Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Cybersecurity and Piracy on the High Seas

Posted by ScuttleMonkey on Fri Apr 18, 2008 01:37 PM
from the not-one-cent-in-tribute dept.
Security The Internet
Schneier points out an interesting article comparing modern cybersecurity to piracy on the high seas in the early 1800s. The article extends the comparison into projected action based on historical context. "Similarly, in many ways, current U.S. policy on the security of electronic commerce is similar to Adams' appeasement approach to the Barbary pirates. The U.S. government's inability to dictate a consistent cyber commerce protection policy is creating a financial burden on the U.S. private sector to maintain a status quo, when those resources could be used to mount a more-effective Internet-focused defense. In the case of financial fraud on the Internet, the costs associated with fraudulent transactions are currently borne by private companies, which then have to pass those costs on to their customers. This basically creates a system in which the financial institutions are paying a type of 'tribute' to the cyber criminals, just as Adams did to the Barbary pirates."
+ -
story
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Cybersecurity and Piracy on the High Seas 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • What do you know? (Score:4, Funny)

    by DrHackenbush (1273982) on Friday April 18 2008, @01:41PM (#23120898)
    Interesting. Government is less effective than private companies. Who would have guessed?
    • Government is less effective than private companies. Who would have guessed?

      Yeah. Look at what a great job private companies (Bear Stearns, Countrywide, Citigroup) did making loans. They were so effective at making loans, the government had to bail them out.

      It's great to criticize government (I'm usually first in line) but when you're comparing something that large to one company, you can't. It's like comparing an oil tanker to a cigarette boat. Who do you think is more nimble?

      • Re: (Score:3, Insightful)

        by maxume (22995)
        Saying the government bailed out all of those companies is a gross and horrible oversimplification.

        People who Bear Stearns owed money to got bailed out. Bear Stearns no longer exists as a company(most of the operations continue to exist under J.P. Morgan).

        Countrywide and Citigroup didn't get anything more than cheap credit from the government.
      • No, the U.S. government gave a line of credit to J.P. Morgan Chase and essentially ordered them to bail them out -- IOW, paying off Bear Stearns' creditors.

      • Re: (Score:3, Informative)

        by DarkOx (621550)

        Yeah. Look at what a great job private companies (Bear Stearns, Countrywide, Citigroup) did making loans. They were so effective at making loans, the government had to bail them out.

        That is the real tragedy of it all the government did not have to bail them out. They chose to at the expense of everyone as well as the future to help at a few people who should have know better. Bear Stearns should have been allowed to fail. The investors should have lost it all. That the game called investing. You can win and sometimes you can lose. Bear Stearns was posting huge profits by investing in risky loans themsevels. This was foolish, lost of people knew it. Lots of people did not get s

    • Interesting. Government is less effective than private companies. Who would have guessed?

      It seems you (and the authors of the article) are missing a key point. Yes, international trade grew on a foundation of international and maritine law, but only after the Marines went in and kicked some Barbary butt. In that sense, government is more effective than private companies. (At least, private companies that don't have their own army and navy.)

      Countries were able to reach peaceful agreements on how they

  • The modern internet piracy dictionary (Score:5, Funny)

    by imyy4u2 (1275398) on Friday April 18 2008, @01:50PM (#23120994)
    Looks like modern pirates would have a lot of words to relearn...

    Hijacking - 1. Taking over a post on Slashdot.

    Terrorism - 1. DOS attack against all the root DNS servers simultaneously. 2. Slashdotting a website.

    "Arrrr..." - 1. Phrase uttered by someone who has just been linked to goatse.cz

    One-Eye - 1. Asshole.

    Pirate Flag - 1. Used to indicate a box has been pwned. 2. Used by Maddox (maddox.xmission.com) as a TM.

    Booty - 1. A woman's butt.

    • Looks like modern pirates would have a lot of words to relearn... One-Eye - 1. Asshole.
      They may already be familiar with this one.

  • Instead of Car Analogies... (Score:4, Funny)

    by amplt1337 (707922) on Friday April 18 2008, @01:50PM (#23120996) Journal
    ...now we have bad boat analogies. Great.

