Slashdot Mirror
Mapping The Net And Hunting Down Evil
DiviN writes: "An FT article headlined the Dark
Side of the Web talks about a company that started a while ago to compile a
complete map of the Web. Not only do they claim to have it, but moreover they
say that they can trace any file on the Internet, any attachment and any posting
in a newsgroup to it's origin."
Its a quiet, boring Sunday, and I just can't let this go unchallenged. This is just an overimaginative press release, which has been popping up in the mainstream press for some time now, touting their 100% accurate mapping of "the dark side of the web". They have avoided the technical press, or else the editors of technical journals have bullshit filters in place and don't reprint this crap. The same phrases and anecdotes keep popping up in the same order, they probably have a PR person writing the articles for lazy journos, it happens.
... so-called "snuff", or murder, videos, the corporate server can be programmed to take a copy of the file for use as evidence in future prosecutions and then switch off power to that particular PC. Hey, they played the paedophile and snuff video card. How does their software detect this on client PCs? And how do you switch off power to a particular PC? Do you re-wire the whole building so that every outlet has a computer controlled breaker? Do they somehow disable the power switch on the employees computer to keep them from switching it back on?
on Thursday at the Loch Lomond Golf Club, Actis launched a muscular software program Yep, its a press release written as a story for the FT, who will reprint anything a PR agency hands them as long as it appears story-like.
You can find them at www.actis-technology.com, a company in existence since April of this year. They are a spin-off of buchananinternational.com which claim to have been around for quite a while. Their product is called 'Net Intelligence, apparently the apostrophe makes it trademarkable.
The actis software is essentially a proxy server, which funnels all email, web requests, and other selected traffic through their filters. They give you a list of sites, rated "bad" "not-so-bad" and "approved by Scottish wank^H^H^H^Hhackers", and then let you decide what to do for every alert the software spits at you. For a fee, if you want to track back a file picked up from usenet, they will search their dejanews clone database and tell you where it originally came from.
Check out some of their outrageous claims and mistakes in their press releases.
They spell phreaking as freaking. This disqualifies them from the start.
Consuming about 80 gigabytes of data an hour That means they have a 200 Mbps link at a minimum, and keep it 80% full 80% of the time. Thats a pretty big internet hog for europe, and I've never heard of them. Perhaps they spread that among several providers, but their website is colo at uk2net, running linux. But 80 Gig/hour is about 10 times what unfiltered usenet is producing.
"We found Stew in the PC section of a bookshop in Glasgow - the best place to find his sort, The last thing I want is disciplined minds." That should sell well to large corporations such as Boeing and the Home Office.
The team now has complete access to the world's newsgroups, where many viruses are initially posted and distributed, and to every image and every attachment. So they have a usenet server sucking up hundreds of publically accessible newsfeeds. I wonder how they compress all the spam messages that normally clog other servers? Maybe we can convince them to create a dejanews type service.
"Steganography is considered the third biggest threat to US security after biological and chemical attack" 97% of all statistics quoted by Whitelaw are pulled from his ass (I made that up, its obvious 100% are)
Criminals - who have a peculiar habit of inputting all their deeds into PCs and handheld computers - often use software to erase such incriminating information I don't know very many criminals, but most IT professionals I know don't ever input all their deeds into PCs. But criminals have discovered the trashcan in windoze 98, better sell recovery services at an outrageous price.
Unsuspecting companies are largely unaware that a great deal of the world's criminal communications are carried out using their own PCs So criminals the world over first break into companies computers in order to communicate. That's a pretty knowledgable crowd of criminals, better than the job market as a whole. And actis has defined what constitutes criminal communication, that must have been hard to take into account 178 nations, and thousands of individual jurisdictions in over 150 languages. And all that since April of this year. Wow!
Where serious crime emerges
On his laptop, Whitelaw shows me how to find manuals on bomb-making and sophisticated lock-picking techniques, complete with DIY diagrams. Yahoo, infoseek, altavista, google. Wow, this company has discovered a vast criminal conspiracy, known by the code word "search engines". By installing their proxy filter, they will block all access to these criminal sites.
