I don't believe I'm a person of interest to anyone, however I imagine some people are. With the hacking capabilities of government and organisations, would planting incriminating material on somebody's computer be trivial?
Yes, look up the Bhima Koregaon case in India. Indian police used Israeli spyware to hack the phones of lawyers, human rights activists and critics of Modi. They also used phishing and other malware to plant terrorist material and then imprisoned them.
> In Wilson’s case, a piece of malware known as NetWire had added 32 files to a folder of the computer’s hard drive, including a letter in which Wilson appeared to be conspiring with a banned Maoist group to assassinate Indian prime minister Narendra Modi.
Just last year an NSA ... contractor? ... was convicted for mishandling classified materials, and, curiously, not for possessing the child pornography they also accused him of having on his computer. There was a wholly credulous New Yorker article about it, linked on HN.
Supposedly he had foolishly exposed all the passwords of his phone and online accounts so they could freely find anything they liked, or that had been planted. And the unit he worked in was, IIRC, coincidentally exactly involved in cracking security on accounts, and somebody else he had worked with, there, had developed an antipathy toward him, to the point that he had filed an HR case expressing fear for his own safety.
That a top-level security expert would have left all his own passwords exposed was transparently ludicrous, and the author and jury should both have been deeply suspicious of any evidence claimed to come from it, but seemed entirely oblivious.
It is just possible the jury saw evidence not derived from online records. But I doubt it.
> That a top-level security expert would have left all his own passwords exposed was transparently ludicrous
Not quite. Some experts apply all their own expertise to themselves, others are more lackluster about their own opsec because they 'know what they are doing' or 'this isn't anything important'. Never underestimate human laziness.
I work in IT security and I see the full range of total disinterest to full tinfoil hat mode in this environment when it comes to people's own resources.
Also, it depends on people's area of expertise. Most of our networking security specialists are running segmented VLANs and IDS at home, and WPA3 with all the trimmings. The Windows AD security guys would just have whatever router the provider provides and sometimes don't even change the provided wifi password (which in many cases is algorithm-generated based on the MAC address or something!), but their windows workstations would be top-notch secured.
It is transparently ludicrous to assume as a matter of evidence. Yes, many people are stupidly incautious, particularly when they "have nothing to hide". But having nothing to hide and therefore being incautious make planting anything easy.
Back in the office days I'd see senior-tier engineers without uBlock, loading blatantly malicious ads and being redirected to fake flash player download pages while giving a presentation, Firefox message saying that their SSO password (saved in browser of course) is reused in other places and shows up in compromises, browser addons on work PCs that exfiltrate every URL visited and inject rubbish onto every page like Honey or Rakuten, signed into personal accounts on a work device...
You're confusing a few details, he was a CIA employee and he was almost certainly guilty. You should read through the court transcripts, they basically recovered logs showing him doing it on his workstation and managed to narrow it down to the leak on the basis of a typo in a command that existed in the logs and in the copy of the dump sent to wikileaks.
He spread a lot of FUD in his defence though, so if you don't pay attention and bother to read the court transcripts you'll walk away with the opinion you have.
For the record, he was barely computer literate-- they made their living writing programs that basically just inject DLLs and copy files. I'm probably being a little untruthful calling him border-line computer illiterate, he has a bachelors in CS or similar, but he was just a basic programmer and not some sort of super hacker or exquisite computer all-star.
Logs are as easy to fabricate as anything else. Especially for people in that line of work. Which could easily be what they actually did on a day to day basis.
That's ridiculous to claim without evidence. How would they know the password to plant in his notebook? How did they get into the phone? Why wouldn't he bring that up in court?
Yes – and not only for government and organizations:
> In 1999, NetBus was used to plant child pornography on the work computer of a law scholar at Lund University. The 3,500 images were discovered by system administrators, and the law scholar was assumed to have downloaded them knowingly. He lost his research position at the faculty, and following the publication of his name fled the country and had to seek professional medical care to cope with the stress. He was acquitted from criminal charges in late 2004, as a court found that NetBus had been used to control his computer.
Interesting. I was a student at Lund University in 1999. I vaguely remember hearing about a law professor getting caught with child pornography, but the exoneration never reached me.
