JusticeFever
Well-Known Member
- Joined
- Jan 25, 2014
- Messages
- 1,373
- Reaction score
- 94
Any word on what is happening in this case or if/when a new trial will be scheduled?
Brad Cooper: Appeal info
- Thread starter jrb0124
- Start date
Welcome to Websleuths!
Click to learn how to make a missing person's thread
Click to learn how to make a missing person's thread
- Status
There no good answer to that question, because there is no such thing as a "search cookie". If you do 1 search or 1,000 searches, you'll have the same number of cookies saved on your computer.
The "missing cookie" is just smoke and mirrors that the defense used to try to create a facade of "doubt".
For typical use, the first time you go to Google Maps, you get a map cookie. Each time you use Google Maps in certain ways (let's say set satellite view), Google remembers your preference by updating the cookie. Google also keeps a copy of an identifier in the cookie, and stores information (at Google) about everything you've done on Google and associates it with that identifier. Any of the Google cookies found on Brad's computer would have matched to Brad and could have been used to extract all of Brad's stored Google activity.
The defense claimed that there was no cookie matching the zip code search on Google Maps. They say it that way to make it seem nefarious. A better description of the "missing cookie" is: The creation date of the Google Map cookie was for a date after July 11.
This can only mean one of two things: (1) The first time Brad ever used Google Maps was July 15, the date of the Google Map cookie. or (2) Brad did use Google maps at some point before July 15, and that cookie was somehow deleted and it's entry in the MFT was somehow overwritten.
I look forward to it. I believe that if you honestly strive to understand how cookies work, you will come to the same conclusions I have.
sunshine05
New Member
- Joined
- Mar 18, 2011
- Messages
- 1,914
- Reaction score
- 1
"A better description of the "missing cookie" is: The creation date of the Google Map cookie was for a date after July 11."
I have no idea what you're talking about now. The creation date after July 11th? So then that clears Brad completely, right?
"This can only mean one of two things: (1) The first time Brad ever used Google Maps was July 15, the date of the Google Map cookie. or (2) Brad did use Google maps at some point before July 15, and that cookie was somehow deleted and it's entry in the MFT was somehow overwritten."
July 15th? I'm lost. If the first time he used it was July 15th, how was he convicted of doing a search that allegedly occurred on July 11th?
No cookie was overwritten or deleted. Please see the trial transcript.
Also, what is your explanation for why LE didn't ask Google to track the searches on his computer - to verify that it originated on that machine? They ignored the FBI's instructions.
I think Brad was using private browsing that week, so no cookies were written during that time. Or, he could have deleted them using a method that also overwrites the MFT entry. But, it is ridiculous to say that Brad never used Google before July 11. Any discussion of a "missing cookie" is someone either 1) being purposefully misleading about the nature of cookies (like Kurtz) or 2) someone not understanding the nature of cookies.
That is the cross examination that you've taken out of context.
Why not take is original testimony when he said there were not signs of tampering and that the search artifacts were genuine?
It certainly would have been better if they had. I attribute the oversight more to incompetence than malice.
The search artifacts have plenty of other corroboration though:
1) The browser history showed a search for the zip code was done at the time of the search.
2) The system log showed that Brad logged in with his userid and password at the time of the search.
3) Brad's co-workers confirmed that he was in the office with his laptop at that time, before they went out to lunch.
4) Other internet activity before and after the search time showed Brad was using his computer at that time.
sunshine05
New Member
- Joined
- Mar 18, 2011
- Messages
- 1,914
- Reaction score
- 1
You continue to bend over backward to try to explain away the obvious anomalies associated with this Google search and you're unsuccessful. No private browsing occurred as confirmed by the State's own experts. They looked for signs of it and there were none. No cookie was deleted as testified by the State witnesses though Chappell tried to suggest there was a cookie for this search in his report. He had to admit in trial that there never was one. Read my latest article about cookies.
