F-Secure Calls For "Internetpol" To Fight Crimeware 114
KingofGnG points out F-Secure's Q3 2008 security summary, in which its Chief Research Officer Mikko Hypponen proposes establishing an "Internetpol," an international organization empowered to target and root out cybercrime anywhere in the world. Hypponen gives examples of why such a supernational force is needed — and these are not hard to find — but provides few details about how such an outfit could get started or how it would work. He does mention the wrinkle that in some countries malware writing, cracking, spamming, and phishing are not illegal or not prosecuted. Is an Internetpol even possible, let alone practical?
What kind of crime would it fight? (Score:5, Insightful)
I can see some use for this, but I fear like most things it would go after political dissidents and copyright infringers rather than actual criminals. Generally speaking I don't want the government to have /more/ power.
Re: (Score:1, Redundant)
THIS!
Re: (Score:2, Interesting)
You forget that this wouldn't be "a government". For it to function you'd have to have cooperation with ALL governments around the world. And while it's just fine and dandy and even desirable for the US to have this kind of no-borders-drawn approach, it would be give-and-take. Meaning if the other countries can't refuse demands made by the US to turn over citizens or whatever, then the US wouldn't be able to turn down it for other countries.
Of course they would always claim "sorry it's against our constitut
Re: (Score:3, Interesting)
Cooperation isn't required. All they need is common ground to allow common ideas through. The common ideas are what is best for people in power and how to maintain power over the people they rule over.
All governments around the world have hierarchical power structures. People who go into political power seek power over other people, in other words, they seek to dictate terms to other people. Seeking to dictate term
Re:What kind of crime would it fight? (Score:5, Insightful)
Whats wrong with simply using Interpol to fight cyber crime? As I understand it Interpol is mostly a co-ordination and information sharing organization used by local police forces to tackle crimes that exceed national boarders. Isn't that exactly what is needed?
Come to think of it, Interpol IS used to target these kinds of crime if all governments involved thinks it is evil. Online child porn for example - and from what we hear on the news, this is kind of successful, with arrests and convictions internationally, so whats the problem?
Perhaps the intention is to target "crimes" in a country where it isn't a crime, and the local government is not very sympathetic. An "international organization empowered to target and root out cybercrime" could well shut down Pirate Bay for example.
Re: (Score:1)
Re:What kind of crime would it fight? (Score:5, Insightful)
I share the feeling, but I'm sick and tired of receiving all the attempts to socially engineer their way into my bank account or similar, or get me to click on some malware, and no matter how obvious these things are, sooner or later they work ( How often have you clicked on "yes" instead of "no" just to make the stupid window go away, or had a poppup pop up just under where you're about to click?)
They don't need an internetpol - they just need the police.
The problem is that the police don't like dealing with it. It's too hard to understand and they don't get paid enough and they have to deal with stupid paperwork anyway because some kid got caught painting logos on someone's wall, and now some idiot computer user is calling saying "My bank account is being hacked, help me" and the poor cop can't even cope with getting his own email to work, let alone working out how to reverse engineer some genius hacker's work to help some lady who talks like she's on crack and doesn't know why her bank account is empty... And it's the fifth time this morning...
So to fix it, the police department need to get serious about computer crime and just simply establish a department that can deal with it... And keep them separate to fix the issue, and not be a part of the group that deals with local computer crime, etc.
Just one person per state who understands technology at a basic level (eg, like most people who read this forum) is enough.
And then this one person can spend some time networking with cops from around the world (heck, send them to some junket in a hotel once a year so they can meet all the others... Maybe blackhat or something) and then knows how to apply the laws correctly and how to go after these people...
And THEN the problem starts to get fixed.
Ranting aside, I know how the situation works. I've been on the prosecuting end of several cases, in which I did the legwork. I tracked down the evidence, and prepared a one-page brief for the police involved, including details on the exact crime committed, the evidence, who has the evidence and the phone numner to call to get it.
If you give the police a target they can understand, they usually are more than willing to take the case on.
When I last did that, they even sent a raiding party and siezed the guy, his computer and everything else within hours of my sending the details. They had a written confession out of him within two hours!
Most people who are still feeling the umbrage of having been owned don't understand this and it's not suprising the police don't want to help, especially when they don't know where to start.
