Posts by Matthew Poole
Last ←Newer Page 1 2 3 4 5 Older→ First
-
OnPoint: The Big Guns: Truecrypt and Tails, in reply to
Which works until the adversary finds out that is how the OTP is generated and starts to record the same data and match the ciphertext against it.
Atmospheric noise is geographically distinct, so the attacker would need to be recording the same noise in the same three-dimensional space as well as achieving precise precise synchronisation down to fractions of a second.
Knowing that it's keyed off atmospheric noise is actually not any help whatsoever, particularly if there are other things being done like XOR'ing against other input - say from a second listening station in another location. -
OnPoint: The Big Guns: Truecrypt and Tails, in reply to
Also, a PoCA application isn't "balance of probabilities because the police say so". The person whose stuff is up for grabs is entitled to present evidence in support of their assertion that they had legal means of making the money, y'ronner.
-
OnPoint: The Big Guns: Truecrypt and Tails, in reply to
What the cops do then is say that your actions are evidence that you were up to no good, probably something criminal, and therefore they should be able to confiscate all your stuff under the proceeds of crime act, (which Labour proposed and National passed when they got in) which does not require conviction on a criminal charge, merely convincing [a judge?/ a jury?] that on the balance of probability, you were doing something naughty, and that although they can’t prove what it was, it was probably for making money, and therefore they want your house/car/goldfish as proceeds of a crime.
Not quite. "They" have to convince a judge that, on the balance of probabilities, your stuff was bought with the proceeds of crime, hence the title of the Act. If you can point to a legitimate source of income that would have covered the purchase cost, the balance of probabilities says that you used that income to buy the computer; unless "they" can point to something like a cash transaction using marked bills that they paid to an informant who claims that you then sold them drugs, at which point you're kinda fucked.
The PoCA is not really the fishing expedition you seem to think. It's there to get stuff off people who can't prove they had a legal means of getting the money to make the purchases. It's not there to allow seizure of stuff just because it might have been used for doing dodgy things. There are other criminal law provisions that allow for seizure of evidence (and just ask Mr Schmitz how broad-ranging and abusive the use of those particular powers can be!), but the standard required to get the necessary search warrant to make those seizures isn't even as high as balance of probabilities because there's only the police side of the case being presented. They don't get to keep your stuff, though, if you're acquitted, and even if you're convicted they still don't get to sell it unless they can meet the balance-of-probabilities test on the PoCA that the money used for purchase was not earned legitimately.If your only declared income is part-time crew at McDonald's but you just bought a Ferrari, and there's no sign of a family inheritance or Lotto win, you're probably not going to win the PoCA case. If the cops are trying to claim your beat-up seventh-hand 1987 Corolla, though, your income is more than adequate for it to be more likely than not that you earned the money through legal means. Both cases, of course, being based entirely on a police claim that the car was bought with the proceeds of crime, and there being no other evidence that points unequivocally one way or the other.
-
OnPoint: The Big Guns: Truecrypt and Tails, in reply to
The true OTP is actually safe from infinite computing power and storage.
One of Clancy's novels (IIRC it's The Sum of All Fears) has an OTP system where the keying is based on transcription of atmospheric noise. Unless the SETI project has missed something, an OTP on that basis is rendered vulnerable only by someone doing something idiotic like reusing a pad.
-
Hard News: Another Saturday Night, in reply to
there’s still a cultural issue of burying the mistakes rather than fronting them
Exemplified by the official response to this piece of historic brutality, where a still-serving officer turned an athlete into a “morphine-dependent invalid” and has apparently suffered precisely no repercussions.
I understand the argument that the IPCA will get better cooperation if they aren’t a prosecuting agency, and it may even be somewhat valid, but if the cops aren’t going to charge their own after serious assaults then someone with state funding needs to pick up the slack. Any other person who inflicted such injuries would be looking at quite a few years in jail.
ETA: I see Kier beat me to the punch in mentioning this one.
-
Hard News: Another Saturday Night, in reply to
Much of the anti-social behaviour stems from ignorance of consequences and poverty.. not just lack of wealth… but the poverty of lack of opportunity and the grinding down of NZ society as the greedy & privileged few grab all they can.
What explanation, then, for all the antisocial yobs who get hauled out of town and Takapuna? They're neither poor (financially), nor ignorant of the consequences.
-
Hard News: Seeing the numbers, in reply to
a lot of companies aren't willing to invest in new plant / new processes because they don't get a return out of it.
Especially when they can pay a pittance, secure in the knowledge that the taxpayer will top up their employees' meagre incomes to a level which makes it nearly possible to exist. If the monkeys must be paid in macadamias instead of peanuts, the incentive to pay for technology which gets the same output from fewer monkeys becomes much greater.
-
Hard News: nz.general: a speech, in reply to
Telecom accidentally signed up my dad to Xtra, even though he told them he was quite happy with Ihug.
With Telecom, accidentally is probably accurate, though possibly also not. For many of the smaller ISPs then (and even now, from what I've heard), though, it was more "accidental" that the salespeople were misleading customers about "just signing up for information" on a form that was actually a service contract allowing both internet and telephone service to be transferred away from Telecom (usually, though sometimes Clear). That there were no wholesale fraud prosecutions or significant media coverage was somewhat staggering to those of us who were working in the technical parts of the industry.
-
Alasdair Thompson appears to have had quite the "Road to Damascus" moment since being turfed from the EMA. I'm inclined to vote for him, too.
-
Normal encryption doesn’t help, as you can be legally compelled to give up the password.
However, if the penalty for conviction on whatever charges the encryption is delaying is higher than the two-year maximum for failing to release a password, you're better to stay mum and face the music (which will probably be home-D music at that) for withholding your password.