Although you can convert a PDF to Word and back in a few clicks, the layout won't match perfectly (depending on how the PDF was generated). If you're trying to forge a PDF document, you want it to look exactly the same as the original, which probably requires some fiddling with formatting. So it's not unreasonable to delegate that to a trusted henchman.
The correct solution is to use a paid version of Adobe Acrobat, which will let you do minor revisions to text. Bet he's wishing he shelled out that $150 or so now.
Many software packages let you edit PDFs directly without ever converting it out of PDF; uncompressed PDFs can even be edited as text (and if there's no encryption, decompressing a compressed PDF is a simple task).
But usually if you want complete control, without weird artifacts here and there, the easiest way is to completely recreate the document from scratch (depending on length and complexity of the original).
The people you're sending the doctored version to, by definition don't have access to the original (or they would spot the fake), and usually can't compare the doctored version to a similar original document, and even if they could, probably won't.
They want a document; you give them something that sort of looks like what they're expecting, and they're happy.
Why would a criminal not just pirate the software? Wouldn’t even have had to spend those $150 then. (PS I am not encouraging software piracy in general - just saying why would a criminal care?) (PPS there are some cases where piracy is ok and it is not all negative, let your moral compass guide you.)
When you're doing seven-figure crime, a three-figure piece of software is not even a footnote worth worrying about, and bear in mind, successful software piracy requires some manner of technical proficiency, which obviously, he does not have.
(In a general sense, criminals should probably stay legit where possible, if you're stealing millions of dollars of art from a museum, you wouldn't want to get pinched because you got caught stealing a candy bar from the convenience store a block over.)
Software piracy doesn't require a lot of skill anymore.
If I were, hypothetically, someone who used pirated software in the past and checked the state of the business recently, I would know that recent releases are basically a "Run this .exe File" and it would install all necessary dependencies, the software in question and patch the cracks in.
Common misconception is also malware, you usually only get that when you google "<insert software name here> crack" and click on the first link without thinking. There are plenty of reputable sources on the internet which distribute malware free cracks and will punish offenders of this rule (of course, I wouldn't know anything about such sites).
PS: If the above hypothetical situation were true, I'd be paying for my software now, it would have been mostly due to lack of monetary sources.
Well I mean he had a loss of $600,000. You are right that he probably wouldn’t have been able to figure out how to apply a crack though, let alone find a pirated version in the first place.
Or use the free, open source Inkscape software, which will also let you do minor revisions to text. Note that the 'minor' restriction in both is that you don't really get re-flowing of your entire document, just the individual text blocks. If you want it to be really easy, you need to edit the source document from which the PDF was generated.
If a lender never saw the original document, it's likely that they might not notice a misformatted PDF as evidence of collateral.
Ultimately, for loans like this they shouldn't take evidence of collateral from an individual, or they should require that it be certified by notaries/other auditors/etc.
> The FBI is 100% wrong that they're going dark; it's really the golden age of surveillance, and the FBI's panic is really just its own lack of technical sophistication.
Does it even have to be lack of technical sophistication?
No matter how good the FBI is at doing its job it will almost always be better for it to argue in favor of whatever will make its job easier.
Exception: If FBI ends up giving everyone the impression that they are truly incompetent then there should be no reason for the public to want tax payer money to fund its continued operation.
Yup; pretty much any top executive at a public company actually. E-mail is only used in those instances where you want a paper trail.
With the personal liability placed on executives under SOX, many simply do it out of personal protection. One of the unintended consequences of SOX that has ironically lead to less transparency.
Keep your email entirely in a jurisdiction that doesn't cooperate with your country's law enforcement. I can think of three off the top of my head. Sensitive topics are only discussed with someone located in the same domain as you.
Quite easy to avoid criminal charges when your email is out of reach of a subpoena.
In practical terms it is impossible to keep your email in a particular jurisdiction. The proposal gives you no way to ensure it. And any steps you might take only serve to reduce everything that makes email useful.
You are safer just not using it and will probably have a better user experience as well.
Remarkably, it was less than 30 minutes before some troll posted a comment on Schneier's post, trying to change the topic from Paul Manafort by ranting about Hillary Clinton's irrelevant misdeeds.