This is where I feel like reporting goes terribly wrong. Failure to correct stories like this just cements the wrong idea. It's not slander, but it's like slander by omission.
It's as if bad news and boogie monsters sell better than "we reported incorrectly" I know, but still.
In this age of search engines and social media “amplification” a correction wouldn’t even be sufficient. The original story will always be more salacious than the correction, thus more widely shared and more likely to appear in search results (unless Google etc somehow weight the correction higher, I have no idea if they do)
Not before losing his career and having to flee his country, probably because his reputation was dragged through the mud. News of the acquittal doesn't travel nearly as far as the initial arrest - see sibling comment below.
After a Minnesota lawyer reported his neighbor for allegedly sexually assaulting his son, that neighbor cracked the lawyer's wi-fi WEP encryption and proceeded to attempt to frame him for CSAM crimes, sexual harassment, and threatening of politicians. The lawyer's employer hired an outside firm to investigate, the Secret Service showed up, and ultimately a search warrant at the neighbor's home found evidence that he was the true culprit. He was given 18 years in prison.
The usage of locally forbidden material in online gaming, to insta ban opponents or as a form of protest is a well known trivial hack.
Some games allow to spray an image file to a wall, the picture is downloaded by all players. Locally enforced censorship then causes disconnects and even legal repurcussians to some gamers.
In some countries you are strongly obligated to make contact with illegal images know to the authorities. Failing to do so is punishable.
Such an attack is as trivial, as annomously sending illegal material to the target, depending on the country. There are thousand of cases of minors sending nudes and causing legal investigations. You find articles of parents sending pictures to doctors and being banned from online services, which are known.
Other social attacks, such as giving out free USB sticks with incriminating material are thinkable. Allthoug I am not aware of this being proven to have happened, one can find cases where people used this as a defense.
People providing free uncensored internet by running a Tor node are known to have lots of legal troubles because of it, with different severity depending on the country. Even making it to no flight lists.
Illegal pictures might not be viewed by the public. A government could just claim they found them on your device and may have a way to exclude them to be viewn by anyone. So an individual may have to start a defense from the fact that illegal material has been found on a device, without a chance to ever see the image. Again depending on the country and legal system, there might not even be a need for those illegal pictures to actually exist. Here a document from a governmental entity suffices.
I mean I guess you could say Stuxnet was a "free usb hack".
A similar variation popular on Reddit is sock-puppeting illegal/forbidden material faster than the moderators can deal with it, and then get the admins to shut it down.
> The usage of locally forbidden material in online gaming, to insta ban opponents or as a form of protest is a well known trivial hack. Some games allow to spray an image file to a wall, the picture is downloaded by all players. Locally enforced censorship then causes disconnects and even legal repurcussians to some gamers.
I know this was technically possible in Rust (the game, not the language) circa 2015 (when I last played). I'm not sure how often it was used to trigger bans or local law enforcement action, but I wouldn't put it past people in that community. I stopped playing specifically due to the community's toxicity.
Can you actually show a documented example of this?
I strongly suspect this is a myth akin to the common reddit copypasta supposed to trigger Chinese filters (and that one is way more likely to work, at least it’s HTTP traffic).
Oh, yeah, you could totally upload nasty pictures. What I’m questioning is the original claim that people have been using these mechanisms to trigger automatic internet censorship systems to kick people off game servers.
An easy test for plausibility in these cases is: Can we prove a more extreme case?
Here the answer is: yes. People demonstrably SWAT others in online games. Victims have actually died from this. Yet it continues to happen.
So since the more extreme case - do people trigger police visits to other player's houses, knowing they may die? - is true, the milder case of triggering automatic censorship seems very likely to be true also.
There's a copypasta you can use to kick Chinese players out of games that use P2P connections. You can read it here, it touches pretty much all the pain points of the CCP's current situation.
EICAR is not supposed to trigger like this, but if you have access to the virustotal search API you can find some even smaller signatures that do trigger in this manner.
I remember reading this on HN a long time ago, but I can not find it anymore.
The method was explained in detail and concerned the source engine for this exploit. When I search the web for it, I only find articles of the game being banned in China, this feature being removed and then coming back as a monetized feature.
Also searching for this felt extremely sparse.
Maybe you are right and this never happened and it is just some clever internet hoax. The insta ban thing seems far fetched.