This press release is too much to bear. It is pure bullshit, 100% bullshit, and nothing but bullshit. They have Yet Another Internet Filter to sell to companies and they have to make waves to keep their investors happy. Ignore this and get on with first nathalie portman posts or philosophical discussions on "free" vs. "free" software.
the AC
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
PJRC: Electronic Projects, 8051 Microcontroller Tools
Several points made in the article give me the impression that the capabilities of the database are not as powerful as claimed.
:)
:) I'm also unsure how someone would "generate" the address of cardholders. That would be information contained in a database which would have to be "obtained". Its not information that is obtained within the number itself. As for "robbing" ATM machines. I'll give you 3 good ways to do it. Shouldersurf someone's PIN number, mug them, then drain their account, use a sledgehammer and blowtorch to extract the cash from the machine, or wait until someone draws some cash from it, and just steal it from them. I wouldn't consider any of these ways to be smart, but I certainly don't know of any other way to do it. Nor do I expect there to be any reliable information out there that would express such possibilities.
First are the statistics on pornography sites. Yes, most sites just harvest material from public sources and redistribute it. However, how exactly were they able to determine how many images are stored on membership pages? Porn sites are notoriously pay per view services. Useful statistics on the volume of data a porn site will hold will simply not be available unless memberships were purchased on every single site. I don't care if they said they dont' care how much it costs, I know for a fact they're not purchasing memberships on 20,000 porn sites each day.
How do they claim they can archive EVERY newsgroup on USENET? No newsserver serves EVERY newsgroup, as its a distributed network. Most of them offer 98% of the groups, but they'd be hard pressed to have EVERY single one of them.
Then there's the discussion about "hackers", followed immediately about information about bomb building, lock picking, and credit card numbers.
I'm also somewhat unsure what good a list of "unissued credit card numbers" would accomplish. If its unissued, then its useless, right? IT WON'T WORK. Here's an unissued credit card number: 4204 4502 5092 2942
There. I GUARANTEE you that NOBODY has this number. Its "unissued". Now I'm a hacker! Oh goody!
How is steganography considered to be the 3rd biggest threat? According to this article, its more dangerous than nuclear weapons. All it is is a form of encryption. I suppose if I can't read a message of yours its less dangerous than if I CAN read a message, but it turns out to be the wrong message. forget the fact that I shouldn't be reading your messages anyways. If someone wanted to send a message detailing an assassination attempt, its unlikely anyone would obtain it until after the deed had been attempted.
Now.. lets examine some lines of FUD:
Unsuspecting companies are largely unaware that a great deal of the world's criminal communications are carried out using their own PCs, notes Whitelaw.
Security experts are seriously worried about the threat of attacks on airport flight management computers, power systems, and hospital equipment, let alone stock markets such as Nasdaq.
Anyone notice a pattern here? Sounds like this is the same techniques that antivirus vendors spew out in an attempt to get people to buy their products. Your computers are just CRAWLING with viruses and you'll most likely die if you don't use our product. True, the above lines were a tad more subtle, but the issue is the same.
oh well.. something to think about
-Restil
Play with my webcams and lights here
And tomorrow, it will all be obsolete. I can put a server up today at an IP and domain, then the next day ship it off to another state or country to give to someone else to host.
Or I can just decide that my FTP server needs to house jazz tunes tomorrow instead of the rap tunes today.
Who knows? The net changes that anyone who spent the time "mapping" it mapped it while it was changing, and after compiling the map, has realized that much of it is already outdated. Look at the search engines and how often a 404 creeps up, or even server not found.
No way they can know definitely attachments and files. It changes too fast too often.
Dragon Magic
Human nature is the same everywhere; the modes only are different. -- Earl of Chesterfield
They claim that they archive over 80GB an hour, and then talk about the content of porn sites, etc. Of course, how do they have access to all of these porn sites is another thing altogether - that must cost quite a lot for all of those memberships! The system appears to be some kind of massive search engine/archive similar to Alexa Internet except much more broad and with more sophisticated tracking and reporting capabilities. Although they decline to specify how, apparently they are able to compare images against each other, track texts, and do some massive queries to track back things like the Melissa virus to their first known wherabouts. They claim to have one of the largest databases in Europe, and to have found the perpetrator of the I Love You virus two days before the Feds. This really seems unlikely, and it would be nice to have some outside information, such as pictures, or results. How you can catalog and search this amount of data must really be a feat, considering their DB is larget than TerraServer and they aren't IBM or Microsoft, with billions to burn. Luckily, they can only "track" web pages and Usenet postings, so far, and they apparently classifiy it all by domain name and various other (unexplained) patterns.
