Slashdot Mirror
Proposed Active-Defense Bill Would Allow Destruction of Data, Use of Beacon Tech (onthewire.io)
Trailrunner7 quotes a report from On the Wire: A bill that would allow victims of cybercrime to use active defense techniques to stop attacks and identify attackers has been amended to require victims to notify the FBI of their actions and also add an exemption to allow victims to destroy their data once they locate it on an attacker's machine. The Active Cyber Defense Certainty Act, drafted by Rep. Tom Graves (R-Ga.) in March, is designed to enable people who have been targets of cybercrime to employ certain specific techniques to trace the attack and identify the attacker. The bill defines active cyber defense as "any measure -- (I) undertaken by, or at the direction of, a victim"; and "(II) consisting of accessing without authorization the computer of the attacker to the victim" own network to gather information in order to establish attribution of criminal activity to share with law enforcement or to disrupt continued unauthorized activity against the victim's own network." After releasing an initial draft of the bill in March, Rep. Tom Graves held a public event in Georgia to collect feedback on the legislation. Based on that event and other feedback, Graves made several changes to the bill, including the addition of the notification of law enforcement and an exception in the Computer Fraud and Abuse Act for victims who use so-called beaconing technology to identify an attacker. "The provisions of this section shall not apply with respect to the use of attributional technology in regard to a defender who uses a program, code, or command for attributional purposes that beacons or returns locational or attributional data in response to a cyber intrusion in order to identify the source of the intrusion," the bill says.
"What constitutes a valid victimization?" ICMP the wrong port and they can say you're trying to penetrate their services? Mmmm, Beacon.
Republicans have seen too many Hollywood hacker movies. They want people to believe that after someone steals their personal information, they'll be able to click a big red EXECUTE button on the screen and it will launch a counterattack and steal back their data.
In reality, the people who are victims of this type of data theft aren't going to have access to these "Beacon" tools. But copyright trolls and malware thugs almost certainly will. In the end, this will be just another corporate giveaway.
The cyber is hard.
You are welcome on my lawn.
Given Toms "a child of 8 year old heat of the moment mentality" what could possibly go wrong? And is the DOJ so fucking bloated that going after the bad guys to much for them?
The analogy is if you suspect someone of stealing your wallet, you are allowed to break into their house, search through it to find and take back your wallet, destroy a few things here and there to prevent them from pickpocketing in the future, and then call in the police to arrest the guy.
Oh, but if you made a mistake and destroyed some random person's stuff, well, you were still acting within the law.
People are modding it funny, but that's because it's half true.
Sony or the FBI will be allowed to compromise your hardware at will. But if you so much as peep back, they'll drop the legal equivalent of a 10 ton weight on you.
Rule 35 of the internet: "If it can be hacked, it will be". - Charles Stross
A group moving data around the world would use a series of unexpected holding or staging servers with fast networks to mask their final ip.
This will not be a move of data from a company direct to a "home" "desktop" computer with some dial up modem.
Once the "owner" detects their data and sends the code?
That data could be sitting on any random fast network around the world without been noticed. Strange computers sending to code to and altering a computer to do something to data on that network?
The resulting intrusion and clean up will be very expensive and disruptive to any third party.
Domestic spying is now "Benign Information Gathering"
I am curious how this is going to not constitute destruction of criminal evidence when the first court case goes before a judge...
HA! I just wasted some of your bandwidth with a frivolous sig!
1-Evil Hacker hacks into Facebook network. 2-Use to launch attack against Microsoft. 3-Microsoft detects attack, traces to Facebook, launches counter attack and searches for their data. 4-Facebook detects intrusion, traces to Microsoft, launches counter attack and searches for their data. 5-Evil Hacker finishes downloading data, sits back and eats popcorn while Cyber WW3 erupts.