Is some hacking justified?

Jonathan Bowers, March 6th 2007, 10:24AM

A former judge in California has been sentenced to 27 months in jail on Internet child abuse charges. The ground breaking thing about the case is that some of the evidence was provided by a Canadian hacker who planted a Trojan Horse on an Internet newsgroup visited by paedophiles that was then downloaded by 66-year-old Ronald C Kline.

In following the case, Sophos ran a poll to see whether the public thought that it was justified to use hacking in this circumstance.

The results of 233 votes show that almost two thirds believe that hacking is unacceptable in any circumstance. I wonder however what the results would be if another website ran the poll. We have to remember that people using the Sophos website are likely to have cyber crime on the mind and this could create a negative bias.

In order to catch a thief you often have to think like a thief and even behave like one. So should the laws be black and white when it comes to hacking. Could there be an acceptable use policy?

Tags: cybercrime, internetlaw
# Comment (2 comments)

A serious spate of security concerns?

Jonathan Bowers, July 25th 2006, 9:46AM

The technology headlines are dominated this week by security issues. Specifically in the UK, the government has produced guidelines to educate on the issue of cyber-bullying while globally the latest Sophos report reveals that Asian spammers are more now prevalent that US spammers for the first time ever.

The anti-virus companies are of course riding high on the reports. Symantec has teamed up with Yahoo to reach more users with its Norton software and Kaspersky labs is adding heat by warning us that malware is getting more sophisticated.

I think it is great that the government sees better technology education as a step to avoiding Internet crimes but I am often dubious when reports come out that are generated by the firms gaining the most from our heightened concerns. Often with no firm statistical evidence we are asked to accept that we are in more danger than ever before.

A quick search shows that we may be moving in this direction - the US Department of Justice is currently creating an extensive Cyber Crime survey to assess the impact on US businesses. It would be nice to see the UK government taking similar steps for the 1,500,000 businesses online in this country, not to mention the millions of home users.

Tags: cybercrime, security, spam
# Comment (0 comments)

How does your bank protect you?

Jonathan Bowers, April 18th 2006, 12:31PM

When you read statements like; "every day at least 400 credit card numbers are sold," it's easy to dismiss it off hand, that is until it happens. Then it feels like a real invasion of privacy, which of course, it is.

When looking for a new bank account or credit card provider, do you ask the provider what they are doing to counteract phishing and cyber crime? I'd imagine the majority of us don't - but soon it will be an obvious question.

But shouldn't it be the banks responsibility to inform us of how our information will be protected online?

There is an interesting post on Greg Hughes' blog about cyber crime targeting banks and what can be done about it. Greg builds anti-phishing software and is also a firm believer in prevention as protection and thinks the banks should communicate better.

I'd certainly prefer a better solution than banks issuing card numbers which are valid for single transactions only, which is actually one muted option.

The problem is that banks see a double edged sword. They refund stolen money but don't investigate, because the cost of investigation will often exceed the initial loss. They are also guarded about their security methods because they don't want to give anything away to the wrong people.

None of this however, builds the confidence of the spender who is between a rock and a hard place when it comes to finding the safest place for their money.

Tags: cybercrime, phishing
# Comment (0 comments)