The Verdict is In - post your thoughts here

[sunshine05]

How does network security expert = determining validy of incriminating evidence on the computer :waitasec:

He did this as part of his job - he knew how to hack into computers and he knew how to identify files that had been changed. He taught corporations how to improve their network security.

Files on BC's computer were altered. JW was able to identify them because he is an expert in that field.

 

[RPD]

why did the defense not use a Cisco expert, who would know the inner workings of Brad's work computer more than Cisco?

Kurtz was looking for a specific answer.
Cisco is a very reputable firm.

 

[sunshine05]

Kurtz was looking for a specific answer.
Cisco is a very reputable firm.

You do realize that everyone confirms that 600+ files were altered, right? The state witness (Durham PD), the defense network expert (JW) and defense forensic expert (GM).

The last two delved further into it as they both had considerably more experience with this. The Durham PD witness had only tested 5 computers in his career and did not have an explanation for the altered files. And he was a prosecution witness.

The other two, with much more experience (GM had forensically tested 400+ computers) did. They felt the altered files pointed to intentional tampering.

 

[Madeleine74]

So that promotion that someone got that people assumed had to have been one of the ADAs? It wasn't. It was Trenkle.

 

[Madeleine74]

Another assumption some people made was the timing of the Butterfly Fund Gala, and how tacky it was to occur right after the verdict/sentencing of Cooper. ( conspiracy! :-O )

The Gala date was set some 8 or 9 months ago, when the trial was originally planned to start Oct 2010. They were not intended to coincide. Deposits and bookings at hotels are made many months in advance. The trial is what got moved-- to March 2011. It was pure coincidence that the trial ended within a few days of the Gala.

 

[Maja]

Another assumption some people made was the timing of the Butterfly Fund Gala, and how tacky it was to occur right after the verdict/sentencing of Cooper. ( conspiracy! :-O )

The Gala date was set some 8 or 9 months ago, when the trial was originally planned to start Oct 2010. They were not intended to coincide. Deposits and bookings at hotels are made many months in advance. The trial is what got moved-- to March 2011. It was pure coincidence that the trial ended within a few days of the Gala.

Perfect timing. IMO

 

[SleuthSayer]

He did this as part of his job - he knew how to hack into computers and he knew how to identify files that had been changed. He taught corporations how to improve their network security.

Files on BC's computer were altered. JW was able to identify them because he is an expert in that field.

I've asked this before but no one seems to answer. JW, under oath, said that the Google open/closed hand cursor files in the TIF would be .cur files rather than .bmp files. It took me about 5 minutes to determine that he was wrong about that. The other "expert" who didn't get to testify before the jury also confirmed that JW as wrong.

So, how/why should JW be considered an expert about the files when he was wrong about one of the simplest aspects of them?

 

[sunshine05]

Another assumption some people made was the timing of the Butterfly Fund Gala, and how tacky it was to occur right after the verdict/sentencing of Cooper. ( conspiracy! :-O )

The Gala date was set some 8 or 9 months ago, when the trial was originally planned to start Oct 2010. They were not intended to coincide. Deposits and bookings at hotels are made many months in advance. The trial is what got moved-- to March 2011. It was pure coincidence that the trial ended within a few days of the Gala.

Who said anything about the timing? You are the first I have heard mention that.

 

[sunshine05]

I've asked this before but no one seems to answer. JW, under oath, said that the Google open/closed hand cursor files in the TIF would be .cur files rather than .bmp files. It took me about 5 minutes to determine that he was wrong about that. The other "expert" who didn't get to testify before the jury also confirmed that JW as wrong.

So, how/why should JW be considered an expert about the files when he was wrong about one of the simplest aspects of them?

I don't think we know, not until we get some summary reports on this from each of them. There is way more to this than the cursor files.

 

[Maja]

BC had access to the laptop from 7.11.08 until 7.17.08, is this true? Did he bring it home on the evening of 7.11.08?

 

[gracielee]

How does network security expert = determining validy of incriminating evidence on the computer :waitasec:

Beats me. :great:

I heard on the news tonight that Brad was in general population at central prison. Did a double take on that, cause I thought he was just there for observation.

:woohoo:

 

[Cheyenne130]

I've asked this before but no one seems to answer. JW, under oath, said that the Google open/closed hand cursor files in the TIF would be .cur files rather than .bmp files. It took me about 5 minutes to determine that he was wrong about that. The other "expert" who didn't get to testify before the jury also confirmed that JW as wrong.

So, how/why should JW be considered an expert about the files when he was wrong about one of the simplest aspects of them?

I've brought this up once or twice and it has been pretty much ignored. I can only believe it's because it doesn't fit some preconceived notion.

 

[gracielee]

I've brought this up once or twice and it has been pretty much ignored. I can only believe it's because it doesn't fit some preconceived notion.

