*OTP isn't much of a barrier. SMS would've increased the cost a little more. Both easily automated. I know retailers are trying to fight the tide, but they're going to need more than teacups.
The source is in your own link. Also note, the person you replied to went on to emphasize 'consumer' in a followup comment, which I think makes the point much more salient.
[1]: "On Ubuntu, all pre-built binaries intended to be loaded as part of the boot process, with the exception of the initrd image, are signed by Canonical's UEFI certificate, which itself is implicitly trusted by being embedded in the shim loader, itself signed by Microsoft.
On architectures or systems where pre-loaded signing certificates from Microsoft are not available or loaded in firmware, users may replace the existing signatures on shim or grub and load them as they wish, verifying against their own certificates imported in the system's firmware."
> Purchasing within the country is more secure unless you assume all devices sold within the country are compromised and monitored in real-time which seems unfeasible.
One preinstalled mitm cert, or sketch CA, is within the realm of feasibility.
An MITM cert or compromised CA used to spy on the entire country would require the adversary to be able to capture, store, process and search through all that traffic in near-real-time. Sounds pretty much impossible both from a infrastructure as well as manpower point of view.
> An irrefutable cryptographic timestamp is just that, irrefutable.
In math, sure, but he specifically asked about a court of law. Irrefutable in math doesn't mean admissible in court. Then there's the 1, 6, 12, or however many random people that decide the case; they likely need the math explained to them, and two sides get turns convincing them the other is wrong.
There was a case in Australia 10 or so years back, where MD5 sums were added to police speed camera photos. This was before MD5 vulnerabilities were well known.
The defence successfully argued that MD5 was not totally reliable -- even though the chance of it being faked was absolutely tiny.
The real irony was that without the MD5, the photos would probably have been accepted just on the police assertion of chain of custody.
(I've been looking for this news story but unfortunately I can't find it at the moment)
Thanks for the link- exactly the sort of thing that I was looking for in feedback. I'm aware it's conjecture, but do you think this sort of precedence would be useful in airing doubts about the trustworthiness of an Ed25519 signature in court? Do you think the wording on the site is problematic in regards to this, or would you have any thoughts on how concerns about this would be best communicated?
History is full of sentiments like that, from power structures that were never able to stop subversion. The game itself is perpetual, so there's always another turn coming.
> If they can build Dyson spheres, wouldn't they already be all over the place?
I figure they'd have to be.
They'd need more than a solar system's worth of raw resources to build the sphere. They may need more than a solar system's worth of resources just to build the tools and craft to be able to build the sphere. They're going to need an insane amount of production facilities for various components, and that's going to take a massive amount of resources. That's going to require exploring quite a bit of a galaxy.
If we're talking about the Gold Box series; were those long development times?
7-ish games in 4ish years doesn't seem too bad, and the the engine evolved with each game.