My experience is that the existing laws are usually sufficient. It's the will and knowledge to implement them that are lacking.
GrpA
Re:What kind of crime would it fight? (Score:5, Informative)
No, 'the police' really can't deal with a lot of it. As soon as it crosses city lines, your local police won't touch it. As soon as it crosses state lines, it gets handed off to the FBI, who seem simply unable and unwilling to prosecute anything below a massive threshold, and seem chronically unable to charge people with the crimes they actually did commit, and tries to leverage people as 'informants' to get the 'big fish'. So they accomplish nearly nothing. Wire fraud should really be the Secret Service's jurisdiction, but they're less interested than the FBI. And when it goes international, as many of the phishing frauds do even if they're actually run from the US, then none of them will touch it.
So what it takes is an agency _willing_ to prosecute. The Secret Service could legally take on a lot of it, but after burning their fingers with the Operation Sun Devil and the resulting Steve Jackson case that led to the creation of the EFF, they seem pretty reluctant to even try.
Re:What kind of crime would it fight? (Score:4, Interesting)
You're thinking of the events that were detailed in "The Hacker Crackdown" aren't you?...
I'm not saying your wrong, but please re-read my post. I'm saying that a lot of the time, the police are expected to do this because it's their job, except they don't know where to start, which leads to the situation that they can't actually be certain it *is* their job. So they don't do anything.
It doesn't matter if it crosses state or even federal or international lines...
Only committing crimes in another state from your home state is an old trick to avoid the attention of law enforcement. It only works for a while - the police know how to deal with this.
Imagine this. Someone in your state is breaking the law. You report the details to your local police. They arrest them.
Now consider - Someone in another state is breaking the law. You report the details to *their* local police. They arrest them.
See the difference? You can achieve that without being a police officer - but it does knowing who to contact and what to tell them. Giving them an IP address isn't enough. What they are looking for in *evidence* of a crime they can understand. Send them details of which crime is being broken, so they don't have to work it out themselves, and they know it's something they are responsible for.
Speak to their ISP in advance, explain the situation, get the ISPs contact person and let him know his local police will be in contact to collect the evidence. Most ISPs will co-operate that far - to wait for a request from the local police for information.
Learn about evidence collection. Learn what police need to do their job.
That makes all the difference in the world.
And it is the local police's job to do this. Are you some multibillion dollar exec? No, well how can you seriously expect the secret service to do this for you? Seriously?
Do you think I go and call ASIO (I'm in Australia) or ASIS everytime I find graffiti on my car?
Finding my computer's been hacked is no different. Just because they employ people in secret intelligence organisations who understand the situation doesn't make it their problem... You're a small victim, that's what the local police are there for.
GrpA
Re:What kind of crime would it fight? (Score:5, Interesting)
You've apparently not dealt with the police nor the laws on fraud, because you state:
> It doesn't matter if it crosses state or even federal or international lines...
This is amazingly wrong. As soon as it crosses the borders of your local police force's jurisdiction, they *must* escalate it to the authority that covers both jurisdictions, or they have little hope of getting a prosecution. This is from my direct experience with spammer and phishing fraud, and DOS attacks against systems I've dealt with. The local police on each end say 'oohhhh, we can't do that' and pass it to the FBI who completely ignore it. This is with names, dates, times, places, and a careful list of exactly what records they need to subpoena to collect the evidence for conviction. The local police on each end simply will not act.
And I expect the Secret Service to do this, for example, because they are the enforcement arm of the US Treasury: fiscal fraud is what they do (or are supposed to do). Guarding VIP's like the President was added to their responsibilities in the 19th century, but their role as fiscal agents is older, and it remains part of their charter.
Re:What kind of crime would it fight? (Score:4, Interesting)
Yes, I have dealt with federal matters, and it's amazing how the same issues that affect whether or not police will take on your complaint occur at all levels.
I did speak to the federal authorities. I did track down the people whose task it was, and I found out what they needed.
It's a bit like chinese whispers. "I can't do anything if XXXX doesn't do their job." They will tell me that, but they won't tell XXXX directly. (XXXX Being a person, agency, official, whatever). I became the "connection" between them, relaying commitments.
