Slashdot Mirror
Australian Cybercrime Enquiry Report Released
An anonymous reader writes "The Australian Government Standing Committee on Communications has released the results of a year long enquiry into cybercrime in a report titled Hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime. This report includes a recommendation that Internet Service Provider customers should be forced to install anti-virus and firewall software on their computers as part of their contractual obligations. The Australian Communications and Media Authority receive further powers and responsibilities under the recommendations with respect to shutting down websites hosting malicious content and ensuring that infected consumer devices are disconnected from the Internet."
The Australian Government is surely just taking the piss now. Honestly. What else can they say other than "the binary is COMING ALIIIIVEEEEE"? That would probably be a step up from Conroy's ramblings anyhow.
Disagree != mod troll.
Kind of like a public-health measure.
ISPs would have to: require all subscribers to install anti-virus software and firewalls before the Internet connection is activated
It seems to me like this is a strange requirement. I couldn't tell you the last time I actually went to a brick-and-mortar store and bought an antivirus product. And what about lesser-known or free antivirus solutions? Unless you're going to find someone with an internet connection and download them onto USB/an external drive, it seems like this requirement would negatively impact their marketshare (which, if they're lesser-known, would admittedly be small).
Considering that ad banners can be infected with java viruses, does that mean that any website with ads should be, by this law, taken offline? Pretty soon the computer users will have the legal obligation to stop using the internet entirely...
A stupid law like this will lead to the requirement the ISP install some kind of audit software on your PC to monitor compliance. Something like punkbuster. It would have to monitor your local system and possibly report back to the ISP. I don't see any other way this could work. This would be a nightmare to support a range of OSes and would possibly make a system that was properly maintained to be less reliable.
It's time to reclassify Linux as an antivirus product. Experience to date suggests that it is much more effective than single-purpose antivirus products - and it does so much more, for free!
I thought you Aussies were laid-back, laissez-faire sort of people? Not in the pure capitalism sense, but in the "you mind your business, I'll mind mine and we'll chill together" sense? Why the sudden conservative turn?
I'm imagining some poor schmuck on the phone with an ISP trying to explain that the government mandated anti-virus software doesn't support their OS of choice (which the moron on the phone has never heard of) and being told that they can't have internet access because they don't have Windows.
Don't act like it won't happen. Heck, most ISPs if you're trouble-shooting almost demand that you remove the firewall and plug the machine directly into the cable modem, and only have trouble-shooting instructions for Windows and can't comprehend that you might actually be qualified to say that, since nothing has changed on your end, their network must be currently broken.
While I appreciate the intent of this, every time someone tries to legislate solutions to technical problems, they break more stuff.
Lost at C:>. Found at C.
The problem is not the idea of everyone having anti-virus, it's that you want the ISPs to distribute and enforce it.
I don't know about you, but I would never install any software given to me by an ISP. In Canada, Rogers actually have a history of opening more security holes than they close with their Firewall/AV software. To the point that some large corporations IT departments won't let you VPN in from home if you have the software installed.
In my experience ISP software is typically one of the worst forms of insecure bloatware you can put on a computer.
I think it's reasonable to say to people, hey, your ISP isn't responsible for data on your computer particularly if you don't even have basic protection on it. But it's another thing altogether to say, "you can't use the the Internet if you don't use anti-malware." That gets into all sorts of enforcement issues, what constitutes appropriate anti-malware, what happens if you don't comply ... can the ISP still bill you that month? What if you completely rolled your own, and there's no appropriate anti-virus software out there for your operating system. If ISPs must act as the enforcement gates, it's going to make a whole bunch of "network access protection" vendors quite happy. They'll get to sell a lot of complicated NAC gear to these ISPs.
That Conroy et al are not so much interested in controlling what we do as much as they are shills for internet security software.
Actually remembering the last time I was involved with a government technology program and who was involved that wouldn't surprise me in the least.
Firewall software? Maybe because it was because I am a UNIX guy and the kernel of these operating systems had control of the IP stack without needing third party programs. Or because a true firewall is a hardened hardware router that can withstand attacks not just coming from the outside in, but prevents items from coming from the inside out (such as E-mail from any box other than the designated mail servers.) A software firewall that is not built into the OS proper is pointless [1], as the OS should protect against incoming attacks, and if a malicious application is installed, the game is over anyway, so protecting against outbound stuff is pointless.
