

Mark Johnson, a digital forensics contractor for ManTech International who works for the Army’s Computer Crime Investigative Unit, examined an image of Manning’s personal MacBook Pro...

How is that contractor able to decode the original data from a zero-filled disk from a mere image?

Re:Info Doesn't Add Up (3, Informative)

Alranor (472986) | more than 2 years ago | (#38433384)

Somehow you missed the very next line of the article ....

All the data that Johnson was able to retrieve from un-allocated space came after that overwrite, he said.

Re:Info Doesn't Add Up (1)

am 2k (217885) | more than 2 years ago | (#38433458)

Zero-filling the disk should write over the whole disk, not just parts of it. Why is there unallocated space with data?

Re:Info Doesn't Add Up (1)

TFAFalcon (1839122) | more than 2 years ago | (#38433650)

It seems someone used the computer after it was zero-filled, then 'deleted' some files.

Re:Info Doesn't Add Up (0)

Anonymous Coward | more than 2 years ago | (#38435350)

I believe that part of the confusion here is the “personal perception factor”. One man’s DoD wipe is another man’s delete. With that I don’t know how many times I’ve found myself in conversations about wiped drives that have allegedly been zero’d only to find out that the tech savvy guy that made the statement only zero’d the MBR and not the full content of the drive. In a nutshell, the lack of details leaves stories like this up for debate and of course others to add in their own theories and opinions in as facts. Take everything with a grain of salt and try hard to ignore the silliness

Re:Info Doesn't Add Up (1)

blueg3 (192743) | more than 2 years ago | (#38435288)

The actual procedure as it was explained to me is that he used the OS X install-disk option to overwrite his disk and chose the Gutmann erasure option, which is a 35-pass wipe. It also takes forever and gives you a helpful progress bar indicating that it will take forever. Apparently he cancelled this and chose the zero-pass wipe -- also known as "just format the drive and install a new OS without actually erasing the disk".

Pro tip: zero-pass wipe is not secure.

Data Recovery Capabilities (0)

Anonymous Coward | more than 2 years ago | (#38433262)

Johnson testified that he found two attempts to delete data on Manning’s laptop. Sometime in January 2010, the computer’s OS was re-installed, deleting information prior to that time. Then, on or around Jan. 31, someone attempted to erase the drive by doing what’s called a “zerofill” — a process of overwriting data with zeroes. Whoever initiated the process chose an option for overwriting the data 35 times — a high-security option that results in thorough deletion — but that operation was canceled. Later, the operation was initiated again, but the person chose the option to overwrite the information only once — a much less secure and less thorough option. All the data that Johnson was able to retrieve from un-allocated space came after that overwrite, he said.

Assuming they did their best, if they didn't use any hidden magical tech to recover data from Manning then I guess unless you're the world's most wanted for terrorism, genocide and squashing puppies then any other criminal or civilian should feel safe with only one pass of zeros. I'm deliberating ignoring the whole "exposure of techniques on lesser things" argument because if they aren't going to do it for Manning they're not going to do it for anyone or anything less then him.

Re:Data Recovery Capabilities (2)

neokushan (932374) | more than 2 years ago | (#38433466)

I'm very curious about this, because as far as I was aware, the debate on "how much do you need to overwrite data to securely delete it?" raged quite a bit a few years ago, but nobody could actually prove that it was possible to recover data that was overwritten just the once? There was even a website set up, the Great Zero challenge (Which has now been pulled, supposedly nobody ever accepted it) to try and prove or disprove the myth.

Does anyone have any information on where that really stands? Is it actually possible to recover overwritten data by any known means? I realise that the DOD don't see single-overwrites of zeros as enough, but what's that based on?

Re:Data Recovery Capabilities (1)

AJH16 (940784) | more than 2 years ago | (#38434398)

There is a residual charge in a platter when set to 0. Basically, you can tell what the previous charge was because it isn't quite as strong as it would have been if you wrote a 1 twice. A hard disk platter isn't truly digital. It is actually an analog storage medium. If the magnetic field strength is above or below a certain value, it is considered a one or a zero. However, if you write a 1 twice in a row, then that 1 will be minutely stronger and if you have a one and then write it to a 0, the 0 may be slightly less strong. It is at least theorized (and likely practical fact) that this slight difference is enough to be detected by sensitive instrumentation. Writing 0s and 1s multiple times increases the noise enough that it conceals the original data. A perhaps even more ideal approach would be to write random data to the drive multiple times as this would cause further entropy on the drive and make it even harder to determine the useful data from a particular wipe.

Re:Data Recovery Capabilities (1)

neokushan (932374) | more than 2 years ago | (#38435222)

Interesting, that certainly makes a lot of sense. Does that mean that Flash memory isn't as susceptible to such techniques, or does it also have some form of residual data?

Also, does that mean that writing zeros numerous times is also likely not to be effective since (theoretically, at least) there will still be a difference in charge between what was once a 0 (before it was overwritten) and what was a 1? Similarly, overwriting with all zeroes and then all 1's would likely be a waste of time? Hence why you say random data would be more secure.

What I'm trying to ask is, is overwriting with zeroes multiple times less effective than overwriting with random data once?

Re:Data Recovery Capabilities (1)

AJH16 (940784) | more than 2 years ago | (#38435688)

I know flash has burn in issues where they get a limited number of writes before they can't be written anymore. What I don't know is if there is any practical means by which this could be used to reconstruct part of a previous state of the card. That's beyond my level of understanding of flash technology, but I would hazard that it probably isn't as I think the mechanism of failure is actually the ability to switch the state of a circuit and there wouldn't be much of an effective means to measure the deterioration of the physical circuit. That is really just a best guess though and isn't terribly informed, so I wouldn't rely on it for anything.