Correct me if i'm wrong but while this blog seems creditable and by a good author it isn't "huge" in any sense which makes it even more confusing that someone shows up that fast to comment on topics relating to Manafort and Gates.
Comment is deleted now sadly but it basically stated that "the US needs to investigate HILLARIOUS CLINTON" etc etc, completely unrelated to the content of the article.
Schneier's blog is a regularly visited blog for many in the security space. With HN linking to a page on this blog, it's very possibl that page will have uncorrelated comments that are not security related.
And given the prevalence of Russians associated with the government in the security space (to be fair--a lot of security people are associated with their own governments), I suspect that it has a tight feedback loop with the troll factories.
While that was a wildly off topic flamebait troll, if you boil down the facts of that post I agree. Of the emails I did read, there was some scandolous stuff. She did (or someone did) delete the emails. She also used a non-secure & unsupported device. I don't know about the trolls claim about several or more "lost" devices.
So while it was off topic and pbvious trolling, Hillary was (in my eyes) doing some nefarious shit.
So was Manafort, Trump and many many others. There is scumbaggery widespread accross the isle.
Just like the secretary of state before her and the secretary of state before her and pretty much the entire current administration. Was it stupid? Yes. Should she be locked up? Only if you lock up everybody else.
The whole thing was a nothingburger trumped up because she, like Obama, was too scandal-free; and the press needed something to talk about to keep stories "balanced" when her opponent had a new scandal every day.
While the email exchange certainly didn’t help things, the feds could have easily uncovered this anyway by looking at the data given to the bank and comparing it to his actual income. It’s possible that they only discovered this because of the emails, but whether or not that happened isn’t clear.
My guess is that issuing subpoenas for loan application data of a given target is standard practice among federal prosecutors when looking to destroy or pressure someone in cases where there is little evidence of the crime that actually sparked the investigation. They fire a shotgun and watch to see which pellets hit. Income inflation is one of the most common types of fraud perpetrated by consumers - even innocently overstating one’s income by rounding up ($100k stated vs $95k actual) on an online credit card application can technically lead to felony charges like this. So it’s at least possible that they discovered the crime at issue here through subpoenaed loan documents, and the emails only provided additional evidence. Once you’re on the government’s shit list, it’s only a matter of time before they find something that you may not even know you did that is technically a crime.
I dunno, I think conflating adding a minor $3.5m to your income and rounding $95k up to $100k is silly. And lying about your income by $3.5m or so is not a minor detail, that's serious fraud substantiated by forged documents.
That would probably be prosecuted as perjury instead of fraud, but it’s a felony regardless. Fraud generally requires an element of actual or attempted pecuniary gain, and understating income would likely make that element difficult to prove. However, perjury covers any false statement made under penalty of perjury (which many credit applications are). It could be prosecuted as fraud if you attempted to use the understated income in order to avoid/minimize collection activity or negotiate a favorable write-down of a debt etc.
Yes, understating your income when reporting it to the IRS (for taxes) is fraud.
However the situations being discussed are credit/loan applications. Since understating your income in that application doesn't generally provide any material benefit, there would be no "element of actual or attempted pecuniary gain"
Well, sure. And so do fraudulent loan applications. But unlike them, email can be secured. IP addresses can be hidden using VPNs plus Tor. Identities can be hidden with unlinked personas. Messages can be encrypted in transit, and stored on encrypted disks.
So yeah, focusing on the email trail is silly. When the fact of the fraud is sitting in banking records. And furthermore, having a conspirator who knows the whole story is a huge fail.
Nobody thinks that. It's just a smug implication from the title of a blog post.
To quote user gscott from another thread,
Even though Manafort was associated with foreign government
figures it took being associated with the U.S President to
be investigated. It didn't matter before... having a paper
trail was ok, no one cared.[1]
You can't commit a crime without leaving behind evidence. Ultimately it's a matter of managing risk and reward.
Heck, even if you've never committed a crime nor even intend to a commit a crime, you have to manage the risk of being wrongly accused and even convicted. Any man in the U.S., and especially any non-white man, should understand that.
Schneier certainly understands that, as he's long championed the application of economic analysis to IT security. In fairness, I don't think Scheier was being smug, and he closes his post with an argument regarding disingenuous FBI claims. Now the bored Twitter lawyer cited by the Slate article Schneier cited....
