E-gov – Page 3 – Andrea Monti

October 1, 2016October 1, 2016

Phoney and the forensics value of Iphone chat

Phoneys is a software that allows a user to change the content of an Iphone chat thus altering the meaning of the conversation.While this is just an entertainment software, it might have some disturbing impacts on a possible criminal investigation.

Indeed, SMS, chat transcripts and messages are routinely used as a source of evidence by lawyers and prosecutors on the basis that if something is on a phone it can be hardly be faked. Of course, this is not always true, of course evidences must be corroborated by independent checks, of course the legal community is not that dumb to give face value to a text on a phone screen. But…

Phoneys allows a malicious person to create a prima facie deceiving fact, by exploiting the fact that a message has actually been sent, thus leading the investigator into thinking that a conversation took place with the intended correspondent. In an emergency context, the necessity of taking immediate action might push him to under evaluate what has been shown as “evidence”, thus jeopardizing the final result.

Maybe this is a either a minor or non-existent issue. But judicial reality has proven to be more surprising then legal-thriller. So, next time you’re confronted with a message as an evidence, why not double check?

Just in case…

July 10, 2016July 10, 2016

What “Big Brother” and “Orwellian” actually mean

A lot of people – politicians, “gurus” and “activists” use the word “Big Brother” and “Orwellian” without having read even the cover of a George Orwell’s book.

They rather want to have a look at this TED-ed short lesson, to discover what they’re actually talking about.

May 27, 2016

How Do Digital Signature and Time Stamping Work

Begins at 1:50.
https://youtu.be/_Eb6eGFmVDU

February 10, 2016

Italian Digital Signature Software Exposed to Man-in-the-middle Attack?

An independent researcher compiled a list of known Apple OSX-related vulnerabilities, including one that affects the Sparkle Updater Framework.

I’ve just checked my Mac with this command

find /Applications -name Sparkle.framework

and found that DikeX, the old version of the digital-signature tool released by Infocert S.p.a., uses Sparkle. I don’t know if the software is plagued by the bug, but this is exactly the point: nobody from Infocert just warned users with a single word about.

March 12, 2015

National Security, Mediaset and RAI Way Tower

Today the RAI (Radio Televisione Italiana, the public broadcasting company) Radio News Program asked me to provide an opinion about the risks for the national security in case the broadcasting towers belonging to RAI WAY (public-owned company) be purchased by a Mediaset-controlled company. The importance of these broadcasting towers relies upon the fact that they work both for “ordinary” TV programs and for the law-enforcement and other security-related agencies masts.

Here is the link to the interview that starts at 3:00 min. and, for the non-italian speaking people, here is the summary of what I said: privatizing the national security is an ongoing process started years ago with the “online piracy-child pornography excuse”. Regulations have been passed that turned over the ISP and Telcos’s shoulder the task to perform wiretapping, eavesdropping and geolocalization so this RAYWAY issue is just another brick in the wall. By going ahead with this privatization process, nevertheless, there is a ? risk to jeopardize serious crimes investigations since the information about a criminal proceeding will be known by a much too big number of people. So I wander if this “National Security Frenziness” is for real, or it is just a way to spread the usuale FUD (Fear Uncertainty and Doubt.)