You don't think it was malicious that they neglected to verify this? Do you think it was malicious that the ADA held onto the hard drive until the 18 month privacy policy had lapsed even though Johnson had it ready for the Defense 9 months prior but Cummings refused to hand it over? As soon as the 18 month privacy policy was up - they got the hard drive -- Forever eliminating any chance of tracing the identity of the IP address that performed the search. I do.
I don't have it; those were snippets from the snippets that Sunshine05 has posted on her blog.
sunshine05
New Member
- Joined
- Mar 18, 2011
- Messages
- 1,914
- Reaction score
- 1
It's clear that Chappell didn't really understand what was going on. He said "I wouldn't expect there to be a cookie." Well then why did he put in his report that there was a cookie for the search and that it would give LE a means to trace the search? Then we know both he and Johnson were forced to admit during testimony that they looked and that there was no cookie and no deleted cookie for that search. They knew this wasn't right or Chappell would have never included that information in his report.
Of course there should have been cookies for 7/11. There were Google cookies on 7/10 and before and cookies on 7/12 and after. No explanation for the absent cookies corresponding to the search aside from the fact that the tif files were planted and cookies can't be fabricated. It is plain as day. This will all be revealed at the next trial.
I will never get past the fact that the ADA intentionally withheld the hard drive until past the 18 month privacy policy even though it was ready 10 months prior. Come on. It's so obvious what was going on. I don't know how it could be any clearer.
Here's my blog article about the cookies for those who are interested in understanding the significance of the absent cookies.
http://justiceforbradcooper.wordpre...he-significance-of-the-absent-google-cookies/
Of course there should have been cookies for 7/11. There were Google cookies on 7/10 and before and cookies on 7/12 and after. No explanation for the absent cookies corresponding to the search aside from the fact that the tif files were planted and cookies can't be fabricated. It is plain as day. This will all be revealed at the next trial.
I will never get past the fact that the ADA intentionally withheld the hard drive until past the 18 month privacy policy even though it was ready 10 months prior. Come on. It's so obvious what was going on. I don't know how it could be any clearer.
Here's my blog article about the cookies for those who are interested in understanding the significance of the absent cookies.
http://justiceforbradcooper.wordpre...he-significance-of-the-absent-google-cookies/
- Joined
- Jan 31, 2009
- Messages
- 1,555
- Reaction score
- 2,532
Snipped by me.
If the above information is correct/not in dispute, then refuting it would seem vital to Brad's case. It appears somewhat damning, but given the twists and turns of this case, I'm keeping an open mind for the next trial.
Via Kindle, like a true Amazon junkie
sunshine05
New Member
- Joined
- Mar 18, 2011
- Messages
- 1,914
- Reaction score
- 1
Originally Posted by macd View Post
The search artifacts have plenty of other corroboration though:
1) The browser history showed a search for the zip code was done at the time of the search.
2) The system log showed that Brad logged in with his userid and password at the time of the search.
3) Brad's co-workers confirmed that he was in the office with his laptop at that time, before they went out to lunch.
4) Other internet activity before and after the search time showed Brad was using his computer at that time.
Clearly the zip code would be an easy thing for the tamperer to know - the Cary zip code.
Actually, the passwords had been changed as well as the administrator password and this was at a time after police had seized the computer.
Okay, he was in the office. The files were planted *after* Nancy was murdered so this doesn't mean anything.
Again, it doesn't matter if he was on at the time. They can make it appear that a search occurred at anytime they want.
Keep in mind too that ALL timestamps associated with the search were invalid. That can happen when an external file is dropped onto a computer with a USB drive or disc. That is a symptom of such an occurrence. There are just way too many things pointing to this. Rest assured. It will all be revealed in the new trial.
From the website:
Brad's computer was connected to an unsecured wireless network for 27 hours. During that time, after the computer had left Brad's custody, over 692 files were modified.
Agent Chris Chappell and Special Agent Johnson could not specify how they ruled out tampering for each of those 692 files.
