[woodruffw]

This is more or less what I learned when I worked on forensics software, the kind that was supposed to maintain this kind of chain of custody/integrity. Like most things that touch the legal system, the presumption is that dishonesty or unsoundness in the chain of custody is fundamentally a legal problem with legal recourses, not something that can be solved with math.

[graypegg]

I quite like the licensing trick Nintendo used on the gameboy as an example of this. [0]

Essentially, the gameboy expected a bitmap of the Nintendo logo to be present on the cartridge rom, and was shown on screen at boot. It had to match a version stored on the gameboy itself or else the game wouldn’t start.

The thinking (that I’m not sure was ever tested) was that someone producing a game that tried to trick consumers into thinking it was an official Nintendo product, would be liable for damages in a trademark lawsuit. Since the game would never start without an official Nintendo logo, the hope was to make the legal system enforce Nintendo’s licensing scheme.

[0] https://catskull.net/gameboy-boot-screen-logo.html

[bentley]

The thinking was tested (in U.S. jurisdiction) in Sega v. Accolade. https://en.wikipedia.org/wiki/Sega_v._Accolade

The court sensibly ruled that using technical means to force competitors to display your trademark against their will doesn’t mean you can then claim they’re infringing that trademark.

[pcwalton]

Apple tried this too with Dont Steal Mac OS X.kext, which uses a haiku with a copyright message as the key to decrypt certain executables like the Finder. I don't think it had any real-world impact.

[kevin_thibedeau]

Pretty rich considering their history with sosumi.

[radarsat1]

Also reminds me of MODULE_LICENSE and EXPORT_SYMBOL_GPL in the Linux kernel.

https://www.kernel.org/doc/html/latest/process/license-rules...

[DannyBee]

Right. If you don't have access to the original system (whether it's the thing that stored the emails or a computer with evidence on it), just an image, the hash doesn't matter anyway. They can just put fake data in the evidence vault system to begin with.

If you do have access to the original system, md5 is usually not the thing in the way of falsifying evidence.

most of the time they will claim, the evidence does not exist at all, rather than try to falsify it.

falsification requires making lots of things that makes sense historically, and humans to swear to them.

you also often have to falsify more than one system in a consistent way.

you have to do all of these things in a way that the forensic specialist is not going to think that everything looks really weird