technology police?
 

So I read this article here and heard a radio DJ talking about it, and it got me thinking. Thinking about how the police will handle technology related crimes????

article: http://www.foxnews.com/story/0,2933,286854,00.html

Well the story goes that these families are getting stalked by their own cell phones. Now they went to the police and the police pretty much told them that is not possible and there is nothing they can do. The phone companies tell them its not likely to happen (well they would never admit fault in security or their product).

Basically I think this is easy to figure out. Someone cloned their cell phone and is using it to play a prank or stalk them. Sprint does not use SIMs or GSM to my knowledge but that does not mean you can't clone a sprint phone. I think that someone has gained physical access to one of their phones and it got cloned. GSM phones with SIM cards are even easier to clone. I have seen it done with my own eyes. How would the police even know anything about this? Do they have a technology crime department? I think the FBI probably does, but would this case need to go to the FBI. I am sure there is some sort of federal commission set by the FCC that makes this type of thing illegal, but who should investigate this?

Then this got me thinking even more about technology crimes in general. I have read plenty of Mitnick and I know that as long as humans control technology there will always be security holes via the technology itself or social engineering.

So, what do you people think? Should there be a technology crime investigation unit? I am sure that technology related crime is getting more and more popular and it will only become a bigger thing.

Then again, I think that certain privacy laws need to be in place so the government doesn't have full on access to everything we do in our lives. I am on the fence with this. At the same time I think if some jerk off is going to clone your phone and then not only run up your minutes and texts but stalk you and harass you at the same time, someone out there should put a stop to it. Also that person should be prosecuted for the crimes they commit.

Well if you are curious about the future of tech crime and tech anti-crime check out Ghost in the Shell: Stand Alone Complex. It's probably the best developed, and sensical sci-fi stories based on a futuristic anti technology crime department.

We already have technology police in a way, they are called the MPAA, among others. I keep hearing stories of people who are getting fined or warned by major corporations for infringing copyright and/or illegal downloading - I'm sure this is not what you were referring to initially, but it got me thinking.

Getting stalked on your cell phone is pretty bad, but the sheer fact that basically every keystroke of what you enter into the internet is recorded in some way and used in someway.

Makes you think...

I have seen the first and second movie, and read a few of the comics but never watched the series. I do like the conecpt though.

I know that if I was in a situation like that article, I would be telling the police how it was possible and how they needed to do something about it.

Well as of a few years back the FBI had I think like 16 cybercrime offices set up in major cities around the U.S. They might have more now, I don't really know. And Ghost in the Shell stand alone complex is probably my favorite anime series I have seen, I'd recommend it if you like that sort of thing.

They're supposed to have software that can analyze Mac drives, but I have the feeling that a criminal using a Mac with Filevault turned on and storing data in encrypted disk images could make things very difficult for the authorities.

I could get onto someone's user account with filevault active in a matter of minutes, but yea a secure sparse disk image with a strong password isn't an easy thing to get into.

Yeah I read somewhere back a while ago (maybe in 2600?? can't remember) that most commerical forms of encryption are failry easy to tap into with the right tools and know how. I can't say that is so because I don't ever go around trying to break encryption on anything.

Well, as I found out, Sprint phones are one of the easiest ones to clone out there. All you need is the account number and then set that account number in the phone via the phone's service mode. This could have been obtained by trashing, social engineering, or physical access.

I understand that the FBI has these types of departments but once technology related crime comes more and more common will it fall onto the police or will the FBI have to expand, or will they have to create a whole new department?

I'm not an expert either. Some legitimate organizations that have a major concern about this are organizations that monitor human rights problems in various totalitarian countries. If the police seize their computers and read their HDs then a lot of people could be in serious physical danger. Years ago these kinds of organizations were using PGP. I don't know what they use today.

http://www.pgpi.org/

Think about organizations like the Highway Patrol. They were created because of new technology, cars. So there is some precedent for what you are talking about.

