Category: Bad Stuff

Broken phones, nuisance calls, security, bad stuff

Categories
Business internet security

Britain needs eJudge

Had a meeting yesterday with the Police Central eCrime Unit in London together with a few other leading ISPs and content providers to discuss how the industry can help tackle eCrime.

Part of the problem is the speed at which things happen in the internet world when compared with the “good old fashioned” Old Bailey style of justice where response times are slow and delay is the norm . 

For example a police officer working on a case can take days for to obtain a court order requesting data on a suspect from an ISP.  In this time the gang has moved on and is lost to the justice system. A Communications Provider needs a court order to do this as providing such data without one is in breach of privacy laws, despite the cause notionally being a good one.

The solution is likely to be to put a system in place to speed up the process.  Whilst speed of communications between police and ISP could possibly be improved it seems to me that the whole area would benefit from specialist “eJudges”. 

An eJudge would be conversant with the  workings of the internet and being able to respond in real time to requests for Court Orders.  Such a judge would not have to sit in on normal court sessions.

The bit about understanding how the internet works is a real issue.  In recent times ISPs have been the subject of court orders requiring them to “remove certain websites from the internet”. 

Whilst an ISP can take down a site hosted on its own servers it can’t completely remove it from the internet because that site is likely to be cached in many places (countries) and could be easily replicated elsewhere.

In this instance the ISP would likely be in breach of the court order even though it had removed the offending site from its own server.

I realise that it is unlikely that a court would pursue the ISP in such a case but this does hilight the ignorance of  the judiciary in these matters.  

Rumpole of the Bailey is not equipped to cope with modern criminals and specialist eJudges would be a very cost effective solution.

Categories
Business internet security

Home Secretary announcement on Communications Data

Big in the news yesterday was Home Secretary, Jacqui Smith’s announcement that the Government will not be creating a central facility to store details of our telephone and email communications.  It even made prime time BBC TV News. Instead the Government will pursue a strategy of getting individual Communications Providers to store their own customers’ information.

I wasn’t going to comment on this because there was so much press coverage, much of which included answering statements infrom the industry trade body ISPA which I had already had a hand in. It is however worth restating some of the points.

Firstly I am, as an individual, nervous about having all this information situated in a single central database.  It is a near certainty that at some time all of it will be compromised, either by negligence or by criminal activity. 

Secondly I think the Government is misguided if it believes that it will be able to excercise any sort of control over what happens on the internet.  Technology is changing so quickly that any system implemented by Government is going to be expensive whatever its purpose (monitoring/intercept, preventing P2P illegal downloads, preventing access to illegal websites, location tracking etc etc -) and would very quickly be out of date.  The costs of maintaining it would be a significant line item in any budget statement.

Moreover, based on track record, you can bet your bottom dollar that the time taken to implement any such a system(s) would be so long that it would probably have to be reinvented several times during its development and eventually end up in Regents Park Zoo in the White Elephant enclosure. 

PS I can see an idea for the next sci fi movie blockbuster here. It’s a cops and robbers story in cyberspace. Hollywood producers queue here 🙂

Categories
Business internet security

European Commission forecasts 193 Billion Euro cost of cyber attacks on networks

I note that the as cyber attacks on networks become more sophisticated the EC has forecast a 10% – 20% probability that telecoms networks will suffer a major breakdown within the next 10 years.  They have also estimated a potential global cost of 193 billion Euros as a consequence of such a breakdown.

To mitigate against such a scenario the EC is establishing a Public-Private Partnership for Resilience which “will help businesses share information with public authorities to ensure that adequate and consistent levels of preventive detection, emergency and recovery measures are in place in all Member states”.

I’m all in favour of this kind of thing though somewhat sceptical about its likely efficacy.  Industry is more likely in my mind to sort out its own shop through the likes of the IETF and LINX et al.

That said I do think that Government is goingto have to become far more deeply involved than it is in the internet space.  We are seeing it starting to happen and the Digital Britain Report (final report due out in early May which is light speed as far as Government is concerned) is part of this. 

It is easy to see that the potential cost of telecom network disruption could be huge.  I don’t know what the likely cost of last week’s BT fibre break in London is going to be but  just the costs of managing customer complaints would have been significant let alone the costs of the disruption to traffic. 

I missed out on a few news items to comment on last week due to being on holiday.  It’s good to be back though 🙂 .

