Slashdot Mirror
The International Cyber Cop Unit
coondoggie writes "A group of international cyber cops is ramping up plans to fight online crime across borders. The unit, known as the Strategic Alliance Cyber Crime Working Group, met this month in London and is made up of high-level online law enforcement representatives from the U.S., Australia, Canada, New Zealand, and the United Kingdom. One of the main goals of the group is to fight cyber crime in a common way by sharing intelligence, swapping tools and best practices, and strengthening and synchronizing their respective laws."
Strategic Alliance Cyber Crime Working Group. Sounds like a straight to DVD Jean-Claude van Damme movie.
Weaselmancer
rediculous.
Do we really need more laws/people trying to "protect" us online? It has already been proven with laws like the DMCA that congress has no clue how the internet/modern technology works. And adding law enforcement is just an excuse to add more laws that do nothing but annoy us law abiding citizens. And also, if white hat hackers can't get the real criminals, there is no way that these "cyber cops" are going to be able too unless they say control a botnet. This just is more excuse to block "warez" and "piracy".
There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
This is going to end up as a copyright/RIAA/MPAA task force to fight the evil copyright pirates putting women and children out of work, right?
It's inevitable.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
It is interesting to note that the countries named as part of this Strategic Alliance Cyber Crime Working Group, are also part of the UKUSA community. This is significant because said community forms the alliance of nations that is responsible for ECHELON, a program that collects and analyzes signals intelligence from all over the globe.
I've sat in on talks from several different security researchers who infiltrated botnets and reverse engineered them. That doesn't take a lot of bandwidth. It takes a few honeypots, a decompiler, and and IRC client. They could also have issued a command to redirect the entire botnet to a new control channel under their control and from there disabled the botnet, even patching the vulnerability used to gain control in many cases. People don't do that, not because it isn't possible, or they need more bandwidth. They don't do it because of the legal liability. They have no authority to take control of other people's machines (even if someone else also has control). Worse in many cases, what if they try to patch it and the patch fails? Well, then the researcher is liable for any damage than ensues. No one wants to take that risk.
Stealing bots from other botnet herders is already common practice among crackers. It is perfectly possible for cops to steal them back, it just is a legal nightmare to do so, especially if you aren't even sure whose jurisdiction all those machines are in.
Y'know, I'm feeling I need to play devil's advocate here.
I'm not exactly trusting of the intentions of the fine people doing this, and I'm even less trusting of their ability to implement even good ideas. That's probably not fair but I'm pretty sure I'm not the only one who feels that way.
If you've ever tried to actually deal with law enforcement on a computer crime, you run into pretty wicked problems both of jurisdiction and technical competence. While the latter problem has improved somewhat in recent years, the former problem still exists (and is arguably worse, twenty years ago your trail wouldn't run cold in Moldova or Pakistan or Vietnam).
This means there is a real problem to be solved here. It also seems to me that the problem has technical, political, and legal aspects. That implies any solution is going to be ugly.
Having the Internet be a separate jurisdiction with its own courts and its own police makes more sense than the mess we have now.