    Looks like the argument is "the government should be more involved in actually doing something." This is undoubtedly true; it's the government's job to set safety standards and to fight crime.

    But really this is just an article that says "Hey, why not have the government fight crime?" with nautical window dressing. The author's better off scuttling the piracy angle.
    • Well, IMHO the worst analogy is even in the summmary. Basically: (A) businesses lose money to fraud, which supposedly is like (B) the government paying tribute to the pirates.

      I mean... Umm, excuse me? They don't look at all similar to me. Just because they share one element, it doesn't automatically make two things similar.

      If it automatically did, we'd have a hell of a lot of ridiculous "similarities" all over the place. E.g., (A) the government still can't stop cars from killing innocent people, (B) Stalin

  • "The Bashaw, ruler of a semi-autonomous Ottoman province, was the leader of the loose confederation that became known as the Barbary States, and he ran an 18th-century version of what we today would call a protection racket."
    So is it the anti malware vendors running the 21st century version of a protection racket?

    Apparently so from TFA, ... either that, or it's just more FUD to encourage government control (read taxation) of the internet.

    • Actually, at the moment, RIGHT NOW, there are botnets that DDOS companies in return for extortion money.

      No, really.
      • So then anti-distributed DoS products and services are the protection racket?

        I don't think "Protection Racket" means what you think it means.

        A protection racket [wikipedia.org] is an extortion scheme whereby a powerful entity or individual coerces other less powerful entities or individuals to pay protection money which allegedly serves to purchase "protection" services against various external threats.

        DDoS is the "external threat". But let's go ahead and talk about "There ought to be a law" in regards to DDoS.

        Who w

        • Because, as long as people pay, the extortionists will continue to attack.

          It's the same for the Mafia today. It's still around. Companies could turn to law enforcement (which has no legal liability if attacks happen on their watch, and cannot promise they'd catch them), could invest millions more in security which still might not stop them (law of diminishing returns, infiltration and inside jobs, etc), or just pay the lousy couple grand every year or so and not get attacked.

          You gotta pick your battles, and I don't know any corporations that have "oh, and, don't deal in protecti

      • Aren't there ways to prepare for/secure from DDOS attacks? Sure, server capabilities taken into account too.

  • You can't have it both ways (Score:5, Interesting)

    by dave562 (969951) on Friday April 18 2008, @01:58PM (#23121096) Journal
    Either the government stays out of regulating and securing the internet or they don't. Which one do you really want? Do you want the government to be responsible for internet security enough to give them free reign to the point where they have control over all content? Or do you want to hold private industry responsible for securing their business transactions?

    I'm of the opinion that the government should be there to hold private industry liable for any breaches of personal data that leads to fraud. If someone steals my credit information and makes purchases with them, the credit card company should be on the hook for not verifying the identity of the person who made the purchase. The merchant should be on the hook for not verifying the identity of the purchaser. The whole system needs to be changed. Instead of giving out free credit, they need to only give credit to those who ask for it. Turn it from a push to a pull system and validate the hell out of the puller.

    On an only semi-related tangant, I'm waiting for the explosion in fraudulant health care claims. The health care cards themselves are simple pieces of paper. It is easy to get a picture idea with your picture and someone else's name on it. With the cost of health care skyrocketting in this country it is only a matter of time before people start getting health services under someone else's name. And I already know what is going to happen... the person whose name got abused is going to be liable for it, not the health providers who okayed the procedure in the first place.

    • I'm of the opinion that the government should be there to hold private industry liable for any breaches of personal data that leads to fraud. If someone steals my credit information and makes purchases with them, the credit card company should be on the hook for not verifying the identity of the person who made the purchase. The merchant should be on the hook for not verifying the identity of the purchaser. The whole system needs to be changed. Instead of giving out free credit, they need to only give credit to those who ask for it. Turn it from a push to a pull system and validate the hell out of the puller.

      Yes! This at least makes sense. Now if only there was some way in which we could get congress to do their jobs and actually regulate something useful instead of declaring that they want to regulate p2p by filename.

  • "Stop breaking into my server, ya' scurvy dog, or ya'll walk the plank! Arrrr!", right?