Categories
Business security

Docklands security – further note

The G20 Summit is of course taking place at the Excel Exhibition Centre in the Docklands.  The big day is Thursday when the leaders are all there.  They are expecting demonstrations around Canary Wharf and Custom House, Prince Regent and Royal Victoria DLR stations will be shut (and possibly Bank).

The recommendation is not to go anywhere near there this week if you can help it.

Categories
Business datacentre security

Security Tightened at London Datacentres for G20 Summit

Security is already pretty tight at our London datacentres.  This coming week will see security stepped up further as the G20 Summit takes place in town.  I’m not going to go into any details but at least BT are less likely to have any 21CN line cards stolen next week.

I’ve also had a number of meetings rescheduled from next week due to “security concerns”

Categories
Business internet security

Conficker worm update

I hadn’t realised but the Conficker worm is programmed to go live on April 1st.  This malware has already been the source of problems for IT managers but nobody knows what it is really destined to be used for.

Currently it accesses 250 ip addresses from which it can take instructions.  On April 1st this is due to rise to 50,000 which makes managing any attack a lot harder.  The nature of the attack to come is still unknown.

The good news, and the point of this post, is to update readers on the fact that over the weekend industry security specialists have finally identified how to “fingerprint” Conficker.  This means that simple security scanners can be used to detect whether it is on your PC. 

Previously it has involved length full virus scans on computers.  A process that when multiplied by the number of PCs in an organisation could have been impossibly long and consumed huge amount of IT support effort.

Because April 1st is so close the recommendation is that you check with your security vendor to see whether they have an update and to implement that update asap.  Don’t take any risks.

Categories
Business internet security

UKCCIS board meets

On the 10th of this month the UKCCIS board met  co-chaired by three Members of Parliament including Home Secretary Jacqui Smith.  Since its formation UKCCIS has concerned itself with putting together the structure of the organisation to take it forward and it has now announced a number of working groups.

These include “Better Education” (chaired by Niel Mclean of BECTA), “Public Information and  Awareness (Clive Michel of CEOPS) and Video Games (Brian Leonard, retired civil servant). There is also a group known as “Industry Standards” run by Amanda Jordan of Corporate Citizenship.  Apparently the name of this group is subject to change.  Don’t ask me why. 

Whilst the large committe and the high profile board chairs does send out a message undelining the importance of the activity and  its level of Government backing you do wonder about the amount of time they are spending deciding on the names of the working groups!

Previous posts on UKCCIS here.  Latest UKCCIS newsletter newsletter-no-5-march-2009.

Categories
Business internet security

German court declares against data retention act

The Data Retention Act, which is about Big Brother getting out of control, is being rolled out across the European Union.  I’ve posted about it on a number of occasions, including here and here

The story has taken an interesting turn with a German court pronouncing it invalid.   Specifically:

“The court is of the opinion that data retention violates the fundamental right to privacy. It is not necessary in a democratic society. The individual does not provoke the interference but can be intimidated by the risks of abuse and the feeling of being under surveillance […] The directive [on data retention] does not respect the principle of proportionality guaranteed in Article 8 ECHR, which is why it is invalid.”

It seems to me this is going to hot up a little in the UK.

The link to the whole article is on the vorratsdatenspeicherung website 🙂

My thanks to James Blessing for this link.

Categories
End User security spam

Spam not Spam

I have recently started corresponding with Randy Abrams of anti virus company www.eset.com.  He has commented on some of my posts in the past.  He offered this postulation today:

“Sometimes I receive spam from legitimate companies. They shouldn’t be spamming me, but this isn’t the Viagra, Rolex, and other run of the mill spammers I am talking about… these are generally IT companies.

So, I am considering automatically subscribing these spammers to Industry News with an email indicating that they have been subscribed and can choose to opt out. Your thoughts. Good idea? Too good for them?   Give it a try?”

My standard response to legitimate spammers is to reply to them asking whether they have read www.trefor.net?  It seems only fair.  They are sending me unsolicited mail.  It’s amazing how many of them then do read the blog,  I get quite a lot of positive feedback this way.  I’m sure some of them are reading this post now 🙂 .  I have a fairly relaxed view on life.  We are all trying to earn a living.  We all need to be friends within sensible bounds.

Categories
Business internet security

Office of Security and Counter Terrorism

Met with the Home Office, Office of Security and Counter Terrorism (OSCT)  today.  Not unsurprisingly the OSCT has grown from zero to over 200 staff in 18 months although only three of them are internet oriented.

