Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.off-topic : NCIS : Re: NCIS Server Time
29 Jul 2024 04:16:51 EDT (-0400)
  Re: NCIS  
From: Invisible
Date: 27 Apr 2012 08:18:52
Message: <4f9a8eac$1@news.povray.org>
 
>> - You *cannot* take CCTV footage, enlarge it 20x, "run an imagine
>> enhancement algorithm" and then read a car numberplate from 300 yards.
>> It doesn't work like that.
>
>    Actually it's not *that* far-fetched.
> This is especially true if you have video footage
> instead of one single still image

I doubt it's ever as easy as just clicking a button and the computer 
flashing a few boxes up and then showing you the pristine, original image.

>> - IP addresses are generally *not* "registered" to individual human
>> beings in the same way that telephone numbers are.
>
>    The ISP knows which one of their clients has which IP address at any
> given moment

Really? That's news to me.

> Thus *in theory* it could be possible to locate any individual
> by IP address (even if it's behind a NAT), assuming you also hack into the
> ISP's client database to get the home address.
>
>    (In many countries that would be illegal, though, at least without a
> court order.)

Not sure if or how this changes when you're in the military or 
investigating a murder.

>> - If an attacker is "marking their signal by bouncing it off proxy
>> servers all over the world"

Damn. I meant "masking". >_<

>> the geographic locations of those servers
>> do not magically pop up on a world map when you try to "backtrace the
>> signal".
>
>    Actually IP addresses can be mostly mapped on a world map.

Probably. But if you can just *follow* the signal from proxy to proxy 
automatically like that, it's not really "masking" very much, is it?

>    Of course *showing* such a map on the fly is just for the viewers.

Yeah, clearly. ;-)

It's even more amusing when they do this with bank wire transactions... 
What, so all the banks across the globe allow the US Navy to see their 
transaction lists now?

>> - There is no such thing as "a steganography detection algorithm".
>> That's kind of the entire *point* of steganography; you can't detect it.
>
>    I wouldn't claim that without some actual references.

The *ideal* is for steganographically hidden data to be undetectable 
unless you know where it's hidden. How well actual real-world system 
approach that ideal? I couldn't say. It's not my field of expertise.

>> - If you "upload the firmware" from a device onto your computer, it
>> *canoot* infect your computer with a virus that secretly steals your
>> data or modifies computer evidence. You see, a virus doesn't *do*
>> anything - anything at all - unless you actually *run* it. Any
>> half-competent computer forensics expert wouldn't make such a mistake.
>
>    So-called zero-day exploits can sometimes surprise even the best
> experts (which is why they are extremely valuable in the cracker community),
> and there have been cases where a buggy computer can be made to execute
> code from the outside (or, at the very least, there have been cases that a
> computer could be made to crash by just sending it certain IP packets).

I'd imagine a computer forensics lab would be more prepared than most to 
deal with the possibility of viral threats.

Now, certain software has security flaws that allow arbitrary code 
execution. But as I understand it, these tend to be /extremely/ specific 
to the particular software you're using and the exact point-release in 
question. It's *very* improbable that an outside adversary would know 
precisely what software your forensics lab runs.

>> Also, something bothers me: I'm PRETTY SURE that if a suspect refuses to
>> give you a DNA sample, then you CANNOT simply offer them a drink, and
>> then lift their fingerprints and DNA from the glass afterwards. It
>> strikes me that there must be some kind of LAW against that kind of
>> thing. (Otherwise why would you even need consent in the first place?)
>
>    The DNA obtained that way cannot be used as evidence, but it can rule
> out or confirm a suspect, so that further investigation can be directed
> better. But I don't know if even doing that is legal.

NCIS seem to use it to force confessions out of people. Guy sits there 
in the chair, smirking "you can't prove anything". Other guy shows him 
an evidence bag with the glass in it, and the DNA report from the lab. 
(I'm pretty sure those /don't/ actually have "100% positive match" 
stamped on them in red letters IRL...) And the guy breaks down. "OK, I 
did it! The guy deserved it anyway! Don't bust me, man! I did it for my 
kids..." They take him to jail. (Because, let's face it, it isn't like 
these cases go to *trial* or anything...)


Post a reply to this message

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.