EU Gumshoe Chases Internet Villains

Robert Haskins writes "The Pittsburg Post-Gazette is carrying an interesting Wall Street Journal story about a guy who works for Microsoft and chases virus writers, software counterfeiters, spammers and other suspected law breakers. Can companies really make a difference by helping law enforcement like this?" From the article: "Mr. Fifka isn't a cop. He works for Microsoft Corp.'s Internet Safety Enforcement Team. Created in 2002, the group is part of the U.S. software giant's intensifying efforts to combat cyber crime at a time when consumers and businesses are becoming increasingly frustrated with fraud and virus attacks on their personal computers, most of which use Microsoft's Windows operating system. As Internet crime proliferates, law enforcement is relying more on the private sector to help counter it. That's because tracking cyber criminals requires a different set of skills than police have traditionally used. Compounding the challenge is the speed at which new online threats are morphing."

Considering the results of the highschool hackers

[FauxReal]

I think this is a good idea given the ineptitude of most local law enforcement agencies when dealing with high tech crime.

I could say the same for the FBI, we had a guy post intimate knowledge of a cop killing from our net cafe. The killing wasn't publicised much. The FBI came and bungled the whole computer forensics operation. For one they copied the HDDs w/ some slow crappy program and then took the copies instead of the originals. Luckily some other agents caught the guy after he posted from somewhere else.

That is the problem

[Nom+du+Keyboard]

combat cyber crime at a time when consumers and businesses are becoming increasingly frustrated with fraud and virus attacks on their personal computers, most of which use Microsoft's Windows operating system.

That is the problem.

A more secure operating system with tools to identify and filter out malware is the solution.

This is just paint over dryrot.

Electronic Crimes Task Force

[xorowo]

In specific response to these types of issues, the Secret Service established the Electronic Crimes Task Force. I had the opportunity to tour their Los Angeles operations center and was impressed by their technical resources and capability.

They described how they act as an intermediate body for all law enforcement agencies involved in computer crime. From forensic analysis to crime-scene procedure, they were designed to both advise and participate. I can't speak to any specific crimes that they had been involved in, but it seemed like the idea, if handled properly, was a good one.

When I visited in 2003, they were just ramping up. They had already been assisting local law enforcement, but seemed to still be moving in. Most of the "tech" was in place, including massive file servers and clean rooms, but the individual offices looked sparse, with boxes still unpacked. I was half expecting it to look like something out of the movies - darkened, secretive, maybe in a cave somewhere - but it was just on the 13th floor of a standard downtown office building with all the harsh amenities of a 30-year old downtown high rise.

I would certainly hope that what they spared in decoration was made up by the effectiveness at solving these crimes.

Re:that's worrisome

[cheesee]

Even police officers have their own set of prejudices and interests. Everyone does, wether or not they are privately owned.

And no, it's not bizarre. Is real police tracking down people who break the law bizarre? Why don't they just make it so people can't break the law? See where I'm going here?

Tracking this spammer almost impossible

[DavidPatterson]

A bot of some sort came by one of our clients web sites and found a hole in the 'contact us' page. I'm guessing this bot used some sort of a Google search to find likely pages. It submitted the contact us from 5 times, with various values in the fields...each time, trying to send a bcc: email to an aol address. It worked on one of the posts...they found a hole. Later that night, we had a few thousand emails sent through our server via carefully crafted posts to our contact us form. Tracing back the ip addresses, one came from a wide open proxy server in Vietnam...not much of a way to trace that one back to the source. Amazing how this whole process is probably automated. (BTW, the spam worked. It was for a particular penny stock that doubled in price over the last few days. Someone just doubled their money.)

Re:Tracking this spammer almost impossible

[Motherfucking+Shit]

(BTW, the spam worked. It was for a particular penny stock that doubled in price over the last few days. Someone just doubled their money.)