The department’s mantra is the 4Ps:

Pursue – police & security forces
Protect – making UK a harder target
Prepare – for the eventuality there will be another attack
Prevent – stop people becoming violent extremists in the first place

One of the subjects under discussion was part of the report produced by The International Centre for the Study for the Study of Radicalisation and Political Violence (ICSR) – blogged about the other day.  Specifically how to go about promoting more positive use of the internet.

They talked about “flooding the internet” with positive messages about Muslim groups quitely practising their religion and not indulging in fanaticism that leads to violence.  I though the idea of  flooding the internet was somewhat ambitious. 

What they really mean is that one of the proposals is to educate groups on how to make the best use of the internet to get their positive messages across. Search Engine Optimisation etc.  I could imagine the Government secretly paying Google to raise the rankings of websites promoting  peaceful activities 🙂 ! 

It is worth taking a look at at the Alliance Of Youth Movements Summit that took place in New York (New York)  in December 08. This get together was part of a drive to promote the positive use of the internet.

Categories
End User internet security

Pirate Duck Update – Gordon Brown Petition started

Notwithstanding anyone’s particular feelings about the suitability of the Pirate Duck as a technology blog post it is worth looking at what has happened since it first hit the ether yesterday afternoon.

The Facebook group Save The Pirate Duck hit 50 members the same evening. Now, 24 hours after the group was started, it has 120 members (up by 7 since I started writing this post). The group has 10 wall posts and one video link.

Pressure group, Pirate Duck People’s Coalition, has also set up an online petition urging Prime Minister Gordon Brown to help save the duck. So far there are 5 signatures and I’m sure this number will increase further – it is only a matter of time.

I have also had a request by a prominent radio station to field a spokesman for an upcoming investigative special this weekend. More details on this once it is firmed up.

Clearly democracy is flexing its muscles here and the power of the internet is being used to promote the will of the people. Anyone wishing to contribute their time, money or simply expressions of support should joing the Facebook group and sign the petition.

Also constructive ideas on how to track down the perpetrators of the crime are welcome as hitherto the team’s investigative efforts have drawn a blank and the duck remains firmly ducknapped.

Categories
Business security

Coroners And Justice Bill

Internet security issues were again covered in Parliament last week as the Coroners and Justice Bill was debated in committee.  I don’t envy Parliamentarians. The complexities of what they are having to deal with are enormous.

In this case they are trying to improve the law to further protect children from online threats. The opening line of the questioning reads like this:

“It is curious that it is illegal in this country to groom a child for sex but not illegal to groom a child for suicide.”

It is worth reading the rest of the text of that particular section of the debate here. We are bound to see increased legislation in this space I feel.

Categories
End User security

Victims of internet piracy

Internet crime came closer to home today with the kidnapping of one of the Timico NetOps  team’s key players, the Pirate Duck. 

Criminal sophistication has reached new heights with this case.  The gang responsible for the crime has set up a web page, www.wheresmyduck.com,  so that distraught owner, engineer Ian P. Christian, can reassure himself that his duck is as yet unharmed and being looked after.

Efforts to track down the owner of the domain name have been fruitless as the “Who Is” function for that domain has cunningly been disabled.  No ransom demands have been received as yet but Ian is standing by his PC anxious to hear more news.

Ian is fairly phlegmatic about this incident. “He was after all a pirate duck and he who lives by the sword…”

The victim’s twin brother is pictured below.  Any information leading to the safe retrieval of the duck will be gratefully received. The incident is being dealt with privately and the Meteropolitan Police eCrime Unit has not yet been called in.  If you want to show your support for this cause you should join the Facebook group “Save The Pirate Duck

pirateduck

Categories
End User internet security

Online identity theft cost USA $48Bn in 2008

I was amazed to read in a press release by Anti Virus firm AVG that online identity theft lead to $48Bn worth of fraud in 2008 in the USA alone. This was part of a press release issued by the company today regarding its new Identity Protection product.

You can read the press release yourself but this is certainly topical for me having only last week attended the ISPA Parliamentary Advisory Forum on ecrime. The scale of the activity clearly makes it worthy of its own specialist blog rather than just getting the occasional post in mine.

I think I will follow up with a top ten security tips for safe use of the internet. Many of these tips will be obvious and just involve a little discipline on the part of individuals. More anon.

Categories
Business security

ISPA Parliamentary Advisory Forum on e-crime

The average punter knows very little about e-crime. I can’t say I’m an expert myself but I had an eye-opening afternoon yesterday at the ISPA Parliamentary Advisory Forum on the subject. Attended by both MPs and industry stakeholders the meeting was standing room only which perhaps underlines the level of interest in the subject.