It's a battle out there. The battle between net net users' and programmers' desire to be anonymous and private, and their desire (especially the programmers) to log every damn thing that happens.
There seems to be a huge contradiction in the hacker mentality, on the one hand to collect endless log files, traces, data stores, id's, usernames, passwords, tags and the rest of it, and on the other hand to want to remain entirely private, safe behind their screen.
Personally I'd love to remove all the log files. No more http log files analysis. No more SMTP message-id's and paths in the headers. No more off the cuff usenet postings archived for the next n decades and cross referenced by the university userid of the the guy who posted it 6 years ago.
I don't see what's so good about archiving the Internet. It's like having a ten hour meeting where nothing gets decided but hey - we'll be able to see exactly what was said 10 years from now!
If you want it to last, print it out. On non-bleached paper. [Anyone who knows where you can buy unbleached long life printer paper please let me know...].
So, I'm all for Buchanan and it's sleuthing. I'm not convinced they can do all they said they can do, but hey, you leave enough log files lying around and sooner or later someone'll make a living reading through them.
You can't have your cake and eat it!
-----
It sounds like they have a news feed, and are able to mine Usenet articles to try to determine the earliest signs of things like viruses. This is nice, but not particularly advanced information retrieval.
The other part is that they characterize sites/hosts' Web content. Identifying a porn site is not really that hard since most WANT you to know they're porn so you're (a) interested, and (b) ready to enter your credit card number.
From what I could see, the only interesting part is that they claim to have uncovered a kiddie porn ring by analyzing some sort of net traffic. This doesn't sound all that different than the firm that monitored Napster traffic to find ~300K Metallica fans^H^H^H^Hcriminals. As others have pointed out, monitoring the whole net is certifiably impossible to do except for targeted sites.
Bottom line: the article is inflammatory and doesn't separate out "real" feats of the company from fear, uncertainty and doubt. About par for the Financial Times, I guess.
P.S.: Anyone find a URL for Actis? (it's not actis.co.uk).
Claims like this smack only of bold leaps in self-promotion and hype. Considering the number of NEW devices connected to the internet on a daily basis, and the increasing number of sites using dynamically generated content, claims such as "we've mapped every byte on the internet" are insane.
At the heart of these new "Internet Private Investigator" type companies is a desire to develop methodology or technology that is marketable to law enforcement or private companies who have an interest in tracking users down for a number of legal reasons. Whether it's a hate group posting bomb schematics, or a geek programmer reposting DeCSS source code for for the five hundredth time, "THEY" would like to find you.
These companies fail to realize that the persons they are trying to track down, in many cases are better than those doing the tracking. When you have high school kids able to deface NASA web pages, sniff credit card numbers off a Fortune 500 company's server, hijack telnet and ftp sessions, IP spoof, and root clueless ISP's servers to use as jumping-off points, it makes it very easy to stay anonymous.
But if the company in question told investors they had developed technology that enabled them to catch idiots, it wouldn't sizzle, would it.
If the government required licencing for anyone able to purchase T1 or greater bandwidth, ala FCC licencing for radio stations - AND, pass a basic certification test verifying they understand essential, basic security measures for the OS they choose to employ, it would make the internet a much more secure (and accountable) place, and give higher professional creditability (and marketability) to the persons holding the licence.
THIS SPACE INTENTIONALLY LEFT BLANK.
The quest to control internet anarchy is indeed frightening. When an entity wants to quash a viewpoint (or a group of people), all that is necessary is to declare them "dangerous". In most cases, that's not a stretch. The ideas that the powers that be want to control most often are just that; they're very dangerous to the powers that be. They threaten the status quo. Just now, it looks like they' re not doing anything terribly frightening. They've refused to use the technology to bend to the whims of certain oppressive governments, thus far. The question remains, though. Do you want any single entity to have the power to say what's "undesirable" on the internet?
--
Donating to the EFF now...
.sig: file not found