But I am certain this was used to troll, protest and circumvent censorship with gusto and must have had some consequences.
Why would you need hacking for that? Classic https://xkcd.com/538 nerd imagination.
Simply seize some devices and place the incriminating evidence on them. Or just place a device with incriminating evidence among other seized evidence. Crime shows make you think every item is individually serialized and bagged or whatever but in reality they're just going to make a bag labelled "15 SD cards and 6 USB sticks". Stuff like hard drives is just going to be "hard drive #6" in the log. Just swap the stickers, easy as pie. You think evidence is stored securely? Secure is expensive, and it's all stuff of guilty people anyway (otherwise it wouldn't be seized).
I jave had the misfortune of being tangentially involved in two separate CSAM investigations, and in both cases, the inventory of items seized was pretty detailed, including serial numbers when they were legible.
In one case the suspect was innocent and no evidence was planted to try to convict. (The daughter of the woman who made the initial report admitted several months later that her mom had made the report up in order to bolster her child custody case- there were no consequences for the woman who made the false report...)
In the other case, the suspect admitted guilt forthrightly.
Now, I can't say what the norm is across the country/world, just my own experience with the system.
The principal activity of higher level spooks and investigators is coercing people. Even when they don't have anything on the coercee, they can have, or claim to have, things on someone one cares about: a spouse, parent, sibling. Spooks are mainly supposed to coerce information delivery. Cops are supposed to coerce confessions and (if necessary, false) testimony.
They may choose to coerce other things, of course, of less interest to their employers. Sociopaths love these jobs.
> "Admitted guilt forthrightly" is also suspicious.
Not really. IMHO, it's pretty common impulse try to apologize when caught doing something in order to get less punishment. An apology is often effectively a confession.
> The principal activity of higher level spooks and investigators is coercing people...
So? Even if there are people who do stuff like that, it's a tiny fraction of cases like this.
> Are you unfamiliar with the definition of "principal activity"?
Yes. I'm just saying bringing up spies in this case is a distraction. Unless you have some compelling evidence to say it's spies, it's not spies. Your looking for the exotic when the mundane is far, far more likely.
While there is always some chance of that, I know enough about this particular case to say I don't have any reasonable doubt that the person was in fact guilty.
There have been cases of people who are not law enforcement planting evidence on someone’s computer, then calling law enforcement. Which law enforcement then persues aggressively, of course. Links in sibling comments.
I've watched cop shows and noticed that there are scenes when the DA comes in and chews out the chief of police for doing slipshod work because he doesn't have enough evidence to convict. When the reality is more like a Chappellian "sprinkle some crack on the evidence". Or the cops will just lie on the stand and the jury will take them at their word.
In Ireland we had a huge bruhaha over our Tánaiste (a high up in government) being "terrorized" at a protest in Jobstown.
For weeks, headlines across the country talked about how she was "trapped" in her car "for hours". She was "terrified"! Protesters were brought up on serious criminal charges over this incident of "kidnapping" and "forceful detention".
High ranking police-people testified on the stand that her car was unable to leave the area due to the protesters, for hours.
Then, it came out - leaked on social media - that video footage from multiple angles proved beyond doubt that the incident had been completely overblown.
In fact, she could have left at any time, with plenty of space behind her car. All those police sergeants and the Tánaiste herself were lying out of their teeth.
The response from Irish media was to try and put restrictions on social media. They ignored the story for a while, then a few years later printed stories about her "recalling her trauma" at the protest.
So yeah. This was a high profile incident with an entire country watching - imagine what they do when the accused is 'just some professor or journalist or whatever'.
I think the OP was primarily thinking about placing actual incriminating evidence on an innocent subject to be used to convict them in a court of law. What was done here was stupid but not illegal, and it was done in favour of the subject (basically PR). Also no hacking was involved, just media 'spin'.
It's indeed stupid how the Irish media are obeying the government's spin though.
Fair points, though I'd say lying under oath is illegal even if you're in high office.
You've reminded me about what happened to Maurice McCabe though.
Summing up from memory: he gave detailed evidence about widespread systematic corruption at the highest levels and below in the Irish police.
Shortly after, he was accused of stealing a pedo priest's hard drive from evidence. Accusations, later found completely untrue, were made by a garda of him doing bad things to young people.