We use anti virus software in the belief that it stops nasty people putting nasty things on our PCs that will destroy our files. In the early days of e-crime this is what it was all about. Nerds sat in their bedrooms writing viruses with no real objective other than showing the world how big and powerful they were.

From around 2003 all this changed and e-crime became big business and the sad teenagers in bedrooms have turned into professional software writers working for organized gangs.

Now the crooks don’t want to break your computer. In fact they don’t even want you to know they are there. The malware that they deposit on your PC just sits there quietly logging your every keystroke. When you make purchases online your credit card information is logged and fed back to the gangs. The Conficker A virus even made your network run more efficiently so that it could better perform its job.

Until last year, when they were stopped, there were websites such as “darkmarket.com” (Google it for more info) where criminals talked to criminals, swapped trade secrets and engaged in crooked business such as the sale of stolen bank account information.

This criminal activity is organized primarily from the former Soviet Union, China and Brazil. The crooks know how to work the system. They never steal information from their own country. That way if a local police force is asked to assist with an international crime there is less incentive.

The police in Sao Paulo, for example have to deal with a high murder rate on the streets. How do you prioritise credit card fraud overseas in that case when you have limited resources to address problems on your own doorstep.

An Ukranian gang was said to stop the process of infecting a PC if it’s IP address was found to be Ukranian specifically to avoid the attentions of the local rozzers.

So what is being done in the UK to try and combat e-crime? It ain’t easy. Detective Superintendent Charlie McMurdie, who incidentally looked as if she was straight out of an action cop movie, runs the 30 strong e-crime unit at the Metropolitan Police and was speaking at the meeting.

With a team of only 30 people the police have to concentrate on big crimes. If someone rips off £50 from your credit card or bank account they aren’t interested. You are supposed to report it to the banks who then submit a collated picture to the police. In reality much of this type of crime goes unreported so nobody really knows how much of it is going on.

Where the police do get involved is with serial crimes. In other words whilst if someone pinches £50 from your e-wallet they aren’t interested, if someone does it to a thousand people then they are and this has happened in the UK.

Unfortunately, for someone who gets caught the penalties for this type of crime are often very low, community service for example, so the disincentive isn’t there. What’s more e-crime is often zero touch. In other words if someone steals TV programming and sells it to a Russian online TV Channel then the only thing affected is a potential reduction to the revenue stream of the rights holder. The man on the street is unharmed. This makes it less interesting to the police and is why the likes of BSkyB employ former policemen, effectively as revenue protection officers.

It isn’t fair to say that nothing is being done in the UK to prevent e-crime but the whole subject area is a difficult one and merits not only more effort but also improved levels of international co-operation due to the cross border nature of the game. I am afraid this is going to be an uphill struggle.

Categories
End User internet security

Conficker Virus (also known as downadup)

I picked up the Conficker worm whilst at LINX64 yesterday.  I’m pretty sure I was one of the few Microsoft users in the audience of out and out geeks so I know not whence it came.

My virus checker caught it, or at least told me it was there. This morning I gave my machine a complete set of security updates and it is now clean.

This is not an easy worm to remove. You can use a free tool provided by Symantec at this location. The Microsoft update that patches the vulnerability is at this location.

Categories
Business security

Ex MI5 chief echoes concern over civil liberties

Dame Stella Rimington is in the news today attacking the government’s postition regarding data  retention.  This is in tune with comments previously made on this blog.

I sympathise with the need to guard against terrorism but you do get the feeling that we are moving backwards. When I was growing up we were hit with propaganda about the communist enemy.  A police state where people were frequently spied upon just in case they had views that were contrary to official policy.  Increased levels of surveillance in order to catch terrorists is undoubtedly going to impact on many innocent lives. If we are not careful we will end up mimicking the police states that we were cricisising not so long ago.

Categories
Business ofcom security voip

Skype Security Italian Style

The BBC today has reported that Italian crooks are using Skype to avoid detection by police who use traditional wiretapping to monitor phone calls. The Skype signaling and  media path is encrypted which makes it very difficult to tap into. Also because, as a Peer to Peer protocol Skype doesn’t use any centralised servers that might be able to be monitored it adds to the difficulty for law enforcement agencies.

The whole problem is then compounded by the fact that because VoIP/Skype is a very nomadic service, ie you can use it from any internet connection anywhere, it becomes difficult to track the location of a caller.