As for anti-virus, maybe on Windows, but I have yet to see malware on a serious UNIX system unless it is a Trojan (and no A/V system can protect against that.) However, I just find it almost laughable when I have to install McAfee on a pSeries box with some script to show it is running for audit reasons.
Instead, maybe the law should be worded as "proper security measures shall be taken to protect against malicious software and remote attacks." This way, an OS that has a decent IPS built in doesn't need to have third party stuff tacked onto it to make it compliant.
[1]: An exception is the DroidWall app on rooted Android phones. It provides good security because a lot of apps ask for network communication privs which shouldn't have it, and a user otherwise wouldn't have control of what can and what can't communicate out.
I say Australia should have the ISPs refuse service to anybody running a windows box. This would remove at least 70% of the malware and would improve customer satisfaction!
Would you hug a bear?
So we have a "Office of Online Security be established within the Department of Prime Minster and Cabinet" :)
Then we see a cut to "The Online Child Sexual Exploitation Team", a unit of the Australian Federal Police of $2.8 million.
http://www.smh.com.au/opinion/politics/fight-to-filter-out-evil-leaves-bad-guys-to-do-their-worst-20100514-v4cq.html
We also have some fun news via http://www.zdnet.com.au/inside-australia-s-data-retention-proposal-339303862.htm
Beyond the "want the source and the destination IP addresses for internet sessions" they are dreaming of linking
""They want allied personal information with that account, including, [the department] said, passport numbers.""
with "automate the process of requesting and obtaining access to telecommunications data."
One day your ip could be linked to your isp and photo id while you surf on a filtered internet with Windows anti-virus and firewall software running.
Some great projects and funding for someone
Domestic spying is now "Benign Information Gathering"
"because I am a UNIX guy and the kernel of these operating systems had control of the IP stack without needing third party programs." - by mlts (1038732) * on Tuesday June 22, @11:44AM (#32654050)
First of all: By "control of the IP stack", what EXACTLY do you mean here? Be specific... thanks!
Secondly: I can tell you that doing pretty much what a firewall program can do was already "built in" into Windows NT-based OS' by Microsoft, in "Port Filtering" (often called 'the poor man's firewall') in fact!
(Yes, it works quite well alongside actual software firewall programs, hosts files & other forms of blocking softwares/browser addons, & hardware router/firewalls also... and yes, it's done in "kernel mode" in the IPFLTDRV.SYS driver (working alongside TCPIP.SYS driver itself, which is however, lately @ least, a "Plug-N-Play" driver & ipsec.sys (optional), which are also both kernel mode drivers afaik)).
---
"Or because a true firewall is a hardened hardware router that can withstand attacks not just coming from the outside in, but prevents items from coming from the inside out (such as E-mail from any box other than the designated mail servers.)" - by mlts (1038732) * on Tuesday June 22, @11:44AM (#32654050)
A HOSTS file can do this for you, both for *NIX based OS + Windows too.
Simply by putting in lists of KNOWN BAD sites &/or servers, You can effectively not only stall access to them by users, but, this also stalls ANY MALWARES ACCESS TO THEY AS WELL (such as in the case of botnet "command & control" servers), because if YOU the user cannot access a site?? Neither can a malware (one that's running under YOUR user logon rights context)...
(Additionally, HOSTS files aren't "3rd party software" that isn't "tightly integrated" (what a crock of CRAP that term is, lol, because all apps call out to libs in the OS in the end, especially NTDLL.DLL on Windows @ least) or that eats up CPU cycles, as it's only a filter that the IP stack uses!)
APK
P.S.=> Just some "food for thought", before you reply with some (hopefully) specifics on what you meant in the block of text I quoted from you at the top of my reply here... apk
"... should be forced to install anti-virus and firewall software".
sure, sure, if the GOVERNMENT pays for it!