So I did the rounds, learned what they required (specific only to my case) and got them all to agree to what was basically an open-ended commitment. THe problem is that they couldn't discuss anything with me - since they all recognized I had no authority and privacy laws got in the way, but wouldn't start bothering their counterparts to request help, because they couldn't tell their counterparts what was going - they didn't know how to.
However, I could get them to commit to speak to XXXX, if XXXX was prepared to help, so I called *all* the XXXXs and explained the situation, and sent the details through to all of them. The XXXX's were Federal Police, State Police and Telecommunications Regulations Enforcement authorities.
Once I had them all committed, I simply became the "co-ordination" point for the exercise. I learned everyone else's role and broke the task down and sent the appropriate information to each person that was relevant to their job.
The result? As soon as they realised I had handed them a case ready to close, with all the contacts agreeing to their role, they moved immediately. The whole thing took about an hour.
In that case, I had made a slight error with regards to the law that was broken, and they called me back to let me know they couldn't actually prosecute and were helpful enough to provide additional information I needed to know to close that loophole with the way my network was set up ( Guest access can be a real issue - if you let people in, proving tresspass is impossible ).
They also provided a committment to back me up in the future if it ever happened again.
True to their word, they did the next time and I caught the guy. He was prosecuted successfully, although the next time, it was local, so I didn't need to coordinate as many people.
So please, consider my point. You need to co-ordinate *everyone* and make sure they know you have a reasonable chance of prosecution and that you've lined up your ducks, or they won't get involved.
It's no different for a cop doing that job. They need to get everyone involved too. Basically they still have to go through the same process.
Most people will do their job and help you if you remove all the obstacles first. In a perfect world, they would move their own obstacles as well, but hey, if it's your problem and affects you, it's up to you to decide how committed you are to solving it.
GrpA
Re: (Score:2)
So, in the first case you invested an estimate of 80 hours of worktime, many man-hours of their time, negotiated your way through numerous hierarchies and departmental jurisdictional adventers and got... nothing. You're frankly quite lucky. My reports have frequently been stonewalled, and I've usually lacked the support from my own employers to spend that much time in a fruitless pursuit.
A local prosecution is much, much easier. I suspect that if the second time had not been local, your request would have b
Re: (Score:2)
I agree. Anytime I've had to deal with authorities in this area it's on the federal level. Crossing state lines takes it right out of the hands of your local police department, at least in the rural areas. You still need to file a complaint though, and they take you a little more seriously when you give them the contact number of the federal agent who you've already reported the incident to.
Re: (Score:2)
We ought to have a poll to see how many of us have read that. Some time ago I found a small, yellow paperback copy tucked away in my library and read it, and then I find out that it's practically required reading in geek-land.
Re: (Score:2)
and loose 20% of the geek points for reading a "dead tree" copy
heck this is the reason the Secret Service should have a field office in the same building as the EFF for the
Throw the book and see if any cats yowl EFFect.
Re: (Score:2)
I enjoy dead-tree reading, thank you very much. Trees are a renewable resource. You should be happy I'm reading that instead of using an overpriced Kindle which takes all kinds of industrial nasties to manufacture.
Re: (Score:2)
I click "yes" to install the malware, and then submit bug reports to the malware author when it doesn't run under WINE because I feel left out. Linux users are always left out in the cold. ;)
Re: (Score:1)
I agree, but the problem is that the police (regular) not only don't have a budget for this,
but also are as misinformed as the public. They are average joes like you and me who just have a badge and a gun and take risks with their lives on the streets to fight crime.
Put them behind desks they become nothing, web surfing p0rn like the rest of them....
because they are not really tech savy. You need a special ops force for cybercrime dedicated to this sort of thing, which costs lots of money and would not be a
Re: (Score:2)
Ummm. Ever done a forensic investigation on anything related to computers or networks?
Re: (Score:2)
Yes, but that's a completely different process.
For a start, the person who asks me to do the work is already taking the problem seriously and usually knows exactly what they want.
eg, "This laptop user claims fusion. Please confirm/reject this claim and provide forensic evidence supporting it" along with a laptop for analysis, that doesn't work, and the company's definition of "Fusion".
or even the more open, "Here's a copy of the packet dumps during the hacking incident. Please work out what this person did
Re: (Score:2)
How often have you clicked on "yes" instead of "no" just to make the stupid window go away, or had a poppup pop up just under where you're about to click?