Ignored, you say? :great: I'm guessing the jury didn't *ignore* it though. Wonder what was on the menu tonight at central prison? :fence: Does brad get a roomie if he's in general population? And what trial are we moving on to next? :seeya:

 

[RPD]

So that promotion that someone got that people assumed had to have been one of the ADAs? It wasn't. It was Trenkle.

Interesting, Madeleine.

Did he change to the white hat :waitasec:

 

[unc70]

Do we have a reliable time-line for the computers, forensic milestones, discovery of search evidence, and discovery provided to the defense from July 11, 2008 until the trial?

Same for phones. Then the various prelim and final reports from crime labs, ME

Finally, the date of the CPD interviews of various witnesses and others

Maybe this has already been done and is somewhere at WS.

I am curious if there might be something, some connection, anything that would relate to the suspicious accidents, quirks of the investigation, etc.

 

[gracielee]

Interesting, Madeleine.

Did he change to the white hat :waitasec:

And still, not a peep out of him about the verdict? Really strange. Usually all the lawyers comment. Kurtz is certainly making the most of his 15 minutes of fame.

 

[per_curiam]

Well, I am naive. I Googled "how to survive life in prison". Wow. I could not do it.

It's way too much to put here, but I'd compare it to hell. Lots of them are selling books, but found one young man who was telling his story, not selling a book. I mean, he even said that if you have a cellmate, you must never f@rt unless they are not in there, and must never "take a c@rp" unless your roomie is out of the cell. Then I remembered that the toilet is right there in the middle of things. HOW AWFUL.

Yet I can understand. I have wanted to kill my husband for a few similar things before, seriously. I didn't, but it put me on the edge.

Lots of other things I learned, but I never actually thought that passing gas could get you killed in prison.

Suddenly it looks so nice, beautiful and calm here in my bed with my kitty. There's the bathroom across the hall, so nice and private and a can of Glade! No one will kill me.

 

[gracielee]

Well, I am naive. I Googled "how to survive life in prison". Wow. I could not do it.

It's way too much to put here, but I'd compare it to hell. Lots of them are selling books, but found one young man who was telling his story, not selling a book. I mean, he even said that if you have a cellmate, you must never f@rt unless they are not in there, and must never "take a c@rp" unless your roomie is out of the cell. Then I remembered that the toilet is right there in the middle of things. HOW AWFUL.

Yet I can understand. I have wanted to kill my husband for a few similar things before, seriously. I didn't, but it put me on the edge.

Lots of other things I learned, but I never actually thought that passing gas could get you killed in prison.

Suddenly it looks so nice, beautiful and calm here in my bed with my kitty. There's the bathroom across the hall, so nice and private and a can of Glade! No one will kill me.

Oh you have a kitty in bed with you! How nice. We'd never had a cat until a couple winters ago when someone down the road from us put out their elderly cat. We took him in, and became very attached to him. Except he kept scaring me at night time. I wasn't used to this silent creature suddenly jumping up on the bed on top of me. Certainly nothing like 90 pound dogs. The first couple weeks I'd shriek as this thing came flying out of the darkness onto my chest. I'm so happy you have kitty with you. A couple pets from me. Yes, I'm thinking prison will be a different experience from jail.

 

[borndem]

Exactly what I said about the PI. His testimony was not helpful at all, IMO. Unless he was pro-bono also. If so, who did the defense pay?

I heard they consulted a jury expert, but I never saw that confirmed anywhere. Does anyone have any info on this?

 

[macd]

You do realize that everyone confirms that 600+ files were altered, right? The state witness (Durham PD), the defense network expert (JW) and defense forensic expert (GM).

The last two delved further into it as they both had considerably more experience with this. The Durham PD witness had only tested 5 computers in his career and did not have an explanation for the altered files. And he was a prosecution witness.

The other two, with much more experience (GM had forensically tested 400+ computers) did. They felt the altered files pointed to intentional tampering.

The laptop was connected to the Cisco corporate network via VPN for 27 hours, starting from when the house was seized via search warrant through when the CPD computer experts arrived to collect the computers.

During that time, lots of automated processes would have happened: email downloads, data back-ups, software updates, and hard drive defragmentation.

The FBI witness said he looked at everyone of the 691 file changes and attributed them all to automatic processes.

GM said that, to him, "tampering" is the same as "spoilation" and "spoilation" is the change of any bit on a hard drive while in custody. When asked about updates, he said "nothing from Microsoft". Well, it came from Cisco IT. Nice choice of words.

Yes, it's too bad that the computer was left on, running, connected to a network, and VPNed to Cisco while in custody. But, that was the way Brad left it. And CPD process was to leave everything be until the computer trained officers could come.

Something else to think about: the computer was connected to VPN for those 27 hours. That kills the "boot with a linux CD and copy files idea", because rebooting would kill the VPN connection.

For the "plug a USB drive in" idea: what is in the windows system event log? If you plug something in, there would be a log. There is a log of someone configuring the IP address of a router at 10:21pm. Is there a log of someone attaching external media?