Feeds

back to article Supersleuthing BOFHs could help crack cybercrimes

System administrators should be the detectives in cyber investigations, a top Microsoft security bod said. It wasn’t helpful for cops to go blundering into companies’ networks to look for evidence in cybercrimes, because the sysadmin will know where to look for that information, said Scott Charney, VP of trustworthy computing …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

Dramaticall clueless

That is a superbly clueless comment.

Sysadmins can be of HELP with an investigation, but in most countries it needs a designated official to preserve s chain of evidence.

Unless you involve Mr Plod you have tainted the very evidence to get people in jail, because most countries don't have rendition and Guantanamo Bay to avoid due process.

Maybe the guy needs to travel a bit more first.

5
1

Well, duh

Does this wonk also recommend the use of warm water when trying to boil an egg?

0
0

except that

Except that Sysadmin's are not law enforcement. Wouldn't any evidence they find be corrupted if they touch it? Also.. wouldn't they have to be trained to not "Fix it"?

1
0
Anonymous Coward

Translation

'Harmonise national laws' = 'Make US law enforceable across the world' = 'US can chase a punish anybody in the world'

Somehow I don't think the 'harmonisation' will result in the loosening if US law to be the same as those of more liberal countries across the world - the other way around is what the US gov't wants.

3
0
Anonymous Coward

It is all very well to say that sysadmins know what they are looking for but it doesn't preserve the integrity of evidence. At the very least it needs to be supervised by someone with enough skill to know that they are not being fed false evidence. Crime has moved into the 21st century, it is about time the police followed. They have spent far too long palming most of it off onto the banks, etc.

0
0

This is all well and good, but the cops don't understand what you give them even when it's explained to them. I gave the police extensive evidence of malicious damage to our systems and fraud, we even had the source IPs but it was ignored because the guy I was talking to had no clue what he was looking at....

1
0
Silver badge
Meh

Assuming all the above are taken care of satisfactorily (yeah right), how much will said BOFHs get paid for their services - and who decides?

0
0
Anonymous Coward

And if the BOFH is the guilty party/is in on the conspiracy? Sure I read somewhere that most security breaches are from the inside.

0
0
Silver badge
Holmes

No problem

The bean counter did it.

0
0
Anonymous Coward

Really?

F* you, Charney - maybe if i wasn't busy babysitting your companes sh*tty products all day long, i would have time to be concerned with eviodence gathering.

2
0
Anonymous Coward

way back when

Our company had a Corporate Security department, and we were instructed, in no uncertain terms, that we weren't to do anything at all* after detecting an event and calling Corporate Security.

* In the few times I actually had to contact them, they instructed me on what I was allowed to do, and what things I was absolutely prohibitted from doing.

The oddest request from an on-site security official was for a 16-ft step ladder....which the security officer used to climb over the locked cube door.

0
0
Anonymous Coward

Security Bondage Trouser Fetishist Marketeers

actually suggesting that people who understand tech have something to contribute rather the bullshitters who know nothimg.

0
0
Anonymous Coward

What's this, SA for LE?

Soon you'll need to be vetted and get a licence as a private sleuth before you'll be allowed to admin your network. Sounds like a good plan, eh. But it gets better.

“What increasing became clear [in my career] is that you had to ask the question at one level up. Do you want anonymity or accountability in certain things on the net?”

Spot the hidden assumption. I say the assumption is wrong. In fact, I also say it's becoming increasingly untenable.

“For internet banking – we want robust authentication. But if I’m engaged in certain kinds of speech I may want anonymity and society should support that anonymity.”

I also want to be able to anonymously transfer monies; if you want to move everybody off physical, cold hard cash, then you'd better make sure that the replacement can be used anonymously, too. How? You figure it out, brainbox.

I don't care in the least that people like this bozo will automatically assume that's not possible. If it isn't now, it's their job to make it possible. Thus we see the fallacy of the hidden assumption above: Authorization, Authentication, and Identification, are not remotely the same thing. Yet here he is, assuming that anonymity necessarily conflicts with authentication.

Which is to say, he's assuming all the world is a cube farm filled with workers wearing badges and the most anonymity he's willing to grant anyone is for the notes stuffed in the "ideas" box. Well, that's just not good enough. Corporations exist to serve the public, not the other way around. Same with government, technology, and so on.

Note that this guy is indeed big corporate and ex-bigwig government. Not exactly someone bent on deploying technology for enabling freedom for citizens.

0
0
This topic is closed for new posts.