User Panel
User Panel
User Panel
|
Posted: 10/2/2005 2:55:44 PM EDT
[#1]
Depends on what was on the disk. If it was a DOC file then there is info unique to the computer MS Works puts in the DOC file.
-Foxxz |
|
|
|
Posted: 10/2/2005 2:56:01 PM EDT
[#2]
Wow, is that how they got him? Didn't know PCs tagged floppies like that.
|
|
|
|
Posted: 10/2/2005 2:56:12 PM EDT
[#3]
tag
|
|
|
|
Posted: 10/2/2005 3:00:08 PM EDT
[#4]
Use notepad and they can't track you with a GUID
|
|
|
|
Posted: 10/2/2005 3:01:57 PM EDT
[#5]
Correct. MS Word used to copy down your MAC address onto all of your documents. They were eventually called on it, and I don't think they put that specific number down anymore. It's one of the ways how we caught the maker of that huge virus a couple years ago. What was it, Melissa or something? |
|
|
|
|
Posted: 10/2/2005 3:03:13 PM EDT
[#6]
Just to clarify, according to 48 hours on CBS BTK ASKED authorities if he sent them a floppy if they could track him, they said no, so he sent a floppy presumably with something he wrote on it that he had written on a PC at his church. On 48 hours it said they could tell that a user Dennis had used the computer.
I can see how they could figure out how many Dennis's had access to a computer once they found the computer, but how did authorities determine that the floppy had come from this particular computer? What unique information does the floppy give? A physical address, an IP address, what? |
|
|
|
Posted: 10/2/2005 3:18:44 PM EDT
[#7]
The floppy itself has nothing. it would be application data or OS data that got written to the floppy that would have to be used to trace the floppy's history. |
|
|
|
|
Posted: 10/2/2005 3:26:01 PM EDT
[#8]
MS Word will put in Name and organization if the computer had that information entered on install.
-Foxxz |
|
|
|
Posted: 10/2/2005 3:37:34 PM EDT
[#9]
AFAIK the FBI simply recovered deleted files from the disk that identified him by name and his church.
|
|
|
|
Posted: 10/3/2005 7:56:45 AM EDT
[#10]
Correct. I haven't heard the part about identifiying him by name, but the name of the church was in one of the files that had been erased on the floppy. Once they used an "Unerase" utility, all they had to do was look up the church in the phone book. If he had used a fresh, new floppy disk, he'd still be out there killing. You want to know the real reason they caught him? About 6 weeks before the floppy showed up, a Baptist church in the area had a "BTK Service". 300 people of different faiths showed up. All they did that night was have different ministers lead in prayers that BTK would be caught. The entire service was spent praying for his capture. In all the years that he had been terrorizing that community, that was the first time they had come together just to pray for an end to the crime spree. Awesome! 
|
|
|
|
|
Posted: 10/3/2005 8:19:01 AM EDT
[#11]
In a related incident that shows how computer forensics types can track a person down...
I recall watching a "true crime" type program awhile back (details might be a bit sketchy). There was a serial killer who was kidnapping, torturing and killing women in his basement and he was video taping it. I believe he was playing mind games with the police and he sent them a map he had printed out showing the location of one of the bodies. The map he had printed out came from an online map service (like Mapquest, except that it wasn't Mapquest). Investigators went to all the online map sites, entered the location and compared the results to the map the killer had sent them. Because of the differences in the way the map was displayed (in this case it was the text), they were able to determine which map service he used. Armed with that info they were able to obtain the server logs and determine the IP of the person who had searched for that particular map location. They placed the persons house under surveillance and were able to obtain enough evidence to get a search warrant. When they searched the premises they found the videos that the killer had been taping. Anyone remember this case and/or the full details? |
|
|
|
Posted: 10/3/2005 8:28:32 AM EDT
[#12]
I dunno about the computer stuff, but I was moving from Wichita to Ohio right when they caught him.
He had raped his victims, so they had DNA evidence. He would taunt police by leaving packages at the newspaper and TV stations. He dropeed off a package at KAKE TV and then drove back and forth to see if they had found it yet. A security camera caught the car tag. They traced it to Dennis Rader and then quietly asked his daughter for a DNA sample and found a match. BTW- I met the man two years ago and shook his hand in his office in Park City. He wrote me a ticket for not having an outside dog house for my inside dog...  He dismissed it when I went in and bickered with him
|
|
|
|
Posted: 10/3/2005 8:40:29 AM EDT
[#13]
I thought they caught him because one of his family members was suspicious and tipped off authorities.