I can't recall the last time that happened—so pretty infrequently. I believe better technology solutions and user education would go a lot further than more law enforcement agencies.
Re: (Score:2)
It's a stupid idea.
On the one hand, I wish they would pass me the bong/crack pipe they're smoking from, on the other hand, I can laugh at systems that are most vulnerable to attacks like this, on the gripping hand, recall that it was Microsoft that popularized the long discredited idea of executing anything coming across a wire.
The sad thing is that something like this appears to be more or less inevitable.
Re: (Score:2)
Well what do you expect from the geniuses who invented autorun?
Re: (Score:1)
You make a funny statement.
You want them to go after "real criminals", not copyright infringers?
If it's against the law, and your doing it, it's a criminal act. You don't get to pick and choose which laws you want to follow, unless you're ready to accept the consequences of the actions you are doing.....
I know what your talking about, but I find it funny that people like to state copyright infringement isn't a crime, or at least they like to lessen it.
Tell that to the members of DoD, PWA, WLW, etc., etc.,
Re: (Score:2)
It's a reasonable point. More what I'm asking for is that laws be either enforced:
A) Equally regardless of the law. If it's on the books enforce it
B) Proportional to the damage it causes.
It's like going after people swapping kiddie porn instead of those making it (I recognize there is huge overlap and you often catch the first while chasing the second). I see laws intended to stop the viewing of child porn, but what I want to see is laws preventing the exploitation of children.
Of course you do have a point.
One World Government (Score:5, Insightful)
No, don't write me off as a NEW WORLD ORDER!!!! guy.
Interpol is dangerously close to a one-world-government type deal. If you're into "global democracy" and the entire world under one flag, then an international police on the internet is probably no big deal to you.
But if you're afraid of big, monolithic governments as much as I am, then you'll be deathly afraid of any international police body, as Internet Police isn't just a bad idea, it's also a very dangerous slippery slope to be treading on.
Still not convinced it's not a good idea? A lot of nations have insufferable politically-correct speech laws. Germany, for example; there they censor politically undesirable viewpoints (yes, Nazis, but if you believe that freedom of speech of the individual transcends whatever the masses may think...) and in Australia, they censor games like GTAIV and other 'socially undesirable' expression.
And maybe some people aren't bothered by that. Some people think, "hey, if some majority accepted that, then tough luck for the minority, democracy prevails!" but I am just not one of them and I'll never be comfortable with governments treading on individual freedom whether a single ruler or the many stepping on them.
Re: (Score:2)
Replace "Interpol" with "InternetPol there, I mistyped.
Re: (Score:2)
I think the wisest words ever written in a code of law were when the US Constitution stated that anything not specifically allowed by that Constitution was not allowed for the Government to legislate upon.
Government is much more powerful than an individual citizen, therefore i
Re: (Score:2)
Re:One World Government (Score:5, Insightful)
Interpol is dangerously close to a one-world-government type deal. If you're into "global democracy" and the entire world under one flag, then an international police on the internet is probably no big deal to you.
Yeah, look, sorry, I can't disagree more. Interpol is not remotely close to a one-world-government deal at all. Those guys are lucky to be able to help a handful of governments catch a handful of criminals when all parties want them in prison.
/. seems to have missed as the "oh gawd, the government is after my rights" folks jumped right out onto the bandwagon here first. Think about these tasks that I would love to see internet police on the case for:
While I think that an "internet police" is a laughable idea in that it would be impossible to unify all the countries with access to the internet under one police umbrella, I think doing so could have some fantastic opportunities that
1) Spam.
2) Spam.
3) Trojans on websites
4) Browser Hijacking
5) Fleecing through fake Paypal/Bank/Money websites
I am aware that point one and two may look the same, but I feel it would be in most people's minds enough to warrant those two places. If I could have a "report this as spam" button in my email client and know that it would actually go somewhere to someone to do something, man, that would be a sweet thing indeed. What's this? A website that opens a bazzilion popup windows and refuses to let me close my windows? BAM! Hit that police button right there!
Come on slashies, have a look at some of the positive possibilities here. Don't make me have to use a car analogy!
Re: (Score:2)
Gee, if people knew for certainty that only the really heinous things would be enforced, and that nothing shady or anathema to people's rights would happen, then sure, nobody would oppose it.