If you're interested in the cyber crime/security scene, I highly recommend
reading Bruce Schneier's blog - very interesting, informative stuff.

Thanks for the tip, some interesting stuff.

It seems likely that crimes involving use of the airwaves will go to one sort of anti-crime department, headed by one organization, especially likely to be federal (in the USA). Maybe two federal organizations, actually, FCC and then FBI, who will then have turf battles over who does or doesn't get to investigate and litigate against evil doers.

Other forms of techno-crime will go to some other sort of anti-crime department or departments, who will also have turf battles.

Eventually, we'll end up with 7 to 8 organizations, all battling one another over crime, and nothing will get done.

No worries, mate.

Yeah, thats how I was thinking it would pan out. It cracks me up how republicans preach smaller government in one hand, and in the other create 9 different departments to administer the same thing.

Tech police: A suggested priority case
 

.
Good topic, Tom.

It seems to me that a technological police would suffer from the same thing that special unit, "economic police" currently does. They’re outgunned and outsmarted. And it is exceedingly rare, relatively speaking, that corporate culprits are caught, successfully prosecuted and given relevant sentences.

Certainly that’s the case here. Many cases are abandoned because they just don’t have the resources to investigate them. And when they are, glaring mistakes are often made, revealing the investigators’ lack of mastery of the field in question.

Enron is the exception, not the rule.

A priority case
In another thread some time ago, I quipped that perhaps Spam should be defined as Terrorism. While not an entirely serious suggestion, I thought it did have some merit.

First: Spam causes immense economic damage to the nation, or nations.
Second: The loss of productivity far exceed any acts of terror that have been carried out.
Third: Perhaps such a definition is the only hope of allocating sufficient resources to deal effectively with the issue.

Imagine, if you will, a close cooperation between hackers and SWAT teams, tracking down and dealing with the worst offenders. Astonishingly, many of these are known. I believe I read somewhere that the 20 or 50 worst spammers accounted for well over 85% of junk mail.

Perhaps one could list the worst 52 and produce a new "deck of cards"?

With similar resources and rewards being used in the manhunt, of course. :cool:


-- ArcticStones

Yes, and once caught, thumb screws and...

Oops, got carried away. Maybe send to Guantanamo?

True, especially considering moves like this one:
I remember seeing this guy on either 60 minutes or 20/20.

As long as police work is strictly a blue collar job, white collar criminals will continue to do more damage than drug dealers.

I have been thinking more and more about what I could possibly do with my knowledge of technology.

For example, if I were so inclined I could

1) Access an unsecured, or outdated wifi network (WEP)
2) Use exploits to give myself access or if not security is in measure just give myself access
3) Search for personal information, like credit cards, etc
4) Make online purchases or whatever with said information
5) Use the exploited network as a means to access the internet for other bad things like DOS attacks and the like
6) High jack company information

When I was first getting into network security I wanted to learn it hands on. This is how I learn everything about technology, I learn everything hands on. I stumbled upon this Live Linux distro which is basically a set of auditing tools compiled into one said distro for auditing security purposes. This thing was jam packed with built in crack/hacking tools. I loaded it on my laptop and drove around down town (also known as war driving) and I was amazed how many wireless networks I picked up that were not secure, and ones that had old known busted security. Of course I never did anything but look with these tools (stumblers and the like). However if I were so inclined I could have connected myself to this network with a spoofed MAC address and then used their connection with the internet for my evil doing, spamming, DOS attacks, or exploiting that network for it's resources. However, I never did that, mainly because I don't want to serve time in Jail. I mean, hey, they caught Kevin Mitnick and that guy is way smarter than I am. I am also no expert I just know a few things

So, who is going to stop the person who war drives your business/home network and steals your information or whatever? I mean it is a crime so you will call the police right? How will the police track it? The FBI is probably busy with real criminals so the petty ones get ignored. It will be interesting how everything pans out in the future.

