{"id":2444,"date":"2025-05-08T22:41:06","date_gmt":"2025-05-09T02:41:06","guid":{"rendered":"https:\/\/wordpress.forensicpath.us\/?p=2444"},"modified":"2025-12-10T09:36:25","modified_gmt":"2025-12-10T14:36:25","slug":"private-consultations-in-forensic-pathology-10-privacy-and-the-road-warrior-pathologist","status":"publish","type":"post","link":"https:\/\/wordpress.forensicpath.us\/index.php\/2025\/05\/08\/private-consultations-in-forensic-pathology-10-privacy-and-the-road-warrior-pathologist\/","title":{"rendered":"Private consultation in forensic pathology 10 — Privacy and the road-warrior pathologist"},"content":{"rendered":"

I recently returned from a trip to testify in another state on a consultation case.\u00a0 \u00a0Most of the time, travel is just a day or two, but sometimes I’m on the road for a couple-three weeks.\u00a0 When I’m on the road like that, I often have files from other cases on my laptop so I can do a little work in the hotel room.\u00a0 \u00a0One of my recurring nightmares is that my laptop will be stolen or lost and someone will get access to those files.\u00a0 \u00a0I thought I’d tell you what I do in order to decrease my anxiety.\u00a0 \u00a0I’m going to talk about operational security when I’m in the room and what I do to foil thieves.<\/p>\n

The Apostle Luke tells us Jesus said “There is nothing concealed that will not be disclosed, or hidden that will not be made known.What you have said in the dark will be heard in the daylight, and what you have whispered in the ear in the inner rooms will be proclaimed from the roofs.”<\/em> So, we know that trying to hide things from God won’t work, and in the end, we will be exposed to everybody. But, as the saying goes, “Everybody wants to go to heaven, but nobody wants to go right now.” Similarly, we should live our lives as if we will have to justify ourselves before God and the world, but we don’t want it exposed right now. And, security is a little like trying to live a life Jesus would approve of. We can try, but we can never be perfect. The best we can do is minimize what happens when we fail — at life and at security and privacy.<\/p>\n

First, I’ll write about working in the hotel room.\u00a0 The most important thing to remember is that hotel wifi is pretty risky.\u00a0 You have no idea what their security systems are like, how encrypted things are, etc.\u00a0 It’s not as bad as it used to be — I can remember back in the day when I could sit in my hotel room and monitor all the packets in the building just for kicks.\u00a0 \u00a0Not so easy anymore, but still…\u00a0 \u00a0So, here’s what I do:<\/p>\n

    \n
  1. I use my own hotspot.\u00a0 I use a “JetPack” MiFi\u00a0 from Verizon.\u00a0 This isn’t the fastest thing in the world, but it’s fine for doing work.\u00a0 \u00a0Remember to use good encryption for the password (WPA2 is the best my device does, though some support WPA3).\u00a0 Use a good password.\u00a0 Finally, and very importantly, *do not advertise your hotspot (SSID)*.\u00a0 \u00a0This avoids exposing yourself to every opportunistic hacker with a hotel room.\u00a0 \u00a0My MiFi was relatively cheap (a few hundred bucks) and costs me $15 a month on my plan (which is tax deductible).<\/li>\n
  2. Use a VPN.\u00a0 I’m not going to write about how VPNs work here, but if you are not familiar with VPNs and how to choose one (e.g. don’t use one of the free honey pots) read up on it.<\/li>\n
  3. I have a friend who has a different setup.\u00a0 He takes along his own wireless router that both does encryption and connects to a VPN.\u00a0 He does that through the hotel wireless, though, and that still gives me the shudders.\u00a0 My method bypasses hotel wifi completely.<\/li>\n<\/ol>\n

    Now let’s talk a little about security of your rig.<\/p>\n

      \n
    1. Consider a cheap road box just for traveling.\u00a0 I have a little $400 laptop that I travel with.\u00a0 This is in contrast to my $3000 rig I use at home.\u00a0 I’m not going to be *making* my graphics on the road, and I don’t need zillions of cycles.\u00a0 I just need to review documents and play multimedia.\u00a0 If the box gets broken (one time I had a luggage cart drive over my laptop and smash it) or stolen, it’s unfortunate but not the end of the world.\u00a0 Plus, you can modify it for higher security and less ease of use since you are using it just when you travel.<\/li>\n
    2. Consider storing your files in the cloud and only download the ones you need to work on onto the road computer.\u00a0 Privacy and security in cloud storage is a whole ‘nother topic. Encryption is your friend.\u00a0 Don’t trust the cloud storage company.\u00a0 Remember that some places (cough, Microsoft, cough) will scan everything you upload, as I remember.\u00a0 I normally download the files I need when I’m in the hotel room, and then delete them as soon as I’m done looking at them.<\/li>\n
    3. Use a good password.\u00a0 I don’t know why this is hard for people to understand.\u00a0 People worry about security and privacy, and then use “doggie” as their password.\u00a0 \u00a0It’s crazy.\u00a0 There are all sorts of tools to break passwords that anybody can use.\u00a0 Just turn it on and let it go.\u00a0 Don’t be the person with the password it takes ten seconds to brute force.\u00a0 There are lots of articles on making a good password.\u00a0 Go read them.\u00a0 The most important, in my mind is the length of the password.\u00a0 For a road box, your password should be at least 11 or 12 characters.\u00a0 Mine has 18.\u00a0 It should also contain small case, capitals, numbers, and special characters in no particular order.\n