Shortly after, a "copy and paste error" in a Tusla (Irish child services) database accused him of molesting a Garda's underage daughter at a birthday party.
After a huge fight involving many years of horrific struggle, multiple Garda Commissioners and a Minister for Justice resigned over the series of incidents. McCabe received a 5 million euro settlement. But for many years, the vast majority of the Irish media refused to touch his story; and even after it all came out they continued to report on it in the most twisted way possible. For example, they never mention, when discussing the "copy paste error", that this was in fact the third attempt to smear McCabe in this way.
The really insidious part is they often aren’t even ‘obeying’ (which implies a directive), it’s often ‘goes along with’ in the hope of getting better access to interesting stories and drama, and selling more papers.
Most popular cop shows running now (like Law and Order) are pure fantasy, propaganda, and wishful thinking. They're made to present a much better version of reality because the real story would turn people's stomachs and lead to a level of unrest and distrust that would help no one in the short term, least of all the police.
And trying to make a show highlighting the dark side of policing would be close to impossible these days. Movie shooting relies a lot on the police for things like crowd and traffic control, and even for using real cops and equipment in some scenes. The police can make it very hard to continue effectively. It's the same story as with the Pentagon and military themed movies [0][1].
Check out "We Own This City" on HBO now, a more modern view of "The Wire". Unfortunately the story is still wrapped in people getting caught and justice being served, but it's a start.
The Wire is a work of fiction. We Own This City is based on a non-fiction book about actual cops convicted for the crimes they committed. They both are set in Baltimore, the same producer is involved, and there are many actors appearing in both series, but the story lines have nothing to do with each other. So not sure about the "modern view".
In principle, yes, xkcd brings up a valid point. And it's not entirely sound. The entire point of hacking is to not have to get your hands dirty, figuratively speaking, and to obtain far more opportunities for exploitation than what might be had by drugging and torturing someone. After all, one could physically beat a single password out of someone to and find that said password has no value, all while putting one's self at risk of being targeted for committing crimes against humanity. If a password obtained through hacking leads to nothing, it's entirely possible no one will ever know you had it or bother coming after you.
And in this particular subject, placing material on stolen physical media carries a greater risk of being traced back to you than if a purely digital exploit was taken advantage of. It comes with less plausible deniability and a greater risk of getting caught in the act IRL.
It would be ""useful"" if the malicious government isn't the one with jurisdiction over the target. Put something on their computer that is illegal in the target's jurisdiction (obvious example: child porn), and "tip off" the relevant authorities.
Yes. Australian federal police arrested Matthew Flannery aka Aush0k in 2013 claiming that he was the "leader of lulzsec". They even held a big press conference about this, but in reality Flannery had been framed and never held any ties to lulzsec.
This happened because a bunch of people had been defacing Australian government websites with messages from "Aush0k, the leader of lulzsec" in order to mess with him.
This wasn't "recorded" because the victim is a very private person; but I was part of a team that caught the prosecution in a little podunk town attempting to either interfere or plant evidence on a server DURING trial.
We absolutely caught them red-handed. Perhaps it could have been made into a bigger issue, but it's kind of like, it's a small town no one cares about -- the judge is obviously one of "them"," and the victim REALLY doesn't want to be caught up in big news stuff, so we're all opting to be quiet about it.
Just to be clear. I don’t mean that Krugman was lying and he was actually downloading child porn and he was trying to cover his tracks. I mean that someone fooled him into thinking that he had been hacked. To make it more clear. There was no indication that Krugman ever had child porn on his computer that either he downloaded or that he was hacked.
A German bank was investigated in 2010 [0] for allegedly planting discriminating evidence on the PC of a manager who they wanted to get rid of. I don't know exactly the outcome of this, but that bank was involved in a lot of scandals at that time.
Officers of Wells Fargo, Credit Suisse, and HSBC all seem to get away with a very great deal.
I had gathered that HSBC, in particular, was (in the past, and maybe still?) the favored financial conduit of CIA projects, making investigating anything there what is called a "career-limiting activity" for any incautious FBI agent.
I think most policemen are "good" (it's complicated) but I still perk up when I see one in my rearview mirror. I used to feel bad about it, thinking that I was paranoid, until I read a tweet that a policeman can kill you without much consequence, and so you have every right to be unsettled.