This is a problem being looked at by Ofcom as part of the process of caller location identification for the emergency services. Currently if someone makes a 999 call from an unknown address, it is difficult to pin down where that call is being made from, at least in a timely manner.

There was a high profile Canadian case where someone dialled for an ambulance and it went to a location three thousand miles from where the call was actually being made from because the address held by the operator was not the address from which the call was being made. 

When a VoIP call is made the details of the call logged by the Internet Telephony Service Provider include the IP address of the originating party. If you are an Internet Service Provider (note the distinction between ITSP and ISP – an ITSP often does not provide the underlying broadband service) you can correlate this IP address with a physical address (ie house number and street).

The problem is that this is a manual process and would likely take hours at best and potentially a couple of days. This is a process that could be automated but it is something that would probalby cost billons to implement universally in the UK.

I’m sure there will be more to say on this subject in 2009. As a final note it is often said that the security forces, aka GCHQ and CIA et al have not cracked the Skype encryption technology. I find this difficult to believe.

Categories
Business security

$250k reward posted by Microsoft

I see that Microsoft has offered a $250k reward for the arrest and conviction of the authors of the Conficker worm. This is the one that was causing Timico customers issues in the run up to and over the Christmas break.

I did suggest to one of our tech support guys that were he to admit to the offence the rest of us (who would have pocketed the cash) would be eternally grateful. Funnily enough he didn’t think it was a good idea.

I do get images though of a bounty hunter turning up at the Microsoft HQ in Seattle with a guilty looking nerd roped kicking on to the saddle of his horse.

Categories
Business internet media piracy

ISP and Music industries meet at UK Summit

At the board room of the Performing Rights Society in London today the great and the good of the UK Music industry met with representatives from the mainstream ISP community for an open discussion on how to handle illegal P2P music downloading.

Organisations represented included UK Music,  BAC&S, PPL, PRS, MMF, MPA, MU, MCPS, MPG, Timico, ISPA, O2, Orange, AOL, Yahoo, BT, GlobalMix, LINX, Playlouder and KCom. I’m sure I’ve missed some out and you will have to work out for yourselves what some of the acronyms stand for.

I was essentially there on behalf of the Internet Service Providers’ Association to represent the smaller ISP community who have been left out of the talks up until now. Whilst the “big six” largest ISPs probably represent over 90% of the market the other ISPs, of which there are easily in excess of 300, do represent a “significant other”.

As much as anything the meeting was a “getting to know each others’ perspective” session but a few points in particular stuck in my mind.

  1. We were not allowed to discuss commercial issues and there was a lawyer sat in the corner who interrupted whenever the conversation moved towards this area – the concern being that nobody wanted the meeting to be seen as price fixing. I understand that any initiatives up until now have failed because the Music Industry can’t agree on prices that will allow ISPs to make money out of offering legal music download services. 
  2. It was suggested by yours truly that to make the whole business model work there needed to be a wholesale provider that would make it easier for smaller businesses to participate.  This wholesale provider would have sorted out the rats nest of copyright and licensing issues. Some larger ISPs had 5 corporate lawyers in a department exclusively dedicated to this area. What hope the rest of us!

There is clearly some way to go to get to a working solution although there was general agreement around the table that  everybody wanted to help.

ISPs present were asked whether P2P traffic caused problems for them on their network. I stated that typically B2B ISPs did not throttle P2P traffic  and customers were provided with a high quality experierience for which they paid a premium.

In the consumer space customers seem not prepared to pay for quality and thus in order to try and preserve a reasonable experience for “ordinary” applications such as browsing and email  it is often standard practice for ISPs to throttle P2P traffic. In fact in fairness some ISPs publish these policies on their website. This touched a nerve with one Tier 1 ISP who avoided the word throttling using, instead,  “traffic management” as a less contentious phrase.

Categories
Apps Business mobile connectivity security UC voip

The Channel Wars – Which Channel Will Win The Convergence Battle?

No I’m not talking TV channels here. I’m talking channels to market for converged services. And I’m not talking about which company within a channel will win. I’m talking about which channel will win.

Out there in the big wide world there are three basic types of channel that sell communications services:

  • mobile resellers,
  • PBX resellers and
  • IT resellers

Traditionally none of these channels have stepped on each other’s toes. Ok I know there are probably companies out there that might claim to cover more than one of the spaces but seldom all three.

