2007/07/27

A Trio of Internet Regulation Tidbits

Senators Call For Universal Filtering
They've danced around the issue. They've tried to couch it in language that privacy advocates would not find objectionable. But on Wednesday Senators Inouye (D-HI) and Stevens (R-AK) both called for universal Internet filtering and monitoring in their respective committees. And to ensure that they would not be challenged, civil liberties groups were not invited to testify.

Maybe These Guys Could Help...
ISPs and Telcos use 'packet inspection' technologies to help prevent against DoS (Denial of Service) attacks and to comply with government ordered wiretaps. That's nothing new, but a new class of technologies that employ 'deep packet inspection' will soon give the ISPs the ability to shape, delay, block, or record traffic based on content. Want Google to fork over a briefcase full of cash? Stop every email packet destined for Gmail. Decide Senator Inouye is right? Dig through every packet for porn and shunt the data to the Feds.

...And My Taxes To Pay For The Data
Having to get a Federal Court order when you want to examine a broad swath of Internet traffic is a pain for the FBI and a money sink for the ISPs who have to intercept and store the data. But a new program will at least deal with the latter problem by paying the the ISPs and Telcos to gather, store, and categorize all the traffic that law enforcement so desperately wants. Your tax dollars at work.

Labels: , , ,

2007/07/18

Fedware - The New Frontier In Malicious Software

Malware (malicious software) is scary enough. A rootkit can give an attacker unfettered access to your system and your most sensitive data. A keystroke logger can capture the passphrases that you use to encrypt files and volumes. These days, especially on Windows, you absolutely must have security software that continuously scans for the viruses and worms and install the malicious pieces of code. But what about when it's the federal government doing the attacking?

Recent high-profile prosecutions have revealed that, for example, the DEA employs keystroke loggers to give them access to the encrypted files of suspected manufacturers of illegal drugs, and if the DEA is doing it you can bet the farm that the FBI and Secret Service are as well. So here's the question: How do you protect yourself against over-zealous law enforcement agencies installing Fedware on your computers? And more importantly, will your security software manufacturer protect you or expose you?

Oh sure, if you're up to no good a rootkit is sort of like a wiretap, ordered by a court and used for evidence gathering. But we know that the Bush Administration, under the guise of fighting terror, has instructed the DoD and FBI to illegally monitor all sorts of groups--peaceniks and protesters--that aren't exactly out there cooking crystal-meth to feed to your kids. So what do you do to protect yourself.

Unfortunately, the answer may ultimately lie with the company whose security software you choose, and when a Federal order comes down many vendors, such as CheckPoint (ZoneAlarm) and McAfee (Norton), will quietly ignore Fedware and won't tell you about it. Hell CheckPoint goes so far as to 'whitelist' borderline software from vendors that request an exemption. But really...should you even trust what a vendor says about their policy on detecting Fedware? After all, they're in the business of selling you a security package, and if they reveal that they're...essentially...not secure, why would you stick with their product?

Ironically, the solution to this problem may lie with the open-source software community. A high-quality, thoroughly reviewed, well-understood, open-source security package may be your only defense against Fedware because, in the end, there would be nobody that could be ordered to intentionally sabotage the product.

Labels: , , , ,

2007/07/16

Microsoft's Vista - OS or Peeping Tom?

There's a lot of news out of Redmond these days, and most of it is bad...for consumers that is.

It's An OS / It's An Ad-server / It's A Peeping Tom
Check out this patent application. Pretty much turns your operating system into a server of targeted ads. But that's not all. No sir-ee! The sources listed for making ad-serving decisions include: "...user document files, user email, user music files, podcast files, computer status messages, and a profile database storing existing tag data." It other words ALL YOUR PERSONAL FILES! Now that's innovation!

Try Then Buy Before Your Files Die
In order to increase uptake on Office 2007, Microsoft has put in place a "Try Before You Buy" program. The kicker for users is that "trying" Office 2007 will convert any files the program touches to Redmond's new document format, a process from which there is no return unless you get a compatibility pack that allows you to get access to your important documents.

Legal Discovery? Why It's Built In
I'll let this tidbit speak for itself:
Vista—Microsoft’s latest operating system—may prove to be most appropriately named, especially for those seeking evidence of how a computer was used.
Automatic backups, "shadow file copies", detailed system transaction records...a litigator's paradise!

Labels: , ,