Hi all,
Apologies in advance for being in random rant mode again
- and laregly off topic!
I wonder, will the Guardian ever report technology in an informed way....
Cheers,
Bob.
>http://www.guardianunlimited.co.uk/Print/0,3858,4090621,00.html
"The growing tide of internet crime, including hacking, porn rackets,
extortion and fraud, is to be tackled by a squad of "cybercops" set up in a
£25m initiative announced by the home secretary, Jack Straw, yesterday."
AAAArgh! Hacking is ***not*** a crime, if there's one thing that winds me up
it's this (deliberate?) misunderstanding of what hacking is. Hacking, means
to take something apart to see how it works. Hackers mess around with
software to see what they can get it to do, one part of that is to see how
to break it. It is not malicious, in fact the security industry relies on
hackers to point out flaws in software. Hacking is VITAL to get us to a
point where secure software exists. Taking advantage of a weakness on
someone elses system is not hacking... <pulls hair out>
Ok so, £25m, if that were matched with another £25m to spend on r&d in
secure systems or into education so people understand how to use the
Internet properly then I'd consider having some respect for the initiative,
otherwise it just looks like someone's had a panic attack and doesn't know
what to do. If all else fails snoop.
"Home Office money is also being provided to help fund a 24-hour
international hotline for detectives from different countries to "trade
information on potential attacks on the national infrastructure"."
If they aren't doing this already I'd be very suprised.
"The initiative follows intelligence that shows terrorists are increasingly
using the internet for recruitment and planning."
Bear in mind that 'terrorist' has been redefined to include political
activists and the like. The statement merely reflects the growing use of the
Internet surely, but adds a little sensationalist spice.
"Internet crime has soared in the last three years as criminals have begun
to realise the opportunities it offers."
Almost, but the other way round really, i.e. the opportunities have only
recently arrived.
"The dissemination of computer viruses, such as the I Love You bug, which
wreaked havoc last summer, is also on the rise. Medium sized businesses are
particularly vulnerable to these kinds of attacks because they cannot afford
protective filtering systems. Recent research showed that 60% of Britain's
online businesses have suffered hacking."
Badly used statistic alert. 'Suffered hacking' could technically mean
anything you wanted it to mean. If they'd said 'suffered a breach of
security' that would have been a meaningful statement.
"Worrying new trends include evidence of an international internet trade in
body parts, including kidneys."
Am I reading the Sun or something? What evidence? ...leaving out the
obvious difficulty of sending kidneys over the Internet ;-)
"Announcing the creation of the unit yesterday, Mr Straw said the government
was "committed to action against hi-tech crime ... making the UK the best
and safest place in the world to conduct and engage in e-commerce." "
Business needs to feel confident, this initiative will not inspire
confidence.
""Modern technologies such as the internet offer huge legitimate benefits,
but also powerful opportunities for criminals, from those involved in
financial fraud to the activities of paedophiles," he said."
And so therefore it needs to be tightly controlled? Oooh hello, how
convenient. Where is the evidence of major crime being committed on the
Internet? If it's such a problem why aren't we hearing about real cases,
leaving aside the regular reports of kiddie porn distribution (as opposed to
manufacture, which is where most hram lies, no?)?
"John Abbott, director general of NCIS, said: "Cybercrime ignores borders,
be they regional, national or international. Our approach therefore has to
be holistic." "
But the initiative is not holistic, is it?
"Mr Straw also announced £37m for a national information management system
for police forces in England and Wales.The new system will allow police
intelligence reports to be compared and analysed centrally."
Technical point: what is the point of that? What happens when someone breaks
into this system (you can be sure they will)? Diversity and distribution
aids security, why spoil it by centralising everything, unless Big Brother
is keeping the chair warm?
Summary: Internet crime is so badly reported by the media (partly through
lack of insight by reporters and partly through misrepresentation by
authority) it's barely worth reading about anymore. Stories about viruses
concentrate on 'facts' like the billions of dollars of damage caused; sounds
like serious crime until you realise that's spread over hundreds of
thousands of businesses/users and it really only means the cost of a small
interruption to the business process. Ok, it's bad, but it's not the same as
stealing a billion dollars from a bank.
Kiddie porn makes the news but is also appalingly reported, these 'rings'
can just as easily be broken using traditional police methods. What is
needed from a police point of view is to throw some money at developing
better computer forensics. Many cases fall through because evidence is
inadmissable, this needs sorting out first.
Cases of serious crime being committed on the Internet appear to be few and
far between, the evidence simply isn't being made known to justify the moral
panic we're going through. Internet crime is NOT EVER going to decrease
because of a few million quid thrown at a 'cybercrime' unit. The problem for
business largely boils down to the facts that users (customers and
employees) aren't educated enough to be using the Internet safely given that
that most people use software that is not up to the job. This will improve,
but slowly. Until then why do the government and the media have to create
such fear?
Business has rushed online too quickly hoping security could be tagged on
later.
Cheers,
Bob.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|