Certainly mobile dealers find it hard to sell non mobile services. Although PBX resellers have had to get to grips with some aspects of networking in order to be able to sell VoIP enabled products they are far from being involved in the whole gamut of IT related products and services. 

Finally in my experience an IT reseller usually doesn’t have the knowledge to be able to sell voice, be it fixed or mobile. It’s not their space.

The UK is moving at high speed towards being a totally internet connected country. If anything it is speeding up (witness yesterday’s Digital Britain announcement and last year’s roll out of 21CN) and the communications requirements of businesses are going to get evermore complex and ever more converged. 

Convergence and Unified Communications are somewhat trendy buzzwords which have different meanings to different people. The fact is however that businesses will increasingly want to buy services that work with their other services:

  • VoIP that works over a variety of both fixed and mobile networks
  • Integration of the office phone system with the applications sat on a desktop and with mobile devices
  • Seamless portability of applications and backups of key corporate data 
  • All this without compromising on network security

Currently I believe it is only high end corporates that can really indulge in a communications roadmap that embodies the true vision of Unified Communications. However I do think that a new breed of business is appearing that smaller companies and channel partners can turn to for access to the wider range of skills and technologies needed to service this new connected market.

This type of business, call it a super-convergence provider, will be able to partner with any reseller from any channel and offer them a range of products and services that is complementary to what they already do. So  mobile, voice and IT resellers can carry on with their core business without having to worry about not having all the arrows in the quiver.

So what is the answer to my original question? Which channel will win? I guess my view is that the winner will be the channel that works best with the new breed of super-convergence service providers, one of which is clearly Timico.

I’d be interested to hear from people who have views on this subject, either by commenting on this blog, on facebook or by contacting me directly.

Categories
End User internet security

Cyber-vigilantes

Circulating on the law inforcement distribution list of the Internet Service Providers’ Association today is information regarding a website called extremeporn.org.uk which appears to have set itself up as a vigilante-type organisation to hunt down downloaders of illegal extreme pornography.

According to their website:

“At present, our primary activities are categorizing and monitoring torrents. Our system, once a torrent is added to it, will periodically poll the tracker for geoIP technology to guess with high accuracy (approximately 99.5%) their location. If the IP is geolocated to somewhere other than the UK, no further processing is performed; otherwise our system checks to see whether an existing record for this IP and torrent exists. If so no further processing is performed. If no such matching record is found, the system inserts such a record.”

… and that record then generates an email to the relevant abuse team (ISPs have an “abuse@” email address that is used as standard to report illegal activities).

I’m sure that many if not all abuse teams are aware of the limitations of the above procedure, which is that having your IP address attached to a torrent implies one of four things:

a) you are actively fetching or distributing the file

b) you are an academic researcher who is monitoring the torrent, but who is not uploading or downloading at all

c) your IP address has been selected at random by the owner of the tracker to add to the list of active IPs so as to bring this type of tracking into disrepute

d) your IP address has been specially chosen by someone who wishes you harm and who has deliberately added it to the list of active IPs so as to cause trouble.

Case (a) is what the people running the extremeporn website think they are dealing with.

Case (b) has been well documented by researchers at the University of Washington http://dmca.cs.washington.edu/    .

Case (c) is believed to be behind the large number of incorrect copyright abuse allegations currently flooding the market 🙁

There is a strong belief that Pirate Bay is doing this deliberately (anyone with an on-the-record citation for this, I’d be really pleased to get this).

Case (d) is of obvious concern. The U of Washington people falsely accused their laser printers of sharing Hollywood movies. In this area there is an obvious risk of defamation or worse!

My thanks to Dr Richard Clayton of the University of Cambridge Computer Laboratory for this analysis. Richard is an expert on internet security and was recently quoted on the BBC concerning the Data Protection Act. Readers should note that I am in no way supportive of people downloading extreme pornography. It does seem that the approach described above is flawed.

Categories
End User internet spam

Spam attacks

Trefor.net  started being subjected to spam attacks a while ago. Any domain that has been in use for a while gets it as spammers’ systems learn of its existence.  The interesting thing is that these attacks come in waves. I can sit in the Network Operations Centre and watch email traffic surge due to an attack.

The occurrence of these waves often coincides with spam on trefor.net which appears as comments in posts. Fortunately I have to moderate comments so they aren’t seen by readers. I never get spam email because our systems catch pretty much all of it.

