Supersleuthing BOFHs could help crack cybercrimes System administrators should be the detectives in cyber investigations, a top Microsoft security bod said. It wasn’t helpful for cops to go blundering into companies’ networks to look for evidence in cybercrimes, because the sysadmin will know where to look for that information, said Scott Charney, VP of trustworthy computing …
That is a superbly clueless comment.
Sysadmins can be of HELP with an investigation, but in most countries it needs a designated official to preserve s chain of evidence.
Unless you involve Mr Plod you have tainted the very evidence to get people in jail, because most countries don't have rendition and Guantanamo Bay to avoid due process.
Maybe the guy needs to travel a bit more first.
'Harmonise national laws' = 'Make US law enforceable across the world' = 'US can chase a punish anybody in the world'
Somehow I don't think the 'harmonisation' will result in the loosening if US law to be the same as those of more liberal countries across the world - the other way around is what the US gov't wants.
It is all very well to say that sysadmins know what they are looking for but it doesn't preserve the integrity of evidence. At the very least it needs to be supervised by someone with enough skill to know that they are not being fed false evidence. Crime has moved into the 21st century, it is about time the police followed. They have spent far too long palming most of it off onto the banks, etc.
This is all well and good, but the cops don't understand what you give them even when it's explained to them. I gave the police extensive evidence of malicious damage to our systems and fraud, we even had the source IPs but it was ignored because the guy I was talking to had no clue what he was looking at....
Our company had a Corporate Security department, and we were instructed, in no uncertain terms, that we weren't to do anything at all* after detecting an event and calling Corporate Security.
* In the few times I actually had to contact them, they instructed me on what I was allowed to do, and what things I was absolutely prohibitted from doing.
The oddest request from an on-site security official was for a 16-ft step ladder....which the security officer used to climb over the locked cube door.
Soon you'll need to be vetted and get a licence as a private sleuth before you'll be allowed to admin your network. Sounds like a good plan, eh. But it gets better.
“What increasing became clear [in my career] is that you had to ask the question at one level up. Do you want anonymity or accountability in certain things on the net?”
Spot the hidden assumption. I say the assumption is wrong. In fact, I also say it's becoming increasingly untenable.
“For internet banking – we want robust authentication. But if I’m engaged in certain kinds of speech I may want anonymity and society should support that anonymity.”
I also want to be able to anonymously transfer monies; if you want to move everybody off physical, cold hard cash, then you'd better make sure that the replacement can be used anonymously, too. How? You figure it out, brainbox.
I don't care in the least that people like this bozo will automatically assume that's not possible. If it isn't now, it's their job to make it possible. Thus we see the fallacy of the hidden assumption above: Authorization, Authentication, and Identification, are not remotely the same thing. Yet here he is, assuming that anonymity necessarily conflicts with authentication.
Which is to say, he's assuming all the world is a cube farm filled with workers wearing badges and the most anonymity he's willing to grant anyone is for the notes stuffed in the "ideas" box. Well, that's just not good enough. Corporations exist to serve the public, not the other way around. Same with government, technology, and so on.
Note that this guy is indeed big corporate and ex-bigwig government. Not exactly someone bent on deploying technology for enabling freedom for citizens.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