That someone needs to get into hot water, as pump-and-dump schemes are illegal. If you happen to have a copy of the spam, forward it to the Securities and Exchange Commission; they can track down who sold off a big chunk of the hyped company around the date of the spam. Whether or not they'll punish him is another matter, but at least you did your part.

The address to report the spam is enforcement(@)sec.gov. Same goes for any "stock tip" spam you get.

Re:On the futility of treating the symptoms

[petermgreen]

there aren't as many worms as e-mail viruses but those that there are still produce a significant background noise that serves to infect any unpatched windows box that gets directly connected to the internet.

NEVER EVER HELP THE PIGS -IMPERITIVE READ MY STORY

This guy is a fool. You never help the pigs. You never talk to the pigs. Anyone who has lived in the ghetto knows that. You fight the pigs with everything you have. The pigs are interested in one thing and one thing only. Projecting power. If everyone hasn't figured it out by now, the justice system is simply a smokescreen and a farce behind which that is done.

I'm not from the getto. I'm a middle class American computer guy. But I learned a lot about the ghetto, and you're about to hear my story and why this guy needs to be sent to prison himself as a wake up call to meet the SOB's face to face he thinks he's helpoing.

I'm a typical computer guy like the rest of you. I saved up $350 for my first C64 and knew how to program it before I got it home, by programming on them in the stores. I went through Macs, building my own PCs, Linux, BEOS, QNX, programming, shell scripting, webdesign, gimp editing, running a bbs, emulators, builing my own wifi repeater... you name it I've done it.

For 5 years I ran a charity that collected PCs from schools and universities, refurbished them, and gave them to the poor. It was the second largest in my state and my URL was all over the net.

Then one day, boom, it ended. Someone made an accusation against me, and I had to fight for my life to prove I was innocent. They had nothing more than an accusation... no evidence... and their story didn't even make sense. It didn't matter, and I got the shock of my life when I lost. The judge said "12! do 7... meaning 12 years, do 7... basically, a death sentence"

You don't understand. The courtroom isn't a courtroom, its an abatoir (a place where sheep are brought to be slaughtered, dazed and bewildered, like jews stepping off the train into a concentration camp). These people are masters at the slander game. They can paint you any way they want you. And they will, while you sit there quietly like a deer in the headlights being pleasant and nice not speaking a word

I spent two years in an American prison. It was absolute hell. I was tortured. I was locked in a sensory deprivation box, I was systematically deprived of sleep, deprived of food, roasted alive in a steel tin building, drilled like I was in the military, yelled at, attacked, locked in cells with two consecutive different roommates who were pyschopathic butch thugs (read flaming gay dangerous). I begged, I wrote grievances, I pleaded, please move me anywhere, and nobody lifted a finger.

I had a job, I worked

Two doors down from me was an RFDI engineer, who was in for... get this... adultery. I nicknamed him Marconi. My nickname was Einstein. A black guy stuck that one on me, because the average grade level was 6... I tested out at 13th... the highest the test went. I was always helping people spell letters, or write letters home, or helping with GED algebra which I know inside out (calculus even). I worked in the library shelving books.

I spent my time avoid all the stupidity in there, writing, making webpages on paper. I made a little harddrive out of paper and set it on my shelf for inspiration even once, it was something to know my webserver was still out there serving documents to the world. I dreamed when I got out of that hell hole of posting to slashdot on the main page... I'm not joking, for real, I've got it scanned somewhere now.

After two years, I won my appeal. That's how long the process takes, minimum, and your chances are slim at best even then. Once they have you, they are making 40K off of you a year, 90% of which goes to guard salaries, innocent or guilty, your a cash cow. America is a police state, under the surface, a huge business. I was in warehouse after warehouse where you could see heads for as far as you could see...

Esp. in the cafeteria. Imagine that scene in Star Wars Episode III, on the planet where the Genoseans are cloning Bobba Fet the bounty hunter, and all the Bobba Fet clones are eating... that is exactly what it looked like... packed in like