Levy’s Computer May Reveal Clues

District of Columbia police prepared Wednesday to disclose a list of Web sites visited by missing intern Chandra Levy as investigators rely increasingly on information gleaned from the young woman’s computer.

Investigators believe Levy used her laptop computer for several hours May 1, her last known activity. She searched Web sites for restaurants, a local park, newspapers in California and Washington, trains, airlines, government agencies and congressional committees, police say.

The hope is that if she followed up by going to one of the places she looked at on the Internet, someone will remember seeing her.

Meanwhile, police continued to search D.C. area parks for signs of the young woman, without result. And the reward for information in the case grew to $90,000 as George Stahlman, 78, who has operated “King” Stahlman Bail Bonds in San Diego since 1947, offered $50,000 for information received before Sept. 30.

The Levy case underscores how difficult it is to erase footprints in cyberspace. Even if she had tried to shield her privacy with a password, such measures are easily defeated.

“The average computer user is completely unaware of how much information is saved on the computer and how easy it is to get past the standard security systems that are built into the system,” said Elias Levy, chief technology officer of SecurityFocus, a computer security company in San Mateo. Levy, no relation to Chandra Levy, is a well-known “white hat” computer hacker who administers BUGTRAQ, an authoritative mailing list on security problems.

Many types of passwords can be eliminated by removing a small battery from the computer designed to keep such information stored safely. And many manufacturers build computers with “backdoor” passwords hard-wired into the equipment as a kind of safety feature if the consumer forgets the password. All a savvy investigator needs to know is a few details about the computer’s components to know which standard password to use.

That’s assuming that Chandra Levy actually selected a password that wasn’t easily guessable, such as “password,” the single most commonly used password in the United States, according to several studies.

“And a lot of people pick a password that’s easily guessed, like the name of a pet,” Elias Levy said.

Failing all those techniques, there are software tools on the market designed to recover forgotten passwords, but they work just as easily for someone who doesn’t know the password. In extreme cases, someone can simply remove the hard drive from a computer, install it in a different computer and oftentimes bypass security on the original machine.

Once investigators have access to the hard drive, they can study the Web browsing software to see which Web sites she visited and even whether she purchased anything online.

Web browsing software, such as Microsoft’s Internet Explorer or Netscape’s Navigator, keeps a history of Web pages visited and when they were accessed. On recent versions of Internet Explorer, for example, pressing the Alt key and the H key simultaneously opens up the history file.

In addition, many Web sites place small bits of computer code called cookies on a visitor’s hard drive. Those cookies often contain passwords so that frequent visitors don’t have to type them over and over, and sometimes indicate a purchase.

Users who want to protect their privacy, especially when working in environments where one computer is shared by many people, need to get into the habit of regularly erasing such files. In recent versions of Internet Explorer, for instance, clicking the Tools menu and then choosing Internet Options opens a box that allows users to delete temporary Internet files and the history log. In that same box, under the Content tab, users should also clear and disable the AutoComplete function.

Even after data is deleted, however, forensic analysis can still recover most if not all information from the hard drive. That’s because computer hard drives use magnetic discs to store data. When information is deleted, the user is basically telling the computer that it’s OK to write over it. But because it’s stored magnetically, traces of the data exist until the computer writes over it several times. Hard drives that have sensitive information should be completely secured with a powerful encryption program that keeps out all but the most determined and well-equipped snoops.

*

imes wire services contributed to this story.