Categories
Business internet security

Child Exploitation and Online Protection (CEOP) Centre In the BBC News

Woke up this morning to another interview on the BBC News that concerns the ISP industry (is there a song there?). This time Jim Gamble, CEO of CEOP was speaking with BBC journalist Angus Crawford regarding the fact that CEOP often gets charged by ISPs when requests for information are made concerning child protection.

Gamble is suggesting that not charging should be the norm and that ISPs should see it as part of their social responsibility. Bit of an emotive subject this one.  I have more than the average number of kids and of course I am interested in protecting them from sick, deranged individuals that roam the wild wild web. I am also a businessman and we have to keep a bit of perspective in play.

Firstly the ISP industry is legally entitled to recover costs under the  Regulation of Investigatory Powers Act (RIPA). Secondly typically when ISPs “cover their costs” all they are doing is recovering a contribution towards their costs rather than the total cost (see penultimate paragraph).  Thirdly the industry gets many thousands of these requests each year.

If there wasn’t a mechanism there to keep these requests down the those actually required, ie by charging for them, the concern is that the floodgates would open and the costs would skyrocket. These costs have to be borne by customers. 

The numbers quoted by CEOP are as follows: 

How much has CEOP paid to Communications Service Providers in each relevant accounting period since setting up in 2006?             

Financial year breakdown:
Financial year 2006/2007                             =       £   37,184.32
Financial year 2007/2008                             =       £   69,717.46
Financial year 2008/2009 (to Dec 08)            =       £   64,604.21

Total                                                        =      £ 171,505.99

How many such requests has CEOPS had for access to information since 2006?   

Financial year breakdown:
Financial Year 2006/2007 Total applications =   1,200
Financial Year 2007/2008 Total applications =   3,600
Financial Year 2008/2009 Total applications =   4,600

Total                                                    =   9,400 

The CEOPs argument is that this money would be better spent on a couple more staff. In fact the charges, if you use the above numbers, work out at around £14 per request which in my mind is exceedingly good value. It certainly doesn’t cover the actual cost of the support.

The ISP industry covers so many areas of interest that it seems to have been in the news a lot recently. Intellectually it is a very interesting space to be and for ISPs brings with it particular challenges: consumers that want to pay very little but demand more for their money and stakeholders fighting their own corners left right and centre contribututing to further pressures on costs. In the B2B space the dynamics are slightly different but nobody can say this is a boring game.

Categories
Business mobile connectivity security

Blackberry gets huge endorsment by Barack Obama

In the news is the fact that US President-elect Barack Obama wants to keep his Blackberry when he becomes president. This must be worth a fortune in advertising to Blackberry manufacturer RIM and indeed their share price seems to have risen quite healthily this week.

The secret service is of course concerned about the Presidential  email security and I will happily leave it to both parties to argue it out. What is of interest is why the Blackberry? Why not an alternative email device such as a PDA or Nokia Smartphone.

I used to have a Blackberry but moved onto Nokia, primarily because the Nokia E-Series had a SIP Stack that would allow me to play with VoIP on mobiles. The Nokia’s were more of a phone as well rather than a clunky data device.

The Blackberry has  moved on since then and a quick survey of the Tech Support team suggests that it now has the edge in terms of features and ease of use. There is now even  a Facebook plug-in for blackberry.

Certainly from a commercial perspective the mobile operators are doing a very good job at incentivising service providers to sell Blackberry as opposed to alternative mobile email solutions. 

What is really exciting is the pace of development in the mobile handset world. Competition is really working here driving features up and pricing down.

RIM 5 day stock performance courtesy of Yahoo Finance
RIM 5 day stock performance courtesy of Yahoo Finance
Categories
Business internet security

Data Retention Act On The BBC News

I woke up this morning to an article on BBC Radio 4 concerning the forthcoming Data Retention Act (see previous post on this). The article was then carried several times on BBC Radio Lincolnshire, my local station – I’m sure it would have been repeated in all the regions.

The BBC’s slant concerned human rights and seemed to have been triggered by Human rights organisation “Liberty”. What has been happening since my post on the subject is that the tone of the Government’s conversation has moved on towards looking for a centralised database containing records of many different types of communications and not just email and telephony. This might include SMS, IM etc.

Nothing is set in stone here but I have concerns on two fronts. Firstly the technical cost and impracticality of implementing such a database would be huge and criminals would always be able to find ways around appearing on the records. Secondly is very much the human rights angle. 2008 saw a number of high profile examples of the loss personal data of millions of people because of stolen laptops and lost memory sticks.

