BTK killer

[m2mike 8]

Does anyone know what digital "trail" that the BTK killer left? I hope this guy did not use Microsoft Word to write a letter. That is so traceable. An article I read said, "it apparently contained an electronic imprint from the church computer."

These serial killers today. Haven't they heard of typewriters? A typewriter worked for the unibomber for years until he got caught. If I recall correctly, the only reason the unibomber got caught was because his brother sold him out.

Edited March 5, 2005 by m2mike

[Dr. Z2A 2]

How the heck do they track somebody if the letter is written in ms word?

[Taeweas 1]

I would also like to know that.....

[REv9k 0]

Open a .doc file with a text editor. You'll see the registered username and company of the M$ software.

Edited March 6, 2005 by REv9k

[Dr. Z2A 2]

yea but if someone prints it off and leaves it somewhere hows it tracked like that? I mean I dont think a serial killer leaves a floppy disk wih the message on his victim.

[Taeweas 1]

lol that WOULD be pretty funny

[BlackRatchet 0]

yea but if someone prints it off and leaves it somewhere hows it tracked like that? I mean I dont think a serial killer leaves a floppy disk wih the message on his victim.

Except this one.

He sent in the floppy disk to a TV station and was pwn3d.

[Minion 0]

Hahahaha. Pwned, just pwned.

[m2mike 8]

REv9K is correct. MS-Word basically gives a username and company name if there is one. That's the thing about the older generation. Many of them are noobs (this includes so-called "smart" serial killers).

I just saw the following from the url at the bottom of this page.

Sources said the disk was handed over to FBI analysts, who determined that it had been reformatted. Data on the disk traced it back to a computer at Christ Lutheran Church in Wichita.

http://www.latimes.com/news/nationworld/na...ack=2&cset=true

It sounds to me like someone should have used THC-SecureDelete

http://www.thc.org/download.php?t=r&f=secu...lete-3.1.tar.gz

or FileOwnGuard

http://www.thegrideon.com/fileownguard.html

By the way, I am certainly not condoning the behavior of the BTK killer, but I am saying that he is a friggin' NOOB!

Edited March 6, 2005 by m2mike

[Taeweas 1]

The LA times thing is blocked, but yes, he is a newb, Ive often contemplated the perfect murder.....but its impossible!!

[K.H.O. 0]

How the heck do they track somebody if the letter is written in ms word?

not exactly on the subject but, if your interested I think it's like the first episode of BRR where Stankdawg talks about how Microsoft puts info and other things inside your files..

K.H.O.

[Minion 0]

Taeweas, the perfect murder is simple. Kill everybody. EVERY FUCKING PERSON ALIVE.

[lowtec 0]

yea but if someone prints it off and leaves it somewhere hows it tracked like that?

Ever wonder why most printers won't print [even in pure b&w] unless you have a color cartridge installed?

There was an article on slashdot where with a blue led you can read faint serial #s that your printer puts on every document it spits out. FBI and others have been using this for a while to track counterfitters and others.

[nyx 0]

lol, im suprised you guys are following this... Im about 45 miles away from where this is taking place... Whoopie! Im on the news.. LOL

[REv9k 0]

I don't know if I'd call this guy a noob, he's more of a slasher than a hacker.

Edited March 6, 2005 by REv9k

[Taeweas 1]

There was an article on slashdot where with a blue led you can read faint serial #s that your printer puts on every document it spits out. FBI and others have been using this for a while to track counterfitters and others.

Argh, Im gonna try this with one of those keychain LED's

[Dr. Z2A 2]

lowtec  Posted on Mar 6 2005, 04:06 AM

 

QUOTE (Dr. Z2A @ Mar 5 2005, 07:44 PM)

yea but if someone prints it off and leaves it somewhere hows it tracked like that?

Ever wonder why most printers won't print [even in pure b&w] unless you have a color cartridge installed?

There was an article on slashdot where with a blue led you can read faint serial #s that your printer puts on every document it spits out. FBI and others have been using this for a while to track counterfitters and others.

Does the same thing happen with other word prossesors like notepad and NJStar?

[pbx43k 1]

I would immagine that the serial number is printed by drivers or, more likely, firmware, no matter what software you used to create the document.

[jedibebop 1]

REv9K is correct. MS-Word basically gives a username and company name if there is one. That's the thing about the older generation. Many of them are noobs (this includes so-called "smart" serial killers).

I just saw the following from the url at the bottom of this page.

Sources said the disk was handed over to FBI analysts, who determined that it had been reformatted. Data on the disk traced it back to a computer at Christ Lutheran Church in Wichita.

http://www.latimes.com/news/nationworld/na...ack=2&cset=true

It sounds to me like someone should have used THC-SecureDelete

http://www.thc.org/download.php?t=r&f=secu...lete-3.1.tar.gz

or FileOwnGuard

http://www.thegrideon.com/fileownguard.html

By the way, I am certainly not condoning the behavior of the BTK killer, but I am saying that he is a friggin' NOOB!

no amount of shredding/zeroing/deleting will keep it safe from someone truely determined (like the fbi trying to find a very successful serial killer)

[m2mike 8]

Ok, so use brand new media.

[REv9k 0]

The paper that you use to print ON can also be traced

[pbx43k 1]

Not only does Microsoft Office embed the user and company names, ther is a GUID in each document that can be linked to the particular installation used to create it. Thats how they caught the Melissa virus author. It is probably the same information that is used when you register Office with Microsoft.

pbx43k

[I-baLL 5]

Some websites say that he left his semen at a lot of the crime scenes. That too probably did him in.

[apollyon 0]

that will do him in during the trial if he doesn't plead out.

most desktop printers do not yet watermark all pages, but all large scale business/industrial printers are required to. this was a measure put in place to stop counterfeiters and document forgers. it allows tracing either to the brand and model of machine, or specific serial numbered machine that can be traced to it's owner.

on the topic if counterfeiting, many software suites have added a "feature" to detect if you are working with images of money. some scanner software won't scan anything above a $5, and if you use adobe photoshop CS try loading this image:

this is a pain in the ass. it's not even illegal to manipulate images of currency in any form:

1 the illustration is of a size less than three-fourths or more than one and one-half, in linear dimension, of each part of the item illustrated;

2 the illustration is one-sided; and

3 all negatives, plates, positives, digitized storage medium, graphic files, magnetic medium, optical storage devices, and any other thing used in the making of the illustration that contain an image of the illustration or any part thereof are destroyed and/or deleted or erased after their final use.

back to the BTK case, the dude's a fucking wacko. did anyone else catch the episode of Law & Order: SVU that dealt with a "RDK" copycat killer?

[SUB-S0NIX 0]

Well lets see what can be tracked when it comes to printing documents..

Authorities can tell what kind of printer a document came from if it was printed with a printer before 1996 or 1995. I read some on article some where about how EPSON and HP have a create a Identity mark on all printers that spefically print characters in a semi odd way. With close examination of a forged or malicious document, the FEDS can identify what kind of printer, printed the document.

Also WHAT ELSE does M$ track? Since where on the subject. I remember running into some site I think the URL had said some thing like WINDOWS SUCK or something like that and it had alot things about M$ and what it tracks with out a users knowledge.

Edited March 8, 2005 by SUB-S0NIX