      There are a couple of philosophies about this.\u00a0 The first is that the passwords should be completely random, which means you have to write them down and maintain security of your password list.\u00a0 The second is that you use some mnemonic, which makes it less likely that you have to worry about a password list but often makes the password a little less secure (since\u00a0 mnemonics are not random).\u00a0 I’ll take the hit on the second so that I don’t have to carry a password list with me.\u00a0 I usually use literary quotes from books and speeches I know.\u00a0 For example “It was the worst of times, it was the best of times.”\u00a0 becomes “1tw@$tH#woRs^06t!M#s1tw@$tH#2#st06t!M#s”\u00a0 Finally, don’t use the same password for your road box that you use on any other box.\u00a0 If someone cracks your Amazon passcode, don’t give them this as well.<\/p>\n<\/li>\n

    4. Use full disk encryption.\u00a0 This is another no-brainer.\u00a0 Here’s the thing if you are not aware of it.\u00a0 \u00a0If you don’t encrypt your disk, then all you have to do to harvest files is to boot your machine from a USB drive or equivalent, mount the laptop drive and then explore it.\u00a0 If it’s encrypted, you can’t do that without the password.\u00a0 If you don’t encrypt your drive, then your computer is an open book to anybody who can touch it.\u00a0 Now, I’m a Linux guy, so I can’t talk about Windows and MacOS encryption all that much.\u00a0 I did a search on Windows and it seemed that encryption was available but may or may not be on by default.\u00a0 If it’s not on, then turn it on and encrypt your disk.\u00a0 \u00a0Linux distributions, in general offer it as an option on installation of the operating system.<\/li>\n
    5. Set your power options so that it turns off when you shut your lid. When I’m at home, I sometimes have processes that run for hours. So, I don’t want my computer to turn off if it’s “inactive” for awhile or if I shut the lid. For my road machine, I don’t want someone to open the box and have everything running in a decrypted setting. So, set your power options to shut down when you are inactive or shut the lid. <\/li>\n
    6. If you use Linux, you can take advantage of a couple of options that I don’t think are easily available on Windows or Macs.\u00a0 One of the more interesting is the “Nuclear” option.\u00a0 In Linux, the most common encryption setup (called LUKS) actually allows up to 8 passwords.\u00a0 \u00a0The “Nuclear” option method is to set up two passwords.\u00a0 With one password, the machine boots up normally.\u00a0 If the other password is used, the header information for the disk is erased, so that it cannot be unencrypted and everything in the computer is made permanently unavailable (even to you).\u00a0 The primary use is for people who cross borders where they are forced to turn on the computer and provide the password.\u00a0 This is an implemented option in a couple of linux distributions such as Kodachi and Kali.A common implementation (such as with Kodachi linux) is to have a second partition in which you can keep sensitive files.\u00a0 If you input the “Nuke” password, the machine will boot up on the first partition, but the second partition will be corrupted.\u00a0 This is particularly useful for SSD drives, since it is not possible to erase files by overwriting them.\u00a0 Remember that, unlike magnetic drives, SSD drives do not write to the same place when you overwrite a file.\u00a0 Thus, the fragments may still be available for forensic recovery.
      \u00a0
      \nKodachi, unfortunately, has not been updated for some years so it’s not really an out of the box option right now.\u00a0 However, it is possible to implement this in any linux distribution with a little effort. You can also set it up to delete individual files or folders, but that is less secure.Basically, it has two steps:\u00a0 1) Add a second password, 2 Add a script that erases the encryption headers on the disk.\u00a0 \u00a0Searching the internet for step by step instructions is hard, but ChatGPT does a very good job. If you want email me and I’ll send you my ChatGPT instructions.<\/p>\n

      I use it with the two partition solution, and I put my casework in the second partition. Then, I tape a piece of paper with an easy second password (e.g. “oliver1”)\u00a0 on the bottom of the computer. My hope is that someone who steals my laptop will see the password and think I’m one of those people who put their password on their box, and they will use it.\u00a0 I’ve had to turn on my laptop in airports a couple of times, but I’ve never been forced to put in the password, not even going to and leaving Israel, and they are pretty security conscious.It should be remembered that a “real” forensic analysis of your computer will involve imaging the disk before entering any passwords, so this it not something that will help you (though making your nuke password easily crackable may distract them). This is not for fooling the NSA. This is for fooling some asshat who steals your box.<\/p>\n<\/li>\n