I want to help the authorities catch criminals and haven’t really been too concerned in the past about their keeping my own personal records on file because I am a good boy. However in the light of last year’s data losses and because it is fundamentally not possible to totally trust the government (which is one of the reasons that democracies have elections) I have changed my tune.

If you want to read the BBC article online you can find it here.

Categories
End User spam

Sources of Spam

Spam hotspots
Spam hotspots

I’ve been talking to a number of anti-spam and anti virus technology vendors recently.

It is important to keep up with what is going on in this field. As we move into 2009 it is a subject I will be writing more about.

In the meantime I came across this map of sources of SPAM. There are a number of them floating around online. It is interesting to see that all the usual suspects are there: South East Asia, Russia, Brazil.

I was quite surprised to see so much activity in the USA and Europe. Perhaps I shouldn’t have been.

Categories
End User security

Virus Attack

As everyone who has caught a cold (manflu?) in the run up to Christmas knows, viruses are no respecters of holidays. This is what happened at one customer site yesterday.

The symptoms appeared gradually. Someone could not log into their PC when they came in to work. Then others had the problem. If you were already logged in you were ok. There was nothing obvious that was wrong.

The customer’s own IT person was overseas on holiday so they called in the cavalry. The Timico IT support team set to work immediately and started to analyse what was going on in the customer’s network. The company had two sites and one PC at the remote site was seen to be generating an inordinate amount of network traffic.

In fact what it was doing was conducting an alphabet attack on the company’s Active Directory server. It was trying to log on as an user on the network. Each time it did so three times unsuccessfully for each user account the server locked that account so a genuine user was then unable to log in.

This is of course good news from a security perspective although highly inconvenient from the customer’s point of view as it was very disruptive. The remote site was disconnected and the rogue PC isolated. The attacks stopped.

The virus protection on each machine was updated and a full scan run on each PC in the customer’s network. It is not always possible to tell how a virus enters your network. This customer had external virus scanning on email. It probably came from a website that someone had visited. Their desktop antivirus was in need of updating.

It does reinforce the message that the fight against virus and malware needs to be conducted on multiple fronts. All’s well that ends well and the cavalry rode off into the sunset for a well deserved New Year’s Eve Party. See you in 2009 pardners…

Categories
Business security

Netgenium

I came across Netgenium whilst discussing a security project with one of our engineers. They manufacture Power Over Ethernet (POE) components that are used in building security systems.

These days practically everything can be controlled over secure IP connections. In this case we are now talking locks, speakers, lights and cameras. The first objective is security and control. Card readers can limit entry to certain areas to specific individuals. These card readers also tell a system who has entered which part of a building. This might sound big brotherish but it is a real requirement for many businesses.

The second, and surprisingly useful, by-product is cost saving. For example a company’s security system can be programmed to enable the POE to a desk when that user has swiped his or her card upon entry to a building. POE for a phone can be switched on thus saving unneccessary waste of power. Similarly when the last person leaves, the swipe of the card will turn off the lights and switch on the alarm.

Because SIP is supported the system now creates the prospect of hooking into a PBX announcement system that targets specific zones/locales in a building where an individual was last known to be.

Categories
Business internet security

Ed Balls Starts UKCCIS Rolling

The first UKCCIS Executive Board meeting took place in December chaired by Ed Balls, DCSF Secretary of State and Alan Campbell, Parliamentary Under-Secretary for crime reduction at the Home Office. The fact that this Board is being chaired by such high profile politicians is an indication of the seriousness with which the Government is taking the safety of children when using the internet.

Set up to implement the recommendations of the Byron Report, the committee has initially prioritised a number of areas of concern and is in the process of setting up working groups to move the activity on.

The first four working groups will focus on the following areas: 

Industry Standards (title subject to change)
Aim: To develop clearer common standards (in the form of codes of practice or other guidelines) that are adopted, monitored and consistent with EU partners and are widely recognised as good practice. This should cover the areas identified in the Byron report but, over time, should also look at new issues that arise as technology and user habits move on.

Better Education
Aim: To ensure that children, families and the childrens workforce have access to consistent and comprehensive support and information that improves their knowledge, skills and understanding of internet safety.

Public Information and Awareness
Aim: To develop a comprehensive and joined-up public awareness campaign on internet safety for children and families based on consistent messages that form the basis of the one stop shop for all aspects of internet safety.

Video Games
Aim: To ensure that children and young people have a safer gaming experience and parents are aware of the issues and support mechanisms around gaming.

With the continually changing nature of the internet this is always going to be a work in process but at least a start is being made.