Police Team Up With Guardian Angels Of The Net

from the defenders-of-the-net dept

Although politicians some times like to talk tough about cracking down on cyber-crime, there's little question that for the most part, law enforcement has been ineffective at doing much about it. There are all kinds impediments facing law enforcement bodies, such as jurisdictional issues and matters of scale (investigating and prosecuting an individual is an expensive, arduous task, while it's only getting cheaper and easier to launch attacks). The alternative, then, to traditional law enforcement is cyber-vigilantism. That was the idea behind Blue Security, a company whose strategy, some argued, amounted to launching denial-of-service attacks against spammers. Of course, Blue Security ultimately lost the battle, when, last summer, it came under a denial-of-service attack of its own launched by vengeful spammers. Increasingly, law enforcement is looking at a blended approach that combines legal methods alongside cyber-vigilantism. In London, the police have been joining up with such groups, although it's taking a cautious approach. The police, of course, want to be sure it's only allying with groups operating completely within the letter of the law, and its wary that wars between attackers and vigilantes could result in collateral damage to the networks that play the role of battleground. Still, it seems likely that such cooperation will continue. The traditional methods of the police force clearly seem inadequate, while the vigilantes should be able to benefit from a cloak of legitimacy that the police force can provide. The key will be in developing tools and practices to make the partnerships useful.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    identicon
    Rich Kulawiec, Jan 18th, 2007 @ 2:40pm

    Blue Security's strategy

    "...whose strategy, some argued, amounted to launching denial-of-service attacks against spammers"

    Actually, their "strategy", if I might dignify something so poorly
    conceived with that term, was to (a) launch attacks at targets they
    believed to be spammers -- whether or not they were, and without
    pausing for a moment to consider that spammers would of course
    use deceptive mean to retarget those attacks and (b) attract a
    lot of attention.

    In the case of (a), I wouldn't rule out the possibility that they were
    taken out via retargeting of their own attacks.

    It's seems they're now leveraging (b) as they attempt to become
    a spam-for-hire operation known as collactive.com.

    Not a good model to follow.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    God, Jan 18th, 2007 @ 3:38pm

    Why is that the moment mankind develops a new way to communicate, jackass marketing people automatically assume everyone wants to buy some crap through it???

    I dont mind fighting fire with fire.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Rich Kulawiec, Jan 18th, 2007 @ 5:44pm

    Re: fighting fire with fire

    Even if it would work, it's a terrible idea for two reasons.

    First, it adds positive feedback to a system that desperately needs
    negative feedback in order to dampen the response.

    Second, there is absolutely no chance of it working. NONE. Spammers
    control computing and network resources so enormous, so distributed,
    so fault-tolerant that they make what Google has look insignificant by
    comparison. They also have some highly talented and very smart people
    working for them -- oh, and they have access to data and code that the
    rest of us don't.

    Attempting to "fight fire with fire" may be emotionally satisfying,
    but it's a major strategic blunder. There are other ways -- better ways.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    security, Jan 18th, 2007 @ 7:01pm

    Formal Training ?

    "Our position has always been that cybervigilantism can have unfortunate consequences. Naming and shaming can target innocent people. The classic scenario was people (in Portsmouth) mistaking pediatricians for pedophiles. The same can happen on the Internet," Atkinson told ZDNet UK
    Hopefully, this partnership may mean formal training for cyber-vigilanties to minimize false positives.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    shimon, Jan 19th, 2007 @ 7:42am

    just have'em shutdown .period

    there is no spammer in this world not connected to a backbone, or some sort of DNS server , so they can be tracked ans shut down, period, the longer it takes for them to operate, the harder will be to track and shut down, but as long as they got "legal" cover as add selling company, they can spam the hell outta the net undisturbed

    well let's all make a contract and send millions of mails out too wherever we find e-mails then this add selling business will go down, e-mail will become obsolete and who knows, net traffic will become impossible

    but that's just what's happening already, i think here i can blame some large ISP's for providing free access to smtp services without quota (msg/day/MB) but this will kinda shut down all interest for a e-mail, who , imo has become obsolete, just use a chat program, drag/drop on person u want to send text/picture/application and let pc send-it when person becomes available and accepts-it... but this is just theory :)

    so no more unwanted messages, just a message service, hey this person (real name id) wants to send you this including this attachment, do u want to accept, then no more mail servers needed, just some social net option, like kind of a telephone, but u can accept or not , before is getting sent to you, so spammer can't transmit nothing, but request for acceptance, and you get only whatever you need and want, list of off-line messages from people you know, or , if you want some from people you don't know, plus a few licensed add vendors, who can sell adds to social nets to display if you opt for (let's say this social net should have like a 1-2 $/month fee so they can hold service without you getting bugged by advertisers/spam/unwanted adds /etc....

    and i think that should be the new aim for future messaging/mailing/ except maybe for internal corporate mail servers, running free inside private lan's

    peek-a boo, no spam here :)

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    billy, Jan 19th, 2007 @ 7:46am

    The Computer Illiterate

    The spammers would have largely less resources if there weren't so many people on the net with seriously infected and seriously open (read vulnerable) machines.
    If everyone expressed due diligence as they should while online with regards to anti-virus, anti-spyware, and firewalls, the world (read internet) would be a much safer place.

    However, I know the more time goes on, the more stupid people will leave severely vulnerable machines online more often. And, I realize that there are programs that cannot be found currently by other programs like anti-virus and such.
    I am sure that it is impossible to secure everything and remove all of the bots.
    I cannot say that the public is not informed, I see warnings about new viruses and stuff like that all the time.
    I can only hope that in a generation or two when I am about 40 to 50 (depending on your definition of a generation), the world will be more technologically adept (see congress people examples from tech dirt for reasons behind that) and more secure. I feel I can say this by studies that were posted on the Wired site showing that the avg length and complexity of passwords has been increasing over time. And I also acknowledge that I cannot directly tie more complex passwords to increased computer security knowledge.
    I am just hoping

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    billy, Jan 19th, 2007 @ 7:52am

    playing evilly

    I am sorry shimon, as much as I really hate it when people get into grammar wars, I feel the need to correct a slight spelling error.
    I ask for your forgiveness ahead of time, as this is not meant to flame you in any way.
    With regards to advertisements, it is "ads", and adds would be mathematical.


    Onto main topic for this added post:
    We could just all fire bomb any company's stores and HQ that is proven to have paid for spammers to send out mass emails.
    I bet they would stop sending them!

    ...
    Either that or anyone they could advertise to would be in jail without email to check it, muhuhahaha!

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This