    7. A second thing you can do with a linux system —\u00a0 and I assume it’s possible on other operating systems as well — is to set up a script that runs cleaning software (e.g. bleachbit) every couple of hours.\u00a0 In linux it’s called a “cron job.”\u00a0 In Windows you can use the “Task Scheduler” I think.\u00a0 \u00a0Macs (which is an adulterated BSD system) uses launchd and “Automator”.\u00a0 One of the big problems with modern software is that so many apps keep snapshots, thumbnails, etc. in temporary cache files.\u00a0 If someone steals your computer and can get to those cache files, they can get a lot of information even if they can’t get the files themselves.\u00a0 Cleaning software like bleachbit (of Hillary Clinton fame) will get rid of all that stuff.\u00a0 In a linux system it’s trival to set up a script that runs every hour or two so that there’s no collection of thumbnails and temp files on your machine if it’s stolen.<\/li>\n
    8. A third thing I do, which is a little more problematic on Windows or Macs, is to erase the entire machine and reinstall the OS on my travel machine when I get home.\u00a0 Thus, any malware I may have picked up on the road will be erased.\u00a0 \u00a0My experience with installing Windows and MacOS is that it’s a little more of a hassle than installing linux, which takes about 20 minutes and requires minimal supervision.<\/li>\n<\/ol>\n

      OK, now a couple of philosophic things.\u00a0 First, if you use Windows or Macs, please consider using Linux or BSD.\u00a0 Here’s the thing.\u00a0 Microsoft, particularly with Windows 11, is becoming increasingly intrusive with its surveillance.\u00a0 With the new AI enhancements, the OS comes basically with a keylogger and screen snapshot system that’s sent to the mother ship.\u00a0 From what I read, you can try to opt out, but history has not been supportive of corporate behavior in that respect.\u00a0 I don’t know about Macs.\u00a0 The bottom line with linux, however, is that surveillance is minimal and all opt-in — essentially consisting of whether or not to send usage notifications and crash reports to the folk who make the distro.\u00a0 Linux is not hard to learn or use, in spite of the propaganda, and the interface is fun.\u00a0 It’s free.\u00a0 It’s easy to copy from device to device.\u00a0 It’s easy to harden, particularly with distros like Ubuntu.\u00a0 There are no copyright issues.<\/p>\n

      Sure, there’s some software that you may need Windows for.\u00a0 For me, it’s Quicken.\u00a0 I have my personal financial data from 1990 until now on Quicken, and it will only run on Windows. Quicken uses a proprietary data format, so my past 30 years of financial records are held hostage by the platform.\u00a0 \u00a0So, I run Windows on a virtual machine when I need that particular program.<\/p>\n

      But… Linux is a little like the standard transmission of car thievery.\u00a0 Merely using linux will make it difficult for a subset<\/strong> <\/em>of thieves to use.<\/p>\n

      The second issue is that of peripherals.\u00a0 I used to travel with a little portable printer.\u00a0 However, those little thermal printers really don’t provide great output, and the portable “real” printers, like the HP OfficeJet 200 are more bulky than I’m willing to travel with.\u00a0 And I haven’t had to print anything in years.\u00a0 Usually, if there’s an issue, counsel will print something off for me.\u00a0 The same thing is true of those little projectors.\u00a0 Now, I have to say that I’ve been assuming that I am traveling only for testimony.\u00a0 I have had occasion to travel for other reasons — committee meetings and long term trial attendance — in which these things would have been helpful.\u00a0 But mostly I prefer to travel light.\u00a0 The only peripheral I travel with now is a laser pointer on my key chain.<\/p>\n","protected":false},"excerpt":{"rendered":"

      I recently returned from a trip to testify in another state on a consultation case.\u00a0 \u00a0Most of the time, travel…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[148,1],"tags":[],"class_list":["post-2444","post","type-post","status-publish","format-standard","hentry","category-private-consultation","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/wordpress.forensicpath.us\/index.php\/wp-json\/wp\/v2\/posts\/2444","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.forensicpath.us\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wordpress.forensicpath.us\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.forensicpath.us\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.forensicpath.us\/index.php\/wp-json\/wp\/v2\/comments?post=2444"}],"version-history":[{"count":16,"href":"https:\/\/wordpress.forensicpath.us\/index.php\/wp-json\/wp\/v2\/posts\/2444\/revisions"}],"predecessor-version":[{"id":2460,"href":"https:\/\/wordpress.forensicpath.us\/index.php\/wp-json\/wp\/v2\/posts\/2444\/revisions\/2460"}],"wp:attachment":[{"href":"https:\/\/wordpress.forensicpath.us\/index.php\/wp-json\/wp\/v2\/media?parent=2444"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wordpress.forensicpath.us\/index.php\/wp-json\/wp\/v2\/categories?post=2444"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wordpress.forensicpath.us\/index.php\/wp-json\/wp\/v2\/tags?post=2444"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}