Wait a sec, MRW, you met that psycho? |
|
|
|
Posted: 10/3/2005 8:46:31 AM EDT
[#14]
So God only stops killing sprees if approx. 300 people pray for it at the same time? What a loving god.  If that's the case then get 300 Baptists to pray for an end to all crime in the US. That would be great! Back to the topic, though, it is interesting how BTK made that mistake. But, he wanted to get caught. He wouldn't have made contact with the FBI if he really didn't want to. |
||
|
|
|
Posted: 10/3/2005 8:55:47 AM EDT
[#15]
He was the only one in town who was still using floppy disks?
|
|
|
|
Posted: 10/3/2005 8:58:03 AM EDT
[#16]
On the technical side, whenever you erase a file from any magnetic media disk, the operating system only marks the space on the disk where the file resided as 'available for write'. This means the file is there until the system actually overwrites the data.
Now I have heard tell of forensic tools that actually detect the magnetic traces from the drive all the way back to the original format. This supposedly can pick up any file that has been written to the drive from the beginning. Sort of like the old days of cassette recorders where you would get a mix of sounds when you recorded over the top of a tape that already had something on it. Even if you recorded no sound level over it before re-recording something new, you still got trace audio at low levels. |
|
|
|
Posted: 10/3/2005 8:59:13 AM EDT
[#17]
48 Hours also stated that the police obtained dna sample from his daughter prior to arrest for another confirmation. It was from her pap smear at college. I didn't catch if she volunteered it or they got it with court order
|
|
|
|
Posted: 10/3/2005 9:04:02 AM EDT
[#18]
Wow, good thing he didn't kill you 
|
|
|
|
|
Posted: 10/3/2005 10:09:42 AM EDT
[#19]
With the use of hardware forensic recovery tools it may be possible to recover "shadow data" and data that has "seeped" into the magnetic recording media. Shadow data is data that is written by misaligned or normal variations in head alignment that remains after secure wiping of that data. Seeping or vertical layering occurs due to physical flaws in the storage media and variances in the ability of the platters coating to hold a magnetic charge. |
|
|
|
|
Posted: 10/3/2005 10:14:22 AM EDT
[#20]
Supposedly the name Dennis was referred to in one of the church documents. In any case that POS is behind bars now. Hopefully he will get whacked in prison. |
||
|
|
|
Posted: 10/3/2005 10:20:04 AM EDT
[#21]
maybe they used his name and address writen on the front of the disk
|
|
|
|
Posted: 10/3/2005 10:22:09 AM EDT
[#22]
That is correct, his daughter turned him in. They lied to BTK about the floppy to get a confession. Shok |
|
|
|
|
Posted: 10/3/2005 11:32:07 AM EDT
[#23]
|
|
|
|
|
Posted: 10/3/2005 11:35:20 AM EDT
[#24]
I saw that show, pretty cool. I think the guy was living with his mom and using her computer. |
|
|
|
|
Posted: 10/3/2005 11:58:42 AM EDT
[#25]
I have access and use many types of data recovery tools here at work.
You would be surprised how much data is left on electronic media even after it is "erased". Encrypt as much as possible with the strongest level of encryption as possible. Av. |
|
|
|
Posted: 10/3/2005 12:09:30 PM EDT
[#26]
"You want to know the real reason they caught him?
About 6 weeks before the floppy showed up, a Baptist church in the area had a "BTK Service". 300 people of different faiths showed up. All they did that night was have different ministers lead in prayers that BTK would be caught. The entire service was spent praying for his capture. In all the years that he had been terrorizing that community, that was the first time they had come together just to pray for an end to the crime spree. Awesome! "This has got to be the goofiest rationale for the power of prayer I've ever heard. What, God didn't have a plan for BTK? He was waiting for the input of a bunch of boobs who would go to church for the BTK Service? Give the Big Man a little credit; he ain't the personal concierge for a bunch of goofs from Kansas city. Prayer is about surrendering yourself to the Will of God and asking for the strength to deal with the trials of life. It ain't a letter to the big magic Santa in the sky. |
|
|
|
Posted: 10/3/2005 12:41:43 PM EDT
[#27]
That would probably be the extent of the FBI's abilities......or maybe they right clicked the file and saw "Denis /The BTK killer" as the author/owner of the .doc. 
|
|
|
|
|
Posted: 10/3/2005 12:49:48 PM EDT
[#28]
Avalon01, Care to share any of your tools that you use? I've had to recover files (I work at a k-12 school) and the only program I've used is Active Undelete. I had to recover a file that hadn't been backup up yet. I was only fairly impressed with that program. Feel free to IM me if you want. Thanks. Curt |
|
|
|
Win a FREE Membership!
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.