But this is fantasy land, utopian idealism. Saying "See, well, it's not supposed to work like that..." doesn't matter. "The road to Hell is paved with good intentions" and all that. Just because it is *supposed* to work great and follow a certain protocol does not always mean it will. Hell, my country, the USA, does
Re: (Score:2)
The counter to this of course is that in representative democracy vote-buying is the most important thing. Which means that things that are good for the country overall, but unpopular, are a lot less likely to happen around election time. You can argue of course that if it's unpopular it's not good for the country, and that's a valid argument. But when massive amounts of money are spent on vocal minority groups to buy votes, I don't see how that's representative of the majority at all. Which isn't to say th
Re: (Score:2)
And I say, even listening to the majority is not a good thing. It's not inconceivable to imagine a situation, past, present, or future where the masses, through their own stupidity or bigotry, want to oppress harmless people for something stupid, perhaps "practicing witchcraft" in the past or something.
Nothing really works "well", not a democracy, not a republic, not a monarchy or dictatorship, highly unlikely even anarchy. Everything is a system of tradeoffs. This is why we cannot have one government an
Re:One World Government (Score:4, Insightful)
The 'one world government' lip fart is a distractive ruse designed to debase thinking that effects all of us. It's a distraction that goes back in origin to the John Birch Society, a ultra-radical right-wing batch of people that also aided the anti-flouride rouse, tried to impeach Earl Warren, and so on. It's a BS contention that's carefully calculated to debase the thought of international controls.
Re: (Score:2)
Well, if you sympathize the idea of a single world government or view it as possibly positive, just say so! No need to hide behind any ad hominems or guilt-by-associations!
Re: (Score:1, Troll)
Garbage in, garbage out.
Your question can't be answered because it's a rubric of rightist spew-think.
Re: (Score:2)
Do you have anything besides ad hominems?
Re: (Score:2)
And you say, "garbage in, garbage out". Since I was responding to your post, I'd suppose that it was your post that was the "garbage in?"
Re: (Score:2)
Nevermind, wrong person.
Re: (Score:2)
The one-world-government rubric is in a way, hate speech, and is designed to polarize. International governance is something quite different. That the US refuses to participate in international laws of many kind, and uses world trade onerously, I'd say that the rubric has infected many, perhaps yourself.
As far as ad hominems are concerned, the fact that I speak directly to your character as a seeming defender of rightist inflamatory diatribe, seems to disturb you. If I'm wrong about that, I apologize, but I
Re: (Score:2)
Hopefully "international governance" will make that sort of icky speech illegal. I can be dragged before an international court and stuck in an international prison for my rightist, inflammatory hate speech.
Re: (Score:2)
Governance and cooperation are strange things, in that we must submit to them in a civilized existence. I've seen the fear-based rightist rubrics bubble up time and again. They're ill-examined, and debase civil people each time they're raised.
You mean like the european constitution that was so Byzantine no two people could agree one what certain provisions meant? Or did you have some other example where skepticism of govt. debased civil people?
Re: (Score:2)
Building a long-term successful governance infrastructure takes decades and decades. It needs to be flexible to meet the changing needs of the time. Warring tribes (oops, I mean EU constituent countries) need time to absorb and re-shape things. One failure isn't the end, it's the beginning.
Perhaps the EU Constitution was Byzantine. At least it's a start, rather than the hubris and narcissism of governmental superiority.
Re: (Score:2)
1) Every human on earth is an equal citizen of the world with a right to education, freedom and peace.
2) The third world wouldn't be kept in perpetual debt for the benefit
Re: (Score:2)
I agree in spirit that everyone should have an education, and that people should (voluntarily) make that happen, but I do not agree with the idea that it is a "right" in the sense that people have a right not to be murdered or so on. It's obvious where my political leanings are; however, I just think that these things people really should have just shouldn't be within the same scope as the entity that enforces the laws. I don't think the means justify the ends, even though I really and truly do agree with
Re: (Score:3, Interesting)
Let's start with this one:
1) Every human on earth is an equal citizen of the world with a right to education, freedom and peace.