  • WTF is this guy talking about? (Score:5, Insightful)

    by TubeSteak (669689) on Friday April 18 2008, @01:59PM (#23121116) Journal

    We can go back to the example of how this strategy can be a success by looking at U.S. efforts on the illegal drug trade's supply lines across the Caribbean. The harassment, search and seizure activities effectively raised the cost of transporting illegal drugs, thereby forcing many drug cartels to build more-expensive transportation networks, and in some cases forcing criminals out of the market altogether.
    The US War on Drugs has led to lower prices and higher purity of the product being smuggled into the country.

    The rest of this article is full of similar crap ideas and analogies.

    Aaron Turner, who manages security technology transfer and commercialization for the Idaho National Laboratory, previously worked in several of Microsoft's security divisions.
    Oh. I see.
    I guess it's easier to create an international body to oversee the internet than get Microsoft to put out a secure product.

    • The US War on Drugs has led to lower prices and higher purity of the product being smuggled into the country.
      I would *love* to see the logic behind that one. I'm sure you have no citation because it doesn't make any sense.

      Did the street price of booze go up or down during Prohibition? I'm betting up.

    • Re:WTF is this guy talking about? (Score:4, Interesting)

      by RiotingPacifist (1228016) on Friday April 18 2008, @02:34PM (#23121546)

      The US War on Drugs has led to lower prices and higher purity of the product being smuggled into the country.
      Nice choice of words, the real question is weather what gets sold is higher or lower purity, id guess that if the stuff is higher purity it just means local dealers cut it with more shit.

      And whoever decided to call tenager who were thinking of copying music pirates, sould realise 2 thing:
      1) You cant copy a bar of gold only take it, so the analogy is as fundamentally flawed as all those Wifi analogies!
      2) Pirates are cool
      Infact who ever made pirates of the carabian really shot themselves in the foot with regards to piracy "Come watch our film, because pirates are cool. NOOO! dont copy it pirates are bad!"

  • His analogy of credit card fraud to piracy just hogwash. Credit card fraud typically doesn't occur by ISP's snooping on internet traffic because that is just too dangerous to the ISP's business and reputation. It's just easier to crack open someones database to harvest the numbers.

    His analogy works far better when talking about Net Neutrality. You could say that ISPs are charging tribute based on packet type. The closest you could get is if a foreign country started blocking traffic to Amazon, or if say
  • Solving the problem of internet security is amazingly trivial in the US. Offer bounties and encourage supervised (logged?) domestic attacks.

    The only reason I can imagine for the US government to discourage or jail our millions of ambitious hackers instead of enlisting them is that they don't want the holes found. Either that or arrogance and stupidity on such a massive scale that I can't actually picture it.

    Hmm, but then it is the US government we're talking about. Never mind.

    This game sucks.
  • Don't let W. hear this. Next thing you know we'll be sending the Internet Marines to invade Romania.

  • As History Shows (Score:3, Informative)

    by Stormcrow309 (590240) on Friday April 18 2008, @02:21PM (#23121372) Homepage Journal

    Hell, lets resolve this like they did back then. Give me an unit of marines, a naval squadron, and three times as many mercenaries. I will just shoot the hackers. Sing the song be damed, we'll just shoot them in the head.

  • The Barbary pirates were a direct extension of national power using very high value strategic assets. While Cybersecurity attacks may come from nations they can just as easily come from criminal, religious, political groups, or even from a single person. The biggest difference is that the cost of many multiple is very low while military ships is very high. It is hard to make war on fanatics in 3rd world basement or crooks in cybercafes.
  • Why is it easy for me to get a new credit line of some sort? I should have to go into a bank with at least two forms of state ID, and fill out the paperwork in front of an employee of the bank instead of being able to just mail out a form with no ID other than a SSN and a wink.

    The financial institutions need this easy ability to shove credit down people's throats because the cost of doing it right isn't nearly as profitable. However, it is a lot safer and would solve a lot of the problems that banks have wi
  • If they compare it to real piracy, in the same way they can compare to any stealing, railway robberies in US in XIX century, bank robbing...

    Pathetic idiotic idiots soaked in their idiocy.