(if you use linux, you should get a coupon over $anti-virus+$firewall,
which you can use to redeem cash, or deduct from your due taxes)
I just got Internet a couple of days ago. As soon as I'm connected, Antivirus 2010 prompt me to install it right away. I didn't even have to pay!
The installation of a virus scanner does nothing to stop new malware. Such beasties are only as good as their databases, which always lag behind the current malware. And having it installed doesn't mean it's kept up to date or it's actually used. How many "trial" versions of NAV have I seen over the years that are massively out of date? Hundreds.
What I also want to know is what kind of anti-virus software is there for Solaris machines? If you run a real operating system, do you have to take it off the 'net now because you can't even buy "antivirus software"?
Australia is really beginning to become an IT shithole, judging by the news. But I don't think raging neckbeards in the street is going to intimidate the stupid politicians.
--
BMO
Can I just scan for the evil bit instead?
Dear rest of world, please ignore anything relating to Australia + Cyber-anything, while that fool Conroy is still a minister. We are trying our best to get rid of him soon.
Ignoring the rest of the Australian governments internet policy, some of the stuff coming out of them is good. Some is incredibly bad. This one just happens to be a bit mixed and misdirected.
.scr files in emails, or indeed open any file in emails that look dubious. That didn't stop Antivirus 2009 from getting on their computers because they thought they were safe (safe because I installed antivirus and firewalls).
One of the best proposals they released is asking ISPs to monitor your traffic for obvious signs of infection. As a geek with a reasonably hardened setup at home I was dumbfounded when I got one of the emails detailing Confiker.C was all over my network. We have 2 fully patched Windows 7 computers, and a fully patched Windows XP machine (my sister's laptop). The laptop in question had Cnfiker.C in the past and I cleaned it and fixed the windows update settings on the laptop as well as re-instating the broken AV software and all was fine or so I thought for about 3 months.
3 full months it didn't click that our media centre is a Windows XP machine. Mainly this is because I've never once gone on the internet with it via a web-browser or opened email, downloaded software from dubious sources etc, this all lead to the belief that it was impervious to virus attack. I never considered an attack from inside the network, thanks to the evil government's mandated warnings though I have changed things considerably. What chance does the housewife next door (the one who runs an open wifi access point) have if even I missed such a thing?
Now this policy is both good and bad. There needs to be some level of mandated security. As for the details, that one is a bit more grey. I like the idea of not allowing computers that don't have an inbound firewall but does this need to be at a computer level or is the basic drop any unidentifiable packet policy of my router good enough? Does the policy require an aftermarket firewall or is windows firewall good enough? I am willing to bet that most if not all users have these systems and they are simply not turned on. All the same principles applies to antivirus. Is it good enough to have the software but not download the latest updates?
On top of all this there's the psychological problem too. A lot of users are just too ignorant of the threats to be connected to the internet. Antivirus and Firewalls will NOT protect them. My sister and mother are classic cases. Both of them are savy enough not to click on
Giving clueless users the feeling that they are safe will simply lead to complacency.
Excuse me while I go open this email with naked pictures of Britney Spears. Oh don't worry I've got the government watching my back.
"They are using force upon citizens, as if they were serfs."
Not really, some academics were commisioned by a government committe to come up with recommendations, traditionally these sort reports list every strategy they can think of, they make great slashdot headlines but are ignored by the government (except for the one recommendation they asked for during a golf game). As anecdotal evidence for that claim; I have been reading stories on slashdot about how both right and left wing Aussie communications ministers are implementing an Orwellian internet "any day now".
Think about it in "bread and circus" mode; Conroy has served almost a full term as comms minister and his filter is still nothing but an empty promise/threat. Before that the people on the other side of the house, (who are now filtering his filter from the law books), were just as adamant they would introduce a mandatory filter and just as unsuccessful because Conroy's mob filtered it out of the law books. If there was any real politcal will behind all this "clean up the net" rhetoric we would have had the Orwell plug-in installed circa 1997. But that will never happen because once they take on resposiblity for policing the net then all of a sudden it's the governments fault that someone's little princess was exposed to tub girl, much better for politicans on both sides to behave in their normal manner, ie: perpetually shocked, outraged and ineffectual.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.