I say this as someone who's sister was killed by a policeman who ran a red light, but was revived by the paramedics. She had severe brain hemorrhages, lacerated organs, broke her spine in a dozen places, and her pelvis in another dozen, and lost the use of 1/3rd of her brain tissue from blunt trauma. And while she was in a coma, the policeman tried to illegally access her phone, obtain blood and urine samples without a warrant, and more, all in an attempt to frame her. And to top it all off, on the one year anniversary of her surviving, she was served papers in the driveway on our way to dinner for "emotional trauma" and his sprained wrist from the incident. The judge sided with the policeman, despite the tire marks, forensics, and eye witnesses that demonstrated he ran that red light. She was fined her net worth, which included her entire college savings.
She is alive and well, but will never be the same.
This isn't a statement on police or police reform as much as it is an example of systems put in place to protect us (courts, FBI, the internet and its attempt at security) but can with one false swipe destroy everything we've ever worked for or loved. It sounds dramatic, but there are a dozen stories on this thread that demonstrate that.
I'm not sure exactly what I'm trying to say, but it's insane how our social immune system isn't free from autoimmune diseases, where the mechanisms put in place to protect can instantly be flipped by a single bad actor.
The template is like this:
1) Someone plants evidence on your device
2) Investigators are tipped off or find it
3) You get fired, registered as a sex offender, thrown in prison, flee the country, and your reputation is in shambles.
4) the media, rumormill, or even public statements from government, your former employer, university, etc. are distributed like wildfire.
5) it's proven that it wasn't actually you, you were just framed
6) society bears no responsibility in repairing anything it damaged in the process. You're not guaranteed anything, and not only that, scary news travels faster and further than "redaction-based news".
7) you might as well have committed the crime because you faced all the consequences of doing it in the first place.
Yes, you got that all right but left out the cherry on top. Prosecutors will try to make a deal with you for admitting your guilt. As an innocent person your instinct would obviously be to reject any admission of guilt and go to trial, surely the jury will find you innocent? But in that scenario, prosecutors make clear they will seek the maximum penalty, which for possession of CSAM could very possibly be 50+ years in prison. Do you take the risk? After all, technically you are in possession of the material even though you know it wasn’t you who put you there. Who knows what the jury will think. Or do you take the deal and go on with the rest of your life falsely being labeled an admitted, convicted pedophile?
My heart aches for your sister by the way, I hope she can somehow heal.
I can't find the article, but some people don't realize gmail's sent folder can contain incoming messages. (Google insists this is a feature.)
Anyway, people have been fired because a coworker received a forged harassing email, and IT found the message in the true victim's sent box.
Not really hacking, but, unlike every other mail client, GMail BCC (blind carbon copy) displays the BCC list to every recipient. This has caused significant trouble for people too.
Examples: Send carefully worded response to harassing coworker, and BCC HR. Coworker sees the BCC, gets further bent out of shape. Alternatively, sales person BCCs some corporate VP or legal or other person the customer is not supposed to know about.
As they say, if you are not paying, you are the product.
> Not really hacking, but, unlike every other mail client, GMail BCC (blind carbon copy) displays the BCC list to every recipient. This has caused significant trouble for people too.
Do you mean if Smith was in TO field, Tom in CC, John in BCC, all these will be true?
Smith & Tom should be able to see Smith as TO & Tom as CC. Both of them should not see John as BCC.
I remember reading here on HN a story of a US journalist, who was documenting some darkweb stories, one day he found out he was the target on some forum, people were crowdfunding to buy drugs online and deliver to his address, notify police about drug possession. He notified the police first.
You don't need the hacking capabilities of a government, simply transferring files (like child porn) onto someone's computer without them knowing would be trivial to do once an exploit is found on the target's computer - certainly a lot simpler than ransomware which seems pervasive. Surprised it does not happen more often considering how easy it is, or maybe it does, after all who is giving an accused pedophile the benefit of the doubt?
Not quite the false charge but in defense against being falsely charged.
That's why you always boot into a forensic-type OS on CD before examining that USB stick that you found in a parking lot at work.