Oh, really? What will that 'educaton' be? And what kind of 'freedom'? Freedome to drink alcohol? An education that teaches that the Q'uran or the Bible or the Talmud are the ultimate reference? Freedom for women to wear a chadoor in class, even in a public school, or freedom to practice clitorectomies on girls for religious reasons?
Freedom is too tricky to trust to a single overrid
Re: (Score:2)
2) The third world wouldn't be kept in perpetual debt for the benefit of the first world.
[citation needed]
Re: (Score:2)
2) The third world wouldn't be kept in perpetual debt for the benefit of the first world.
[citation needed]
Are you kidding? Fine.
Citation [tni.org]
Quote from the link:
Debtor countries have deprived their people of basic necessities in order to provide the private banks and the public agencies of the rich countries with the equivalent of six Marshall Plans (the programme of assistance offered by the US to Europe after the Second World War). Have these extraordinary outflows served to reduce the absolute size of the debt burden? Not a bit: in spite of paying out more than $1,300 billion between 1982 and 1990, the deb
Re: (Score:1)
While I'm here, the world government controlled education is incompatible with freedom, both in your first point. How can you be free if a government agent tells you how to think? For the same reason we need freedom of religion we need freedom of education, in my opinion. That means not government controlled, a
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
I am aware that there will always be some form of discrimination wherever you go, that there won't truly be a total utopia no matter what - but it would be nice wouldn't it?
Yeah, I did see that the schools bit was from the other dude, but it was really late and I wanted to get ou
Re: (Score:2)
No, it would be a completely useless thing. Spam comes with forged headers, remember ? And even if it didn't, it would simply trace back to some poor bastards hijacked machine, rather than the spamming mastermind.
valuable humoristic car analogy (Score:2)
A short analogy ...
1) gas needed
2) gas needed (wouldn't wait for a 3rd time)
3) flyer inbetween windshield wiper and window
4) Carjackers
5) Shady Garagists
Actually ... there are laws against shady practices, still these shady people exist ... ... do we need a Carpol now ?
Same goes to carjackers
Re: (Score:2)
Couldn't you just spam the police button and turn everyone connected to the internets in? Bam! Everyones in cyber jail!
Re: (Score:3, Interesting)
You are not a tin foil hat guy, trust me.
Countries have established law against computer crime. An internetpol is not required. The fact that F-Secure is asking for one is quite suspicious to me. You would think they would be in the forefront of telling the police where and who the bad guys are. Maybe they're just jockeying for a fat global contract?
More law enforcement is not needed, more security is. The problem is insecure OS and software platforms, insecure operations processes and policies, insecure us
Re: (Score:2)
Lets just go full tilt into asshatteriness: Make it a capital crime to have an insecure pc operating in your house or under your control. That will ensure it all stops... right?
You might be on to something here ... but instead of a capital crime of the consumer, make it affect the ISP. If someone's is *detectably* (i.e. they don't have a decent firewall) running a computer that is easily compromised, limit their internet link to the ISP's personal network. All HTTP requests go to the same webpage with the following (translated into marketing-speak of course): "You are an idiot. Fix your computer."
Re: (Score:2)
Interpol is dangerously close to a one-world-government type deal.
Don't worry. Just jot their names on the sheets i'm going to give to you, and they'll mysteriously die from heart attacks.
Sincerely,
Kira.
P.S. Do you know the Shinigami who likes apples?
One World Acronym (Score:2)
"Interpol is dangerously close to a one-world-government type deal. If you're into "global democracy" and the entire world under one flag, then an international police on the internet is probably no big deal to you."
UNATCO [wikipedia.org]
Who cares? (Score:2, Insightful)
Is Interpol even relevant? I mean, the only thing I ever know that even mentions Interpol are those stoopid warnings on DVDs. If Interpol has essentially become a copyright enforcement organization, then who even cares?
If this were to happen (Score:5, Funny)
They should wear uniforms made from lycra, wear bright red codpieces and a cape. That much power should come with a high level of public humiliation.
Re: (Score:3, Funny)
Why do you hate Cory? http://xkcd.com/239/ [xkcd.com] ;)
Re: (Score:1, Redundant)
No the Russian Mafia wont cooperate with this. Which is why you tell Moscow and Putin and Medvedev that if they dont do something about all the internet garbage (malware, spam, botnets, viruses, phishing etc) coming from their country, Russia wont join WTO (if it can work for AllOfMP3, it can work for this crap)
Russia needs the WTO more than the western governments need Russia in the WTO.