We've had some combination of low tech with high tech crime recently here in Albuquerque. Banks are being broken into, not for cash, but after hours, for the computers. Now I'm not savvy enough to know if I'm even using correct terminology, but a neighbor was markedly distraught this past week. Her local bank was robbed, she said, of its "server" with all the customers' confidential financial information. The bank had physically been burgled, and hardware taken, which has information about customers' accounts.

.
The most active spammers are not "petty criminals", but do immense economic sabotage as a by-product of their activities. And not enough is being done about taking them out of circulation. Which is why we need a new "deck of cards". Seriously.

Another problem is this: IT security and the desire to enable surveillance do not, shall we say, entirely coincide.

I for one would like to see LittleSnitch built into OSX.
Not sure what one would do one the Windows side of things...

Spammers are being sought out, I am talking about the small time technology criminals that will slip through the cracks.

Or even worse, end users. I can't tell you how insecure some things are that end users do. Like for example, at my work someone will bring in a third party unsecured Access Point and jack it into our network. Then it is broadcasting free open wifi with a free open back door to our network, actually its more like a front door with a welcome mat in front.

most commonly used linux packages have ported to OS X. If you want a nice security all in one linux distro google search backtrack, it is one of the best I have come across. Intel based macs will run backtrack as a virtual machine, and you can boot off it, but it lacks driver support for the airport if you boot off it.

Perish the thought.

After the way it buggered up my system a couple of years back, I would be happy never to see it again. My system was playing up bigstyle and hayne tracked down the culprit for me and, once uninstalled, no further problems.

Yeah, but with dismal effectiveness. :( With a concerted effort, it should be feasible to put at least half of the top 52 out of business within a year.

Maybe, but it shouldn't be possible to send an email without verifying its source. Fix that major flaw and you'll eliminate more than half the junk email. Of course, getting rid of Windows and therefore Windows bots, would finish the job.

What would be the best way to go about that, cwt?

(Let’s please skip the second point of your post, which is valid enough but discussed at length before.)

By dealing with spam as it's being sent instead of when it is received.

For starters, all email should have encryption, if only to protect headers from being sniffed. Second, every ISP could require that all outgoing mail going through their servers is verified as coming from an account belonging to a valid user. This should be done not merely using passwords, but also by handshaking with their systems using previously verified* addresses for that user's system. It would be easy to do when a user logs in through their cable/dsl modem, and sending mail through your account from another location/ISP should require you to log into your ISP separately before sending mail.

Next, accounts consistently sending large numbers of messages could be flagged for further action.

*Edit: Account log in and email log in should be different passwords.

To deter spammers, I have found sneakemail quite effective.

As regards catching spammers, here's an interesting project.

At the risk of drawing the venomous comments of all the Mac fans out there, I strongly disagree. You're kidding yourself if you think that Windows is to blame for SPAM! If all Windows users switched to the Mac, then all the spammers would also be Mac users, and they would recompile their bots to run on the Mac. Getting rid of Windows would set the spammers back a day or two at best, but then they would be back in full force. If you want to be a fan of all things Apple, be my guest, but try not to make too many ridiculous assertions!

Sure, you can run a mail bot on your own Mac, but the key to spamming is running mail bots on many unsuspecting users' computers. Only Windows lets spammers do that easily. Not Mac, not Linux. Not any other OS.

I agree that it is a little harder to sneak stuff in on a Mac, but it is not impossible. Most users freely provide their password when installing software, without first checking to see if their is any spyware. Mac users are particularly guilty of this because they are lulled into the false confidence of having no viruses and hardly any spyware in the wild. The first time somebody decides to write a spambot for the Mac and piggy back it on some Kazaa-ish installation (remember the Windows spyware associated with that one), the average Mac user will be in trouble.

A little harder? If it were only a little harder, it would have been done by now.