Also, I caught someone having had forbiddingly inserting a USB stick into a "white lab" PC. Which was a seldom used cybersecurity defensive practice to detect for (USB insertion) back in 2004.
It was a simple matter of a rsyslog plug-in using encrypted tunneling for its syslog messages to a remote log server. (He wryly did say, "I did not see that" and was eventually released on unrelated charges).
It's hard work to do all that because it's multiple layers ... of integrity, reporting integrity, that protects the innocent parties (as well as nabbing the guilt ones).
>With the hacking capabilities of government and organisations, would planting incriminating material on somebody's computer be trivial?
I do believe so. Twenty years ago as an curious teen it was easy for me to penetrate various systems and to dox people. Now the security is better but also the attack vectors and tools evolved.
If we aren't talking about oranizations with good security practices or paranoid individuals, it won't take a large organization to break in a target. A good prepared hacker could do it. Maybe not in a few hours or days, but in some time it is doable if that person is sufficiently knowledgeable and determined.
But we have to ask what for? Nobody is going to hack your personal system without having nothing to gain. And even if he has something to gain, the prior condition is for him to know this.
I can foresee one answer to the question 'why would someone do this?'. It's called a potent cocktail of vengeance and self-destruction. People who self-medicate through harming others are always looking for a way to escalate. Look up the story of UGNazi, and don't skip the ending.
Well, I am one of the many people who theoretically can hack someone's system while not leaving evidences of it, at least not evidences pointing to myself.
I do have people I dislike, and yet I don't hack in their systems to plant false evidences.
If you want to get back at someone, you could just punch them in the face or kick them in the nuts. We live in a world where simple assault results in less serious consequences than hacking.
While I am sure you are competent like most folks on here, I will say this: I have met a good number of people who claim they can "get in and get out un-noticed". In retrospect, I think rarely did they consider the possibilities of observation beyond the actual target system.
My point is this: There is no defense against 0-day/X-day exploits in the wild. But the second best thing against being patched is logging and properly tuned alerting. In my 20-ish years of working in this field I've caught half a dozen attackers/intruders via logs and anomaly alerts. Without those 2nd best things in place the entire network(s) would probably have been compromised.
Some crimes are trivial to commit. Walking away unscathed from committing the crime is far harder than one might think. Consequences are inevitable, one way or another.
People get hacked because of iframes all the time. This is called clickjacking. It's an example of the so-called confused deputy problem. Developers can and should mitigate the issue by setting the X-Frame-Options and Content-Security-Policy headers appropriately.
I think its a ripe vulnerability that is being exploited and the people being framed have no clue what is happening or how to prove they are a victim.
So that also means we don't have proof they are being framed because they haven't been vindicated yet.
Aside from criminal issues, most of this is happening in arbitration and civil courts.
I can give one or two suspect examples that mostly involve ignorance, resulting in the wrong defendant being there, the TV arbitrator finding the defendant absurd, and rewarding the plaintiff. Despite the defendant echoing well known issues in IT and cybersecurity circles.
Seriously? Putin must have also bought off British detectives and a prosecutor.
"Bukovsky, who was expelled from the Soviet Union in 1976, told detectives he had indecent material, the court heard. “He [Bukovsky] responded immediately by saying he did download images and that they would be on the computer in his study,” Carter said.
The police subsequently discovered “a very great deal of material” on two hard drives. It showed some “very young” children up to the ages of 12 and 13. They were “largely but by no means exclusively boys”, the court was told. There were some adults involved.
In an interview, Bukovsky told detectives he had become interested in child abuse images in the 1990s in the context of a debate on the control and censorship of the internet. “He became curious,” Carter said. Bukovsky then looked for and discovered this material online, the prosecutor said.
“Bukovsky said his initial curiosity turned into a hobby, rather like stamp collecting,” Carter said. The dissident continued to download images between 1999 and 2014, and estimated that he had accumulated a collection of “1,500 movies”. His interest varied year by year. The last downloads took place days before his arrest.
“His computer was looking for material constantly,” Carter told the jury. “Mr Bukovsky said in essence he didn’t see what harm he was doing. He said the children in most of the material looked as if they were enjoying themselves.”
The prosecution acknowledged that Bukovsky was a notable Kremlin critic seen as a hero by those who supported “the extension of human rights and democratic reform in Russia”.