    The concept of intellectual property exists since middle ages, when craftsmen corporations were guarding their technological secrets. That would be better, but still utterly useless train of analogy.

    There is nothing comparable in the technological ease with which modern digitized intellectual property is stolen. Absolutely
  • The word's trite & wrong. Whoever uses that should be treated with scorn & beaten about the head and shoulders.

  • Rudyard Kipling covered this already [newcastle.edu.au]. Why don't they learn?

    • Re: (Score:3, Insightful)

      by thygrrr (765730)
      Err, it's not about software piracy.

      • Software "piracy", entertainment "piracy", phishing ... the author is obviously conflating these things under the banner of IP and suggesting that there's an economic argument similar to one raised when the US was a free republic. The differences are glaring and obvious:

        • This is an attack on US Citizen rights to share and conduct commerce in a free way.
        • There is little common economic interest because the victims are media and software monopolies and users of their products.
        • The fight against industrial e
    • the "Barbary Pirates" were actually privateers and muslim terrorists.

      The response the US got back from the Barbary ambassador was that their taking captive sailors and forcing them to either convert or be killed was "founded on the Laws of their Prophet, that it was written in their Quran, that all nations who should not have acknowledged their authority were sinners, that it was their right and duty to make war upon them wherever they could be found, and to make slaves of all they could take as Prisoners,

      • Re:Oddly enough... (Score:5, Informative)

        by CRCulver (715279) <crculver@christopherculver.com> on Friday April 18 2008, @01:52PM (#23121014) Homepage
        While the religious basis of the Barbary pirates' acts is contentious (as is Washington's supposed insistence that the U.S. is a specifically Christian nation), I'd highly recommend reading up about the Barbary Wars in London's Victory in Tripoli [amazon.com] . Most Americans don't learn much about these skirmishes in school, since the usual course is just to skip from the American Revolution straight to the War of 1812 when covering wars. That's a pity, because the fight against the Barbary pirates was a big part of shaping the U.S. military into what it is today. It's not for nothing that the Marine's song references the shores of Tripoli (the Halls of Montezuma line is also a sadly forgotten episode).

        • Re:Oddly enough... (Score:4, Interesting)

          by WaltBusterkeys (1156557) * on Friday April 18 2008, @02:52PM (#23121748)
          Most Americans don't learn much about these skirmishes in school . . . . That's a pity, because the fight against the Barbary pirates was a big part of shaping the U.S. military into what it is today.

          There's just not enough time in most school history classes to teach the kids something meaningful about all of the very major wars (Revolution, Civil War, WWI, WWII, Vietnam) that even some of the medium-sized wars (French and Indian, 1812, Korea) get short shrift. It's not a coincidence that Korea is called the "forgotten war." It'd be great if every high school kid had as much curiosity and interest about history as you clearly do, but it's just not the case. One survey, admittedly not very scientific, found that 57% of high school students didn't know that the Civil War was in the last half of the 19th century [cbsnews.com].

          That's pretty bad. I'd much rather fix that than worry about teaching them about Barbary pirates. Maybe the right solution is more edu-tainment programming; it seems that your lesson to be taken from the Barbaray pirates is not dates and places, but more of a zeitgeist about the forces that were acting on the US in the early days. Some of that can be captured in a good period piece--think Pirates of the Caribbean, except not entirely fictionalized.

          Similarly, it looks some somebody has already made silly videos about " protecting web booty" [reputation...erblog.com] to riff on the pirate/cybersecurity theme.

          • Re: (Score:3, Interesting)

            by SydShamino (547793)

            There's just not enough time in most school history classes to teach the kids something meaningful about all of the very major wars (Revolution, Civil War, WWI, WWII, Vietnam) that even some of the medium-sized wars (French and Indian, 1812, Korea) get short shrift.

            Why are we concentrating on the wars at all? What about the things that shaped our country's history between the wars?