251 files were deleted and created on July 16th, and 70 files were newly-created. There is even evidence of files that were changed on July 28, 2008 - the day that Brads computer arrived at the FBI.
There are indications that timestamps had been changed on that machine. Officer Chappell testified that the last time that timestamps were set was after Brad left his computer in the custody of the Cary Police Department.
Date/Time for the machine was last edited on July 15, 2008 at 21:00 UTC.
The password for Brad's user account had been changed. It was not present in the SAM registry. It was not included in the report for the computer.
Chappell actually testified that he never included passwords, thus the reason why it was absent. In reality, he included passwords on the other machines he examined in this case. This password was altered after it was in police custody. It resulted in a Key Properties Registry update for Brad Cooper's User Profile.
Key Properties for the profile bracoope was last written on July 16, 2008 at 17:55 UTC.
The Administrator password had also been altered.
It was not the current local administrator password given by Cisco.
It was not set to any known previous Cisco password.
It was uncrackable by any combination of Rainbow tables.
Brad would not have known the Administrator password, according to Cisco.
There were three invalid login attempts on that Administrator account. The last one included three successive attempts at 3:10 pm on July 15th.
These login attempts do not show up in the event logs.
This is a sign of someone else trying to log into the computer.
There would be no reason to reset the Administrator password, as Brad had administrator privileges under his own account.
All internet history .dat files were modified on July 16, 2008 at 4:42 pm after Brad was out of his home for almost 24 hours. Internet history files are set up by week. There is no innocent reason for an internet history .dat file from June to be modified. The internet history file that allegedly included the Google Maps search was also modified at this time.
There was an unexpected shutdown and reboot on July 12, 2008 at 1:42 pm, when nobody was home. A login is also registered. This indicates a time change.
The last event logged through the Windows System 32 Event Logging Application is not on Tuesday July 15, or Wednesday July 16, but occured Saturday July 12, 2008 at 13:43:53, immediately after this forced, unexpected reboot.
http://www.justiceforbrad.com/evidence/computer/tampering.html
JusticeFever
Well-Known Member
- Joined
- Jan 25, 2014
- Messages
- 1,373
- Reaction score
- 94
No news, huh? Shouldn't there be a some kind of a date for a pre-trial hearing or some motions?
Something!! The last time he was in court was January, thats 6 months now.
Something!! The last time he was in court was January, thats 6 months now.
calgary123
Member
- Joined
- Jul 16, 2008
- Messages
- 228
- Reaction score
- 0
Yeah isn't it odd that someone who isn't convicted of anything is hanging out in jail? I'm sure he has state-funded legal counsel working on something, but one would have expected something to happen by now.
JusticeFever
Well-Known Member
- Joined
- Jan 25, 2014
- Messages
- 1,373
- Reaction score
- 94
We should be hearing something soon, I hope. Brad is more or less in limbo right now, guranteed a new trial unless offered a plea and just waiting.... The state does not appear to be in any hurry to make up their mind.
JusticeFever
Well-Known Member
- Joined
- Jan 25, 2014
- Messages
- 1,373
- Reaction score
- 94
*guaranteed........
JusticeFever
Well-Known Member
- Joined
- Jan 25, 2014
- Messages
- 1,373
- Reaction score
- 94
Still nothing, no date on when the retrial is set to begin or if there are any talks going on?
JusticeFever
Well-Known Member
- Joined
- Jan 25, 2014
- Messages
- 1,373
- Reaction score
- 94
Good question, sure doesn't look like it, does it.....
The state needs to decide what they want to do.
sunshine05
New Member
- Joined
- Mar 18, 2011
- Messages
- 1,914
- Reaction score
- 1
I think both Brad and Jason Young will have to wait until the new DA is elected. I'll be the interim DA does not want to make any decisions about these cases. The good news is the Brad and Jason are hanging in there, both are okay and both are hopeful.
- Status