“There was unfortunately another side to this man, which was far from laudable: an extensive interest in real children being really abused,” Carter said."
you could probably frame most people by sending them an unlabeled usb stick in the mail with a simple script that copies a file to their hard drive - curiosity often gets the best of us
I could maybe see this working if you have a year or so to do it.
Make it look like a game or something but copy incriminating stuff in the background. Then "tip" the authorities a year later, the person would probably forget all about it.
If it's too soon they might still have the USB stick. No idea if that would pose an issue tho.
I dunno tho. Not a cyber security guy or lawyer, but interesting "problem" to think about, haha.
> If it's too soon they might still have the USB stick. No idea if that would pose an issue tho.
Not really, if you manage to autorun arbitrary code from it (which is more difficult on the latest OSes), you can also make it wipe itself or something. It's hard to completely wipe USB sticks because of write leveling but a few rewrites should do it. Cheap sticks don't have much spare capacity.
In fact if you're really good you can even trick the controller to hide or wipe it somehow. After all you're supplying the hardware so you're in full control of everything.
I guess I'm thinking more on the "how will it be handled by detectives/lawyers/whoever is involved."
I mean, say they found corporate secrets on your computer. You say "no idea how they got here but look at this weird USB." Would they be able to see that a small USB sized package was delivered on the day the victim claimed? Would they even look that far, etc, etc.
Thanks for providing some answers on the technical side though. That's def a thought too. I mean, seems you could be screwed if you're dealing with someone smart if you're being careless.
Yes. An old co-worker in security used to leave them on the floor in the lobby and had to stop when a C-level got mad about falling for it. It rarely didn’t work. The company has mandatory annual security training.
Yes. All the evidence in his case was badly tainted. Doesn't mean he is innocent, but that is what we are supposed to presume in absence of anything reliable.
I fully take your point about damage done, sure, but framing someone is an act of deception. If it is _ultimately_ uncovered, then the deception did not hold.
However, nobody would "frame" someone for deception's sake. There's gotta be an underlying motive. If the deception works to achieve that goal (or even 90% of it) I'd say its pretty successful.
I agree it's a weird gray area though and you're correct that a "perfect framing" would never be found out.
> If the deception works to achieve that goal (or even 90% of it) I'd say its pretty successful.
That is true, but also anyone (With the usual exception of "untouchable" state agencies) who is found out to be framing someone, can expect to be prosecuted, regardless of if their frame was found before the intended damage was done, or after.
> "nobody would frame someone for deception's sake"
What you must have meant is that most people would not.
I have known people who certainly would, even without any antipathy toward the person framed, just because they could. Stir in a trace of resentment, and they would go out of their way to do it.
Maybe you have heard of Alex Jones, Roger Stone, or Steve Bannon? They have ardent fans.
They could do anything else, but chose what they do. They do it because it is what they like doing. Their fans, who get no publicity, admire them for their actual ratfucking activity.
("Ratfucking" here is a technical term in politics.)
It depends on the ultimate goal of the one doing the framing though. If it was to just get someone removed from their position, it doesn't matter if it is later found to have been a case of being framed. It is unlikely the person will be reinstated. So in those cases, the framing was successful.
This is why there are usually legal penalties for framing someone - so that "it does matter".
If someone in a corporate setting gained a position by framing a rival, and it was then found out, there's a "wrongful termination" lawsuit against the company waiting to happen. Why would HR let the culprit continue in that position? Getting fired for malfeasance is IMHO not exactly "success".
This is only a _risk_ not a certainty for the criminal who does it, but being found out does matter.
This type of thing does not necessarily mean that the person doing the framing is going to be the one replacing the job role. It doesn't even have to be done from an employee in the company. It could be done for any number of reasons. Someone from a competitor does it so that their company gets the benefit vs personal benefit. So so many other possibilities.
In these situations, the person that filled the role is not guilty of anything.
> In Wilson’s case, a piece of malware known as NetWire had added 32 files to a folder of the computer’s hard drive, including a letter in which Wilson appeared to be conspiring with a banned Maoist group to assassinate Indian prime minister Narendra Modi.
[1] https://www.washingtonpost.com/world/2021/07/20/indian-activ...
[2] https://www.wired.com/story/modified-elephant-planted-eviden...