            My wife has been reading a 1930s high school U.S. history textbook, and has been fascinated by the descriptions of interpersonal relationships between various politicians at different stages in the country's history. The period between the War of 1812 and the Civil War in a modern text usually merits a page or two about Andrew Jackson, then the build-up to the war in terms of slavery and

            • I'm not saying you need to know the names of the generals, but there's no doubt that the Civil War shaped America, or that WWII did just as much: Mass higher education started as a result of the government's GI bill program that was designed to give a useful task to soldiers returning from the field of battles; suburbia started when the soldiers started families; the baby boom generation is the echo of WWII; nuclear power came about faster because of the war effort, etc. It's not that war is itself import

                • Re: (Score:3, Interesting)

                  by khallow (566160)

                  Well, hard to say. First, whether the Vietnam War was "frivilous" is a matter of opinion. It's cast as such. As I see it, the US did have legitimate concerns about the so-called "domino effect", namely that if communism (as practiced by the USSR and China at the time) could establish itself in Vietnam, then neighboring countries would be destabilized as well. A better approach would have been to enable Vietnam to be sufficiently independent of China, like Yugoslavia was from the USSR. That probably would ha

        • Re:Oddly enough... (Score:5, Funny)

          by Zadaz (950521) on Friday April 18 2008, @03:03PM (#23121858)
          At my school we got halfway through the American Revolution, then went straight to the summer break. When we came back in the fall we were studying WWII, leaving me to infer that the colonies had won independence.

          I didn't even know there was an American civil war until I visited the south, where I found out it's still being fought.
      • Thats both interesting, and hilarious, thanks!
      • It is an anachronism to use the term "muslim terrorists" to refer to criminals of the early 19th century engaged in piracy for profit. Whether you think American and European policy in the Middle East over the last century has been right or wrong, it is fairly safe to say that "muslim terrorism" over the past few decades has been a consequence of those policies. It is a phenomenon of the 20th and 21st centuries.

        When you look at the historical record over many centuries, it's hard to say whether Muslims or

        • Re: (Score:3, Insightful)

          by Moryath (553296)
          Muslims who kidnap people and either kill them, or enslave them, unless they convert?

          I'd call that terrorism. Fully Koranic-supported terrorism, btw.

          • Re: (Score:2, Informative)

            by kurisuto (165784)
            However you define the word "terrorism", I think you should be consistent in applying it to anyone guilty of whatever act you're referring to, and not just to Muslims who are guilty of that act.

            If by "terrorist" you mean someone who forces you to convert to his religion under threat of death or enslavement, then there are plenty of historical examples of "Christian terrorists" as in history well. Forcible conversion is hardly a uniquely Muslim phenomenon.

        • Mod Parent UP (Score:4, Insightful)

          by postbigbang (761081) on Friday April 18 2008, @03:00PM (#23121832)
          Very few political entities are bereft of terrorism. Schier once again makes numerous mistakes in pointing to the culpable. The culpable are: all of us, ranging from users teaching users, to ISPs, to the website owners, to the makers of protocols with holes like Swiss cheese (and apologies to the Swiss). It could be fixed, but no one wants to claim the nexus of responsibility.

          The terrorism label is a red herring, great for propaganda and useless war mongering. No one doubts the existence of many organizations that will murder, some en masse, in the name of their cause.
    • Yes, and it's all created by virtual people who are happy to spend their professional lives working for virtually nothing.

      • Yeah I know - I'm one of them, but people that get all pissy about the "security of the internet" and stuff just gals the hell out of me!

        What would they like to do, have a big central server to send everything through? good luck with that.

        The best they could do would be to have the seller create a signed pgp receipt of the sale which would be sent to the buyer and would be counter signed with their pgp key, which could be then sent to the bank directly which could then verify their customer pgp key agai

        • What would they like to do, have a big central server to send everything through?

          How about a giant Linksys router in an underground bunker in New Mexico?

    • And as the old saying says...

      Say no to Piracy! Don't steal ships.

    • A pirate cannot sit in one country and commit his deeds in another country, far away from his physical location.

      The three mile limit was created because that was essentially the maximum range of cannon at the time: A shore battery could only hit something within that range, so that's how far the countries could claim their territory extended.

      The cannon on pirate craft had an only slightly lesser range. A pirate, raiding a town, could bombard it from a couple miles out.

      Modern alalogical "pirates", shouting

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.