lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4667FD23.1010207@infiltrated.net>
Date: Thu, 07 Jun 2007 08:42:11 -0400
From: "J. Oquendo" <sil@...iltrated.net>
To: Valdis.Kletnieks@...edu
Cc: Full Disclosure <full-disclosure@...ts.grok.org.uk>,
	Jason Coombs <jasonc@...ence.org>
Subject: Re: Fw: [IACIS-L] Statement by Defense Expert

Valdis.Kletnieks@...edu wrote:
>
> So I take it that law enforcement computer examiners and prosecutors *do* have
> the years of experience in software engineering and exploit construction and
> use, to qualify them to translate a bit of data into forensic evidence of guilt?
>
>   

Catch 22. This is why prosecutors often rely on expert witnesses who 
even then are lacking. One of the
things many omit in their methods of thinking when it comes to perhaps 
going to trial is the following,
and please take it very seriously... Will the JURY understand it first 
and foremost, secondly will the
jury even give a rats ass.

 From experience, 1) the jury WILL NOT understand even 1/2 of the 
terminology nor concepts, analogies
you can throw at them. This works to the benefit of whichever side is 
willing to exploit the jurors.
"Overwhelm them with so much technology they'll have to believe the 
accused is guilty. After all, why
bring in all of these *experts*" (for the prosecution). "Overwhelm them 
with so much technology to
counter the former experts expertise and throw in doubt..." For the defense.

On the latter... While "guilty until proven innocent is the American 
dream, it is seldomly practiced. If so
there would be no need for bail since the defendant is after all 
innocent. (Bottom line holding true to the
letter of the law... Not practical but this concept of innocent until 
proven guilty is flawed). Anyhow,
if one were to find themselves on trial this is what you SHOULD 
expect... You will get a jury of your
so called peers.. So let's define peer: Noun 1. peer - a person who is 
of equal standing with another
in a group. Your peers will never be in equal standing from a 
technological perspective period. For
one, it would take a miracle to gather a bunch of computer literate 
users for jury duty. Heck you will
likely find 0 even if one appears for jury duty, it is likely the 
prosecution will try to rid this person
from selection. Its not in their best interest to have someone fully 
technical on trial for a few reasons.
1) The juror might associate his experiences with the case being tried 
and taint an outcome based
on HIS experience, not the facts presented. Would be the main reason. It 
might not be in the best
interest of the defendant for the same reason.

No sir, your peer will consist of someone who's likely going to be 
computer illiterate, likely twice
your age, etc., they'll 1) be frustrated they have to go through jury 
duty and want to get things over
with to return to normal life. 2) They'll be looking like a deer in 
headlights trying to understand what
the hell an expert is talking about: "SMTP is a protocol used to deliver 
electronic mail. This mail
consists of binary zeros and ones which when converted formed a 
corrupted gif image which caused
Microsoft's Windows Small Business Server to suffer a buffer overflow." 
Might sound like clockwork
to anyone here, but will sound Klingon to a juror. I could go on and 
on... But one should be able to
envision the possibilities of jurors being lost and irrate.

I may or may not do a write up based on my case, but that is likely 
going to irritate a lot of federal
agents and it will likely mean I will end up posting my case files 
online which will further piss off
more federal agents and perhaps place me back to square one. Who knows 
maybe I will discuss
this with an attorney beforehand. Lest I face the wrath of again 
breaking into an employer while
on an airplane. But hey... An expert can always be called in on my 
defense on how it would have
been impossible to spoof over the Atlantic Ocean... Then again, a 
counterexpert could show the
possibility of me hijacking satellite after satellite after satellite 
for said connection to leave "a
teasing message saying... Hi I pwnd you" for shits and giggles.

-- 
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
echo infiltrated.net|sed 's/^/sil@/g' 

"Wise men talk because they have something to say;
fools, because they have to say something." -- Plato



Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5157 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