disLEXia

Wednesday, 25. September 2002

Searching and Seizing Computers and Related Electronic Evidence Issues

Computer Crime and Intellectual Property Section (CCIPS) Revised July 2000. This publication provides a comprehensive guide to the legal issues that arise when federal law enforcement agents search and seize computers and obtain electronic evidence in criminal investigations. The topics covered include the application of the Fourth Amendment to computers and the Internet, the Electronic Communications Privacy Act, workplace privacy, the law of electronic surveillance, and evidentiary issues. This updated version includes discussion of significant changes to relevant Federal law arising from the USA PATRIOT Act of 2001. [Quick Links]
17:20 | permanent link | mail this

A Bounty on Spammers

By Lawrence Lessig Spam is a blight on our high-tech civilization. Lawrence Lessig has an idea: force spammers who don't label their junk e-mail to pay $10,000 to the first recipient who finds them. [Quick Links]
17:14 | permanent link | mail this

AU: Cybercrime code ready

Australia's Internet Industry Association has released a draft of its Cybercrime Code of Practice. The Code sets out standards for data retention and surveillance access for law enforcement, in an attempt to stave off legislative requirements. [zem]
07:28 | permanent link | mail this

Wednesday, 18. September 2002

Internet Filtering Software Wrongly Blocks Many Sites

The Electronic Frontier Foundation (EFF) and the Online Policy Group (OPG) today released preliminary results of research on Internet blocking or filtering in schools. The research examined the effects of N2H2's Bess and SurfControl, two of the most commonly used Internet blocking software products, on Internet searches of all topics from the state-mandated curriculums of California, Massachusetts, and North Carolina. The findings show filters result in many false positives. The final research report will be available in mid-October. [Moreover - moreover...]

One of my sites (http://deepblack.lolitacoders.org/) regulary gets blocked by all kinds of filters, so I'm personally hit by this blocking-false-positive problem.
21:05 | permanent link | mail this

Sunday, 15. September 2002

Taiwan Govt asks hackers to try to break into its networks.

Taiwan-based computer users are being encouraged to try and break into government Web sites. Those who are successful will receive rewards.

"In a bid to strengthen the security of government Web sites and to find any loopholes in the government computer network, we're inviting Taiwan-based computer users to participate in a simulation drill scheduled for the beginning of next year," said Minister Without Portfolio Tsay Ching-yen (ü22M‚—), who is also the deputy convener of the Cabinet's Science and Technology Advisory Group. [Security News Portal]
21:44 | permanent link | mail this

Etzioni: Reply to Spammers

Etzioni: Reply to Spammers. Oren Etzioni has an op-ed in today's New York Times about spam. His proposal:

Though spammers hope to lure us with their dubious propositions ("URGENT AND CONFIDENTIAL BUSINESS PROPOSAL"), they rely on those of us who don't want to participate to delete their messages quietly and go about our daily business. What would happen if recipients instead replied en masse to each message?
... Faced with hundreds of thousands of responses, the spammer would have to use substantial resources to store the responses, sift through them and identify those registering genuine interest.

Edward Felten thinks this is a bad Idea. He is right. It's hard to get in contanct with spammers. And I don't have the time to do so for the roudabout 100 spam messages I get per day.
08:17 | permanent link | mail this

Friday, 13. September 2002

Thousands of Warcraft players have been banned for two weeks after being caught cheating

[BBC News | TECHNOLOGY]
22:28 | permanent link | mail this

What does the Düsseldorf blocking order want to say?

http://md.hudora.de/blog/bgems/images/zensur.png" align="left"> While the Chilling Effects of a German state trying to block some US websites would justify a long discussion on itself, the letters of the district government's blocking order strike me as another Example of the problems the legal community has at talking about technical circumstances.

While I have a dim feeling what the district government wants to get blocked, I can't find it in their words. They talk about the internet pages http://www.stormfront.org and http://www.nazi-lauck-nsdapao.com But it seems they don't mean this pages but the whole sites since they don't use the pages referenced by the URLs above as reasoning for the order but several other pages accessible on the servers via the same domain name (FQDN).
They also use pages on another domainname for reasoning, e.g. http://stormfront.org/german/zonen.htm - this URL results in no page at all built-in a HTTP-Redirect to http://www.stormfront.org/german/zonen.htm which is again on the same domain name like the two ordered to be blocked. They also mention "all offerings of nazi-lauck-nsdapao.com". http://nazi-lauck-nsdapao.com seems to present the same content as http:/www.nazi-lauck-nsdapao.com. Later they speak of "the service providers stormfront.org and nazi-lauck-nsdapao.com" They ask for blocking of the offerings above.