Have you forgotten how small of a segment Mac users really are? I for one am thankful that we are still a small segment, because we represent a small target. Windows is a large and easy (according to you) target. Remove that target, and hackers and malware writers would find a way to target another platform (ie. Mac OS X or Linux).

You obviously missed the Month of Apple Bugs earlier this year. If you read up on those, you might not feel so arrogantly superior to Windows, as there were some significant vulnerabilities exposed - vulnerabilities that took Apple a while to patch up.

The Mac platform is not impenetrable and there are numerous exploits that continue to be discovered and patched. We just happen to be fortunate that our minority status in the computing community affords us some obscurity, otherwise unsavory individuals might have targetted us more aggressively long ago.

Not at all. I know that far smaller targets such as Linux on iPod have been targeted. With just a thousand or so users, Linux on iPod has fewer total users than Macs sold in a single day.

The month of Apple bugs was a big disappointment. What was supposed to be a list of exploits or serious vulnerabilities turned out to be primarily a list of bugs in third party applications, most of which couldn't be exploited, even theoretically. Those that could be exploited required very specific circumstances in order to work, which basically meant that there would be no way to propagate.

As I said, the Mac doesn't need to be impenetrable. It only needs to keep the bar for degree of difficulty high enough to make attempts to exploit it unprofitable.

.
Please, let’s not turn this thread into a Mac/Windows discussion. (See my post above.) There are plenty of other threads that are eminently suitable for that.
Or start a new one, if you wish.

Well, to clarify one thing, no one ever specifically released all the zero day exploits for OS X. Everyone was kept in the dark because the people doing it wanted to avoid any and all legal action from Apple. Overall, they actually improved OS X's security. Also, OS X is not bullet proof. Simply modifying the $PATH and having basic commands run scripts can be done if the user does not take the necessary steps to secure their network.

Now take into account the human factor, see my previous post about users installing their own access points on private networks and not securing them, or people using ridiculous passwords that a dictionary attack just blows through all your log ins.

The reasons I bring this up, is because when you add in the human factor you throw all security out the window. This is not exclusive to any OS. So, now what happens when your personal network gets exploited by someone third party outside your house and they use your personal network to do bad things. Steal personal information, use your internet connection for DOS or spamming, and this doesn't even matter what platform you use because it was set up the wrong way to begin with. I mean how many people use secure passwords, with high levels of proper encryption and take the necessary steps to make it so hacking into their network would be a task instead of something you do in a matter of minutes?

How would you even know if a digital intruder has even been on your network? I for one every once in a while check my routers log to see how many clients connect via wifi. There should only be so many. My 2 laptops, my nintendo Wii, and my neighbor who I have given access. So a grand total of 4 MAC addresses should have shown up on my network. Well I noticed some rogue entries and my neighbor was giving his little brother access to my wifi network. Which in all honesty is not a problem because I have been friends with my neighbor for over 15 years or something like that. However, I changed my WPA passkey right afterwards because I don't want it being given out. Call me paranoid, but whatever.

Exactly why it's so important that spam be dealt with at the source. Home users are not going to take the steps necessary to secure their personal networks, now or in the future, so it's up to ISPs to secure their networks. If you break into my network, that's my fault, but if you use my network to send spam, that's my ISP's fault.

Encrypting email (e.g. with PGP or GPG) would not hide the headers. Are you thinking of the Mixmaster system? If so, that wouldn't really go with the authentication system you were considering...

Or did you just mean encrypting the email traffic, like the TLS Gmail uses? That's definitely a good idea.

I meant the email traffic, although Mixmaster seems to offer that too.

Basically, I would like to see implemented the most important thing I learned in a Film 101 class back in college. That is that any system created by humans is completely under human control at the outset. Email is no different. If it doesn't work the way we would like, and when 90% of it is junk, I think we can conlude that it doesn't, we need to recognize that it's because of how we made it. The spam problem isn't an act of God. It's a result of human stupidity.

