Minister promises that Part III is coming

Richard Clayton ukcrypto at chiark.greenend.org.uk
Fri, 12 May 2006 23:06:28 +0100 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In article <E35E1FE4BAB9884997825A00F7DD8050048E86F6@EUR-MSG-
21.europe.corp.microsoft.com>, Caspar Bowden <casparb@microsoft.com>
writes

>>>If the target of some revenge grudge uses a
>>>computer, then it would be quite feasible to make a piece of malware
>>>that will get that and that person alone into a lot of trouble. 
>
>>Feasible mayhap, but to do in such a way that no traces remained and an
>>entirely consistent story was left behind for forensic examination...
>>this is a significant challenge, and I expect that many early attempts
>>would fail...
>
>I was assuming that only vectors which left no forensic trace would be
>used. 

If you assume perfection, then of course the malware you imagine will be
perfect. My observation is that achieving this is far from trivial

>But what traces are left by a buffer overflow attack over the
>network, which never touches the disk. 

none at all once the system is power-cycled...

>There's no "story" that has to be
>consistent.

... but you were envisaging that illegal images would be left on the
disk (for the police to find them). So you need to write that material
in a way that is consistent with other metadata on the system.  If the
illusion you are generating is use of a browser to download the files,
then it would be wise to ensure that caches and logs are consistent with
that...  the flip side to using that metadata to demonstrate wickedness.

Making one activity look like another is spectacularly difficult. One
might see this as an underpinning principle for a great many different
issues in computer security.

>>It seems fashionable to view such people as sub-human, undeserving of a
>>private life, civil liberties, and any possibility of rehabilitation.
>
>That caricatures what I said - which is that in my view this is a
>reasonable forfeit of liberty in the circumstances

If it is really to be "in the circumstances" then it should be part of
the initial sentence, where the court has considered all the relevant
facts. Mandatory arrangements are a poor way of dealing with the
complexities of real crimes -- however attractive tabloid editors may
feel they may be to deal with short term excitements.

- -- 
richard                                                   Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary 
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1

iQA/AwUBRGUG5JoAxkTY1oPiEQLudgCeKz6pjPYtBoscH1hv01bdX2m5fycAn3+6
DqD2IdsRrmyXa2QV7vTW2ocd
=Z0Vv
-----END PGP SIGNATURE-----