The question is, does Russia need the WTO more than they need the Mob?
Re: (Score:2)
May I repeat one of the tags on article: (Score:1)
Re:We've already lost (Score:4, Insightful)
If you fire rifles at US soldiers in Afghanistan, you stand a small chance of ending up at Gitmo. Statistically, you have a better chance getting a 5.56mm sucking chest wound in the process.
No one ever ended up in a military detention facility for l33t haxor5 that don't involve military targets or v1@gra spam.
We've lost because Americans prefer creature comforts and speach-codes over liberty; social security and medicare over limited government as a social contract to secure life, liberty, and property. And no one will rebel, because they are dependent on the system. Thomas Jefferson tried to warn you.
Re: (Score:2)
I don't get it... (Score:1)
What ye sow, so shall ye reap (Score:2)
The Attorney General's Office in Washington, United States, and Microsoft recently announced that they are filing new lawsuits targeting scareware purveyors. One of the cases is against James Reed McCreary IV, who is accused with sending incessant pop-ups resembling system warnings to consumers' personal computers. The messages read "CRITICAL ERROR MESSAGE! â" REGISTRY DAMAGED AND CORRUPTED," and instructed users to visit a Web site to download Registry Cleaner XP.
"Consumers who visited the Web site were offered a free scan to check their computer â" but the program found 'critical' errors every time," said Senior Counsel Paula Selis, who leads the Attorney General's Consumer Protection High-Tech Unit. "Users were then told to pay USD 39.95 to repair these dubious problems." Microsoft has said that 50 percent of its customer support calls related to computer crashes can be blamed on spyware.
F-Secure notes that Registry Cleaner XP is just one of the increasing number of rogue security applications which also include Antivirus 2009, Malwarecore, WinDefender, WinSpywareProtect and XPDefender.
Um, maybe if Microsoft hadn't "innovated" the long discredited idea of execute anything downloaded over a wire, this would never have been a problem?
Re: (Score:2)
Problem isn't execution, problem is access. If I run whatever code the net gives me, I should have fine-grained control over what that code can touch on my computer. That's not yet well implemented on any OS. Don't say SELinux or ridiculous modifications to the Windows user/file access rights are 'well implemented.' No, I mean that by default, I should be able to install a program that thinks it has administrator rights, see what it does, and then say, "Gotcha, you're gone." and delete it.
Re: (Score:2)
If I run whatever code the net gives me, I should have fine-grained control over what that code can touch on my computer.
You have been brainwashed. The Real World has never worked that way. No matter what Microsoft has told you.
SafeTCL (and later Java) tried to do sandboxing, but ...
You have only a big ON/OFF switch of which the only sensible setting is OFF. No amount of marketing either from Microsoft or Sun will EVER make it safe.
Re: (Score:2)
Just making posts on Slashdot involved code executing on your machine that you didn't audit. Welcome to the World Wide Web.
Hope you enjoy your stay.
Re: (Score:1)
Yeah, it's microsofts fault.
Let's not forget the id10t behind the keyboard that has to click on yes for it to actually run.......
--Toll_Free
Re: (Score:2)
Let's not forget the id10t behind the keyboard that has to click on yes for it to actually run.......
Let's not forget that it was the idiot behind Microsoft Windows 95 that made this an industry standard long after the idea had been discredited.
Re: (Score:1)
You're post had absolutely nothing to do with mine, why reply?
It's been statistically proven, the idiot behind the keyboard is usually the problem.
--Toll_Free
Re: (Score:2)
You're post had absolutely nothing to do with mine, why reply?
Offering to execute pieces of email should never have been an option, let alone an unprompted default. Offering a prompt is a total misunderstanding of the real issue.
I can't think of an appropriate car analogy, so how about a rake analogy? Prompting before executing a file received in email is like attaching a notice to a rake laying on the ground with the tines facing up that reads, "if you step on this rake you could do serious damage to your face, proceed?"
There were good solid reasons why shar messag
Re: (Score:2)
If Microsoft kept their own tool up to date (Registry Doctor), Registry Cleaner wouldn't happen. Or just a (light cleaning) option in System. It was obvious that registry cleaning craze (which THEY started) would be abused some day.
