[Cryptography] Encryption opinion

[Dave Horsfall]

On Tue, 26 Aug 2014, dan at geer.org wrote:

> As a side note, the state of Massachusetts has just moved to toll roads 
> without toll takers, using license plate cameras instead to send you a 
> bill for a few dollars.  I've not been on any of those roads, but I've 
> gotten three e-mailed bills in the last two weeks that to the 
> unskeptical eye look fully legitimate, [...]

I get those all the time, but...  I've never driven in America (they drive 
on the wr^Wother side of the road), and I haven't had a car for two years.

One day I'll inspect the .zip payload, out of morbid curiosity.

> [...] which also indicates that the phishers know that my geolocation 
> makes driving such roads plausible.

Err, are you saying that you have a tracking device fitted?  And that the 
black-hats can monitor it?  In the interest of completeness, there are 
such things that can jam them (and thus used by wayward truck drivers 
etc), but they play merry hell with emergency services, airport WAAS, etc, 
and use of such will get you a knock on the door.

Meanwhile, back in the land of authentication etc, Australian toll-roads 
report the road, gate and the time on the statement.

Trivia: a boss of mine got himself a wireless mouse for his Xterm, and it 
was really neat.  Then, one day, the cursor decided to move around all by 
itself (and had I not seen it with my own eyes, I would not have believed 
him).

We concluded that the bod in the room on the other side of the wall (a 
different company in a block of renovated warehouses) had the same system, 
and was carefully filling out an Excel sheet (we never got to see the 
data).

Depending upon the gauge of one's tin-foil hat, that's certainly an 
information leak.

-- Dave