22.3 Location as Alibi

Previous page
Table of content
Next page

22.3 Location as Alibi

Suppose that the same precious object was stolen again when the burglar from the previous scenario was released from prison a few months later. This time, however, the burglar claims to have been in California, thousands of miles away, starting a new life. The burglar's parole officer does not think that the suspect left California but cannot be certain. The only evidence that supports the suspect's alibi is an e-mail message to his friend in Miami. Though the suspect's friend is irritated at being involved again, she gives the investigators the following e-mail:

    Received: from mail.california.net by mail.miami.net (8.8.5/8.8.5) with ESMTP id    NAA23905 for, witness@miami.net.; Fri, 21 May 1999 22:03:46 EST -0500 (EST)    Received: from suspectshome.california.net by mail.california.(InterMail    v03.02.07 118 124) with SMTP id <19990521220346.CBJN9925@california.net>    for <witness@miami.net>; Fri, 21 May 1999 22:03:46 +0000    From: suspect@california.net    Date: Fri, 21 May 1999 22:03:46 EST    Subject: New E-mail Address    To: witness@miami.net    Message-id: <001801be724c$dc842000$1f02480c@california.net>    I have moved to California to start afresh. You can send e-mail to me at this    address.

The investigators examine the e-mail header, determine that it was sent while the burglar was in the museum, and find no indication that the e-mail was forged. The suspect claims that someone is trying to frame him and assures the investigators that he has no knowledge of the crime. The following month, when the Museum of Fine Arts received its telephone bill, an administrator finds an unusual telephone call to California on the night of the burglary. The investigators are notified and they determine that the number belongs to an ISP in California (california.net). Unfortunately, the ISP's dialup logs were deleted several weeks earlier and there is not enough evidence to link the suspect to the telephone call. The investigators search the suspect's computer but do not find any incriminating evidence.

Investigators are stumped until it occurs to them to investigate the suspect's friend in Miami more thoroughly. By examining the friend's credit card records, the investigators determine that she bought a plane ticket to Boston on the day of the burglary. Also, the investigators find that her laptop is configured to connect to california.net and her telephone records show that she made several calls from Miami to the ISP while planning the robbery. Finally, investigators search the slack space on her hard drive and find remnants of the e-mail message that she sent from the Museum of Fine Arts during the robbery. When presented with all of this digital evidence, the woman admits to stealing the precious object and implicating the original suspect. This time a different buyer is identified and the object is recovered once again.

As noted in previous chapters, many sources of digital evidence can reveal the location of an individual, including their mobile telephone.



Previous page
Table of content
Next page
Digital Evidence and Computer Crime
Digital Evidence and Computer Crime, Second Edition
ISBN: 0121631044
EAN: 2147483647
Year: 2003
Pages: 279
Authors: Eoghan Casey BS MA
BUY ON AMAZON
Interprocess Communications in Linux: The Nooks and Crannies
Strategies for Information Technology Governance
Introduction to 80x86 Assembly Language and Computer Architecture
Microsoft WSH and VBScript Programming for the Absolute Beginner
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
The Oracle Hackers Handbook: Hacking and Defending Oracle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy