What do you think about communications data collection and storage?
Roland Perry
ukcrypto at chiark.greenend.org.uk
Tue, 5 May 2009 19:42:33 +0100
In article <alpine.LFD.2.00.0905051823010.11965@melandri.jakma.org>,
Paul Jakma <paul@jakma.org> writes
>On Tue, 5 May 2009, Roland Perry wrote:
>
>> To get back on topic, there's no particular reason they suffer from
>>enough clock drift to hamper traceablity.
>
>Sure it does.
>
>If clock drift adds some measure of uncertainty to logs, such that you
>can't be sure of the precise boundary where a resource is allocated to
>one user, then that can potentially be easily exploited by a user. E.g.:
>
>Step a) send nefarious email / browse whatever
>Step b) disconnect/reconnect immediately thereafter
>
>It wouldn't hide any continued patterns of abuse, but it sure seems
>like it could provide plausible deniability for specific instances..
Only if you can show that the clocks are significantly wrong (therefore
by several seconds). And why would they be? This issue hasn't overly
troubled investigations in the past, and I see no reason why it's useful
to raise it now.
--
Roland Perry