I am not sure how much encryption would affect email traffic, and well with out IP headers it would be impossible to track things down unless everything carried a certificate.

I don't disagree with any of it, but also don't know if that is the proper solution. Also, email is only one of the many digital crimes out there people are committing. I for one had someone from Africa try to scam me on a dog once. I emailed a person who was a "supposed" breeder in my local news paper, and they ended up being a scam artist from Nigeria. I have a thread about it here on this website. I knew it was a scam right when they said the part about shipping the dog from Africa. However, as far as I could tell in the beginning this was a legit breeder that was advertising in my local newspaper.

Really there is no way to stop hackers/spammers/scammers from doing this, but there could be a deterrent of stricter laws and punishment. All methods of security can be bypassed with humans involved, TPMs are always hacked, encryption can be broken by dictionary and brute force attacks, no OS is bullet proof, etc. Which is why I would like to see a technology division in law enforcement but at the same time I want privacy. So, really I am not sure exactly how I feel about it at this point in time.

Email may only be one part of internet crime, but it is a big part, including scams not necessarily related to spam, such as the breeder scam you mentioned.

I don't think any one thing will be a cure-all, but it's pretty clear that the current way of doing things is as close to the worst case as you can get, with 90% of all email being spam.

Just as with the Mac and viruses, it isn't necessary to make the email system 100% impenetrable. To get real benefits, it is only necessary to make it difficult enough to beat the system that a 12 year old can't do it with little effort.

I agree with this 100%. Which is why you see "script kiddies" exploiting windows boxes. However, I read a funny article the other day that was about how Microsoft was trying to move away from allowing applications to access their kernel via the kernel hooks. Huge software companies like Symantec and Mcafee were kind of pissed about it, because it means they would have to work harder to make a better application (oh no!:eek:). So, really MS is trying to make that adjustment. But when you have several 800lb gorillas like Symantec and Mcafee making it harder to migrate to a set of security APIs over direct kernel access it can make things difficult. I mean symantec is probably larger than Microsoft and their Enterprise solutions are pretty much everywhere. Don't even look at their consumer stuff (which sucks anyways) because their corporate level solutions are actually pretty good (PC anywhere VPN software and Ghost come to mind). So, MS doesn't want to make their OS non compatible with these security softwares put out by these large corporations. It would really tick off the Enterprise level IT people, and of course the Enterprise users.

http://www.heise-security.co.uk/news/79542

However, back to the main topic at hand. Do you think if someone were just to steal internet access from a person in the suburbs and use it to spam/scam that they would ever get caught? It would be pretty hard and it would involve investigation. Also, where is the line between protection and piece of mind and privacy? Where do you draw the line on this? Also, what if they implemented a plan to charge for e-mail? I mean this is something that has been tossed around for a long time. If spammers were charged per a message sent, they would probably stop spamming. However, I am totally against that as well, I think e-mail should always remain 100% free.

Look at Gmail to see a case study of encryption for email traffic. Generally, it's a good idea, as a way of increasing the security of your information on an untrusted wireless network, but this is not a way of deterring spammers, and your email headers are in no way obscured to the Gmail servers. Two different issues are being confused here - what you seem to be describing is similar to the mixmaster system - a system, by the way, designed so that people would not be able to return your emails, since all the header information is changed completely. Anyway, the mixmaster system is pretty unreliable at the moment.

Encrypting email traffic will not reduce spam, it will only increase information security. IMHO.

Generally, I think that as long as making a network "secure" involves as much studying, learning, and effort as it does now, most people will not do it. And so we end up with the situation we have now. This can't really be blamed on Windows. It's a people thing. Like Bruce Schneier says, security is a process, not a product.

Back to the topic of cyber crime, you folks might find this interesting, if you haven't seen it already.

The way internet access and email is currently done by ISPs? No. But if they took the simple step or requiring separate passwords for connecting to their service and using their email servers, it would be both easier to stop the theft and to catch the thief.