Giga fiber Tap

• Previous message (by thread): Giga fiber Tap
• Next message (by thread): Giga fiber Tap
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 30 Nov 2007, David Newman wrote:
> I'd heard about a kiddie porn case getting tossed because the defense
> successfully argued law enforcement's tap may have dropped frames. I
> didn't believe it until I measured this myself with a packet blaster.

I would like to see a citation for this case.  Evidence from network taps 
would be very rare in a child explotation case, and extremely unusual for
it to be the sole evidence in such a case.  Despite the "CSI effect,"
the existance of perfect data is more suspicious than glitchy data in a 
criminal case. Sounds a bit like the story of a case being dismissed 
because a computer banner said "Welcome" (no such case has ever been 
found).

If you had said it was a narcotics case, I would be less skeptical.

> Endicott-Popovsky, B.E., Chee, B. and Frincke, D. Role of Calibration as
> Part of Establishing Foundation for Expert Testimony, in Proceedings 3rd
> Annual IFIP WG 11.9 Conference January 29-31, 2007, Orlando, FL.

Thanks for the citation.  Using an aggregation tap for a criminal 
investigation is not a good idea, but I guess it wouldn't surprise me if 
someone did.  Investigators should understand the limitations of their 
equipment and as suggested check its calibration with known data.

• Previous message (by thread): Giga fiber Tap
• Next message (by thread): Giga fiber Tap
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]