I think MS got ashamed of registry needing cleaned or something.
BTW look at the "registry doctor" results on Google, that thing is really out of hand
http://www.google.com/search?client=safari&rls=tr-tr&q=microsoft+registry+doctor&ie=UTF-8&oe=UTF-8 [google.com] (All results not
What could possibly go wrong? (Score:2)
... or I'll digitally sign a ticket! (Score:4, Funny)
you babies (Score:2)
How Perfectly American (Score:2)
Invent an entire agency with a specific task, while having various other more or less capable agencies given parts or all of the same task. It'll work terribly at first because they'll only be learning how to do what they do in the context and restraints forced on them. Then to become more effective, they'll share information and then participate in tasks with these other agencies. Later when the government(s) attempt to get these agencies to merge, if not act together as a single task force, inter-agency r
Look, nice idea but it's never going to happen (Score:2)
Mouse clicks are easier than boots on the ground. (Score:1)
Mikko's a nice guy but we can't get together and stamp out genocide (Darfur et al), arms dealing (see the UN security council's arms sales) or world peace what hope do we have with cybercrime.
Cybercrime is easier to stop, not harder, than crime or warfare in meatspace. Cybercrime is easier to commit, too, of course, but it's not like the FBI & CIA are working with 50kg mice & keyboards preventing them from being as agile as criminals. They're just less motivated and less competent, and "complexity" is a pathetic fig leaf which we citizens must all stop granting our "protectors" ASAP.
both possible and practical -- desirable? (Score:1)
Hypponen gives examples of why such a supernational force is needed -- and these are not hard to find -- but provides few details about how such an outfit could get started or how it would work. He does mention the wrinkle that in some countries malware writing, cracking, spamming, and phishing are not illegal or not prosecuted. Is an Internetpol even possible, let alone practical?
[snicker] Countries that refuse to punish antisocial 'Net conduct don't get public IPs transmitted over satellites and undersea fiber optic cables, which are US property or property of US [Delaware, probably] corporations. Although some of the tech was put in place via rocketry, this is not rocket science. It's as simple as "play nice, or I kick you off my playground." Yes, it IS mine. I built it and I own it. [my country, that is]
calmofthestorm:
I can see some use for this, but I fear like most things it would go after political dissidents and copyright infringers rather than actual criminals. Generally speaking I don't want the government to have /more/ power.
[shivers] This government is obviously not competent to w
You just know... (Score:2)
...they'd spend their entire existence sucking fat salaries and occasionally managing to bust one or two half-wit script kiddies with barely enough knowledge to download the tools from a warez site and sneer at people who ask questions on Linux sites.
Re: (Score:1)
...they'd spend their entire existence sucking fat salaries and occasionally managing to bust one or two half-wit script kiddies with barely enough knowledge to download the tools from a warez site and sneer at people who ask questions on Linux sites.
And just where do I apply?
kind of like the Justice League of America, no? (Score:1)
but it makes more sense to be supranational. i'm sure jackwads like preznit bush would back any kind of extra-national force that could impose penalties on individuals who commit crimes over the intertubes. NOT
Let us fix this (Score:1)
Simply make Fraud, SPAM, Kiddie Porn etc a crime wherein
perpetrators have their genitalia (dick and balls) cut off and their
eyes removed. Then the word PEDO is branded on their foreheads.
We would see a great diminishment of these things fast. Word gets out.
Add people who respond to these things to the equation. Stupidity will disappear shortly.
Give cash rewards for reporting this stuff. Soon it will go away, when the idiots KNOW
people will report them and PROFIT!!!
Rewards are useful. Naturally, wearing a h
The "safe" internet and the "wild west" internet. (Score:2)
I can envision an internet fork where the safe provision of multimedia entertainment is the primary goal. People who care can then argue about "net neutrality" all that they want, but most of the eyeballs will go to the eye candy--and the eye candy will be provided by the copyright-clad establishment media.
In that 'multimedia entertainment net,' security and control will be prime considerations. Commerce will flock there. It will be stringently policed and censored. There will be little need for an "int
This is how the conversation went (Score:1)
Hey, I thought of a clever name... internetpol. It's like interpol but for the intern... Wait, that's a pretty cool idea isn't it? Let's run with it.