Re:Data Recovery Capabilities (2)

blueg3 (192743) | more than 2 years ago | (#38435416)

It's not that simple. That's a reasonable description of an MFM disk, an old technology that isn't used any more. MFM disks were the topic of the Gutmann paper. Basically all claims that you can recover data from a zeroed drive are based on this paper. Gutmann has since repudiated it. Modern disks are substantially more complicated in terms of how a block of data gets turned into a collection of magnetizations, such that it's no longer reasonable to ever expect to get any useful information out of hysteresis (residual magnetization).

Nonetheless, the myth persists that somehow, magically, the government can read erased hard drives. What actually turns out to be the case is that people don't bother erasing hard drives.

(Also, it's not charge, it's moment. You can't add and remove magnetic charge because we haven't found any magnetic monopoles.)

Re:Data Recovery Capabilities (1)

AJH16 (940784) | more than 2 years ago | (#38435646)

Thanks for that info. I did not know the tech had changed. I don't follow hard disk tech that closely and only had knowledge of the original reasoning behind the multi-wipe recommendation. It is still interesting that the government recommendation is still on the books though and from what another poster said, the number of cycles has been increased from 7 to 35. Perhaps there is some other type of residual information that we don't know about but they do, or perhaps it is just fear that someone may discover something.

twink? (0)

Anonymous Coward | more than 2 years ago | (#38433528)

From the looks of his password I'd say he did not fit well with Army life.

Assange (1)

koan (80826) | more than 2 years ago | (#38433630)

So if Assange was interacting with him to get the data I think that may "stick the fork" in Assange, and the fact he used the same password on his Macbook as he did on his encrypted files is a warning to everyone, don't reuse user names or passwords, ever.

The strength of your passwords doesn't matter... (1)

merczilla (2529462) | more than 2 years ago | (#38433658)

Law enforcement can get a court order requiring you to surrender all passwords, so they might as well all be the same. You are required to legally comply or they get you for obstructing justice in addition to whatever else you are going to likely be convicted of(which certainly, they already have some 'evidence' against you). So encrypting disks and all of that other bunk may be great at preventing your work from being stolen by a competitor, but not so useful against the man. The only real protection here is if you use something like TrueCrypt and can actually obscure filesystems, or make relevant data/folders look like junk. If they do not know you store the data in that file then as long as it's not named "stolen documents" you're probably ok. Some of the methods used by TC would probably fall victim to a good sector editor, but if they don't know they're there they probably aren't looking. Let's recap why this guy became a suspect: 1) Speaking on the phone to a person who has been the subject of several government shit storms due to being public and controversial. (He is nearly always watched, recorded, or whatever.) 2) Keeping stolen documents on a computer in your work area/possession for no reason. If they were disposed of after use then there would be nothing to recover especially if you used a tool like BCWipe or something else that wipes with random noise. 3) Using tools like wget are not discrete. The network engineers just had a heart attack the minute this goof started beating the crap out of every server they had. They would have easily had IP's and access times because all the military clocks are synced up. All they'd have to do is figure out what IP was accessing and what station -- and sure as hell they knew who was doing this. It's very easy to log sessions with firewalls and network intrusion detection systems, and the military no doubt logs almost everything. So basically, I think despite what he did.. He was sloppy, and amateurish and that's why he got caught... Even though I respect his ideals his methods are joke.

Re:The strength of your passwords doesn't matter.. (1)

koan (80826) | more than 2 years ago | (#38433852)

You can plead the 5th amendment is some cases to keep from giving your password, not sure that applies in a military trial but there it is for the record...you know in hopes of keeping the FUD down.

I do agree here: "Even though I respect his ideals his methods are joke" Yes he was definitely not savvy enough to get into what he got into and one wonders from the chats if he fancied himself a "hacker".

HIs "gender issues" are a mental illness? (0)

Anonymous Coward | more than 2 years ago | (#38433792)

One of Manning's defenses is his "gender issues"/homosexuality is a mental illness.

WTF?

Wired is biased, and tainted (0)

Anonymous Coward | more than 2 years ago | (#38435284)

Can we get a non-Wired reliable news source on this please!

The most pointless prosecution in history (1)

accessbob (962147) | more than 2 years ago | (#38436078)

Considering how easy the DoD made it to steal the cables, from technical issues to simple security ones, the data was clearly meant to be read by the enemy.

Maybe it was not meant to be splashed over the world's newspapers, but they obviously had someone in mind that they wanted to indirectly influence.

Now they have to be seen to be shocked and horrified by the leaks, and Manning is the chosen sacrificial lamb. He may actually be responsible, but I doubt that it matters much.

Trust Wired's reporting? (0)

Anonymous Coward | more than 2 years ago | (#38436388)

There's lots of 'might be's, 'person believed to be's, etc. Wired has a vested interest in this since it was one of their employees who turned Manning in. Wired goes on to provide stenographer services for a spokesperson from the prosecution. This is sloppy misleading reporting at its worst. There is a reason the gov't psychologically tortured Manning for months, its because they don't have a leg to stand on. Go ahead and swallow whatever spiel they spew if you want.

All linux users are as bad as Manning! (0)

Anonymous Coward | more than 2 years ago | (#38436400)

The first tab listed scripts for Wget, a program used to crawl a network and download large numbers of files, that would allow someone to go directly to the Net Centric Diplomacy database where the State Department documents were located on the military’s classified SIPRnet and download them easily; the second tab listed message record identification numbers of State Department cables from March and April 2010; the third tab listed message record numbers for cables from May 2010. The spreadsheet included information about which U.S. embassy originated the cable. The earliest indications on Manning’s computer that he was using the Wget tool was March 2010.

That's from wired. And I demand all laptops at airports being checked for this "Wget tool"! Pirates! Spies! Everywhere!!

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?