So what could that mean? They speak about the ISPs stormfront.org and nazi-lauck-nsdapao.com. So they might mean blocking all offerings of this ISPs. This wold mean blackholing their (IP) netblocks at router level. But since the district government also agrees that it is OK to do blocking by DNS forgery which can't be used for blackholing netblocks they must mean something else than blackholing netblocks.

What they might want is that certain names are not reachable. www.stormfront.org and www.nazi-lauck-nsdapao.com seem to be the names they mean. But wait, at http://nazi-lauck-nsdapao.com there is the same content as at http://nazi-lauck-nsdapao.com, so this should be blocked, too.

Perhaps they mean *stormfront.org and *nazi-lauck-nsdapao.com should be blocked. But then there is no reasoning in their order why stuff like http://kkk.stormfront.org or http://whemporium.stormfront.org/ is illegal and should be blocked, too. So that can't be what they mean. I'm confused.

Let's try again: They want "pages" to be blocked. They write of HTTP-URLs. This makes you think that they want Web-Pages to be blocked. This means port 80 and maybe port 443 of the IP addresses used by www.stormfront.org and www.nazi-lauck-nsdapao.com have to be blackholed at router level. But wait! We don't know anything about the webservers hosting the webpages for this domainnames. Maybe we hit thousands of other, non-illegal sites, when these Servers employ virtual hosting. This would be very unreasonable, they can't mean that.

Back to forging DNS. But wait again! Forging DNS does not only block web pages but all traffic to the hosts referenced by the blocked names. But there seems to be no proof that the usage of IRC, ftp and mail at this hosts is illegal. So this interpretation of the order seems unreasonable again.

I'm still confused. I'm unable to interpret the blocking order in a logical consistent manner. Maybe it's me. Maybe it's the wording of the order.
01:09 | permanent link | mail this

Thursday, 12. September 2002

Spam Hits Some Anti-Spammers, Who Think They Have a Culprit

Tens of thousands of readers of e-mail newsletters have recently been spammed, and the newsletter publishers are blaming the company that manages and distributes the newsletters for them. [New York Times: Technology]

Spammbusters seem to get out of hand recently. See also John Gilmore on it , replies to John and the Problems of Edward Felten.
09:25 | permanent link | mail this

Thursday, 05. September 2002

US Computer crime procedure manual: New Version

This manual is designed to combine an updated version of the Guidelines' advice on searching and seizing computers with guidance on the statutes that govern obtaining electronic evidence in cases involving computer networks and the Internet.
00:26 | permanent link | mail this

Wednesday, 04. September 2002

Thought Police

I thought I stepped into Blade Runner for a moment, but I was just really just reading about the law school classroom of the future. The description just gives me the willies. I know I'm a little obsessed with Chirelstein (really, I just can't explain it), but I must note that he never went to class. Law students aren't children... [a mad tea-party]
07:40 | permanent link | mail this

Tuesday, 03. September 2002

Safer surfing for kids

A website dedicated to improving child safety on the internet has been launched by education groups across Europe. [dws.]
18:18 | permanent link | mail this

Friday, 30. August 2002

FEC OK's SMS spam without saying who paid for it

A decision by federal election regulators to exempt text-based wireless ads from campaign disclosure rules has critics warning that consumers could find their mobile phones subject to a flood of political spam as campaign 2002 kicks into high gear. http://www.washingtonpost.com/wp-dyn/articles/A49356-2002Aug22.html [Hal Murray <hmurray@suespammers.org> via risks-digest Volume 22, Issue 22]
19:44 | permanent link | mail this

CIO Cyberthreat Response & Reporting Guidelines

[LinuxSecurity.com - Latest News]
08:30 | permanent link | mail this

CIO Cyberthreat Response & Reporting Guidelines

[LinuxSecurity.com - Latest News]
08:30 | permanent link | mail this

disLEXia, a research project by Maximillian Dornseif