The measures you need to take to actually be secure are impossible for the powerful to take on their own volition because they do not understand how insecure everything really is. They'll take shortcuts.
Clinton wanted a Blackberry so she set up a email server in her garage. She didn't understand why the NSA didn't want to make her a Blackberry like they made for POTUS at great cost so she broke the rules and she got nailed. A shit ton of work goes into just keeping one person (mostly) cyber secure.
In "Liars and Outliers" Schneier argues that perfect security (in the form of perfect compliance with all societal rules and norms) isn't the sort of society most people would want to live in, and that some degree of disobedience is unavoidable and occasionally desirable in a free society.
Not that Schneier is condoning what Manafort did here. Rather, I think the implication is that if you are doing something that runs contrary to what those who control the levers of power in society would want and you don't want to leave a record of what you're doing, you shouldn't use email. Or even if you're not doing anything suspicious but just want some privacy.
While I agree that as practiced capitalism is far from strictly meritocratic (and even in general think that any kind meritocracy is harder to achieve than many of its proponents seem to have thought about)... I don't think fuzzy conceptions of how email or other technologies necessarily refute it. Merit can be domain specific (in fact, specialized merit pretty deeply underlies most of our socioeconomic system at this point).
Only if you 'reset' it every year. Eventually particular companies become big enough that they hard to compete against (e.g. they can artificially depress prices until their competition goes out of business) and bribe governments etc etc
It's a mixed bag, about half & half on the turnover part.
GE, IBM, Sears, Alcoa, AT&T, GM, Ford, Xerox, Kodak, US Steel. Nobody seriously thinks of these companies as dominate giants today. Kodak and Sears are dead. Alcoa & US Steel are barely surviving in the era of Chinese production. Walmart is still holding on (with several straight years of contracting profits now), we'll see how they do the next ten years as Amazon's growth starts cutting into the muscle.
A lot of people think the newer power group is exclusive to tech companies. However, Home Depot, as an example, was a far smaller company 10 and 20 years ago. Today it's worth $220 billion (with sales & profit that largely justify that).
Disney is thought of as a conquering media juggernaut today. ~15 years ago it was worth $23 billion and its business was in disarray.
20 years ago Amgen was a barely a speck on Pfizer's wall. Gilead today is worth 100 times what it was 20 years ago. The same is conceptually true of Genzyme, Biogen and Celgene.
Just ten years ago Netflix - which is part media company, part tech company - was worth less than two billion dollars. In the meantime it has blatantly surpassed companies like Fox, CBS, NBC, Viacom, etc. in the media game.
20 years ago 3M was a small shadow of GE, worth about 10% of what GE was. Now it's worth more than GE, with a 6x increase in valuation in that time.
Boeing is thought of as a perpetual industrial titan. Not so however. As recently as 2003 it was worth a mere $15 billion.
United Technologies is worth ten times what it was in the mid 1990s.
Procter & Gamble was a sleepy, almost comatose, consumer goods company in the early 1990s.
Johnson & Johnson was a far smaller, rather dusty company as recently as 1994, worth about ~$25 billion. Now it's worth $354 billion.
From an ordinary person point of view, what does it matter if it's the same megacorp or a new megacorp? If it's ATT or Comcast? So many things are part of huge conglomerates that I really don't think many of the theoretical advantages of capitalism end up manifesting.
Given that the first major email scandal was Iran-Contra, it would make more sense for the folks who got hacked to have learned something from the long history of email scandals than the other way around.
Be glad the current administration don't know technology better, as this undoubtedly will be a main part of their downfall.
I am sure that not only emailing that file back and forward would have been sufficient to prove anything if the email-trails were deleted, however i suspect these emails were all still in Paul's inbox when the fed's ceased his computers.
So when does Trumps impeachment start? Need to get my popcorns ready.
Although you can convert a PDF to Word and back in a few clicks, the layout won't match perfectly (depending on how the PDF was generated). If you're trying to forge a PDF document, you want it to look exactly the same as the original, which probably requires some fiddling with formatting. So it's not unreasonable to delegate that to a trusted henchman.