This one struck me as very funny, as it reveals how little Congressmen and Senators actually know (and also how little their "technical advisors" know) about what's actually happening in the world of the Internet today. It will probably be 5-10 years, or about as long as it takes to get younger, more tech-savvy representatives elected, before serious strides will be made in legislative action against spam, adware, spyware, and all the other nasty stuff out on the Internet. I mean, Robert Byrd sure as shootin' ain't gonna cobble together a decent piece of legislation that would fix a serious problem on the Internet (but he WILL tax the hell out of it, if you let him...).--Committee Gives Anti-Spyware Bill Top Priority
(27 January 2005)
The House Commerce Committee has given HR29, the Spy Act, high priority;
members hope to get it out of committee in under three weeks. The bill
would require that spyware be easy to identify and to remove from
computers. It would also prohibit the programs from collecting personal
data without the user's express permission and authorize the Federal
Trade Commission to fine violators as much as US$3 million for each
infraction.
http://www.wired.com/news/print/0,1294,66407,00.html
[Editor's Note (Schneier): I'm having trouble with the concept of
spyware that's easy to identify and remove. Legal spyware? Sounds like
an oxymoron.]
Spyware is not something that legitimate companies place on your system; bad guys place spyware on your system. This is the same kind of thinking that gun control advocates subscribe to; you end up with, "when guns (and spyware) are outlawed, only outlaws will use guns (and spyware)". Is a bad guy trying to capture your passwords, credit card numbers, and personal info going to make his spyware easy to identify and remove? (If you said, "yes", I have a great idea for a dot-com, and I'd like your money to fund it.)
--German Police Arrest Rogue Dialer Suspects
(28 January 2005)
German police have arrested two suspects in a rogue dialing scheme. The
two allegedly surreptitiously altered people's computer settings so that
they dialed out to premium rate phone lines. Several other suspects
remain at large.
http://www.theregister.co.uk/2005/01/28/rogue_diallers_cuffed/print.html
[Editor's Note (Shpantzer): This is one of the oldest tricks in the
cybercrime book. The FTC settled a large modem hijacking case in 1997,
with 38,000 victims and $2.74 million dollars worth of phone calls to
Moldova. See http://www.ftc.gov/opa/1997/11/audiot-2.htm for details.
The attorney for the FTC on that case was Paul Luehr, who went to work
for the DOJ in the cybercrime section and was responsible for, among
other cases, the conviction of Jeffrey Lee Parson from the Blaster worm
described above.]
Just one more reason to dump your dial-up and deactivate your modem. With DSL prices dropping like they have been (DSL from Qwest, here in Denver, is about $25 a month now...just 4-5 years ago, that's what AOL
was charging for dial-up!!!), what's your excuse?
An illustration of how pervasive computers (and the vulnerabilities of computers) are becoming in our lives, and how little so many people still know and understand about them. Very, very soon, computers will be in EVERYTHING. It's time for everyone in America to wake up and understand that it's time to take that computer class, time to actually put a little bit of effort into learning the basics of computing...SAFE computing. Of course, to me, the Editor's Note on this one is equally priceless. Remember the old "If GM built cars like Microsoft builds Windows" e-mail? (If you don't, try this site.)--Mobile Phones May Have Infected Lexus On-board Computers
(27 January 2005)
There have been reports that the on-board computers of several models
of Lexus automobiles have been infected with viruses. It is likely that
a mobile phone is responsible for the infections. Some Lexus cars have
navigation systems that use Bluetooth to connect to mobile phones to
allow hands-free calling.
http://asia.cnet.com/news/security/printfriendly.htm?AT=39214840-39037064t-39000005c
[Editor's Note (Shpantzer): I hope Lexus (Toyota) is keeping XP Embedded
Edition and other general-purpose OSs out of the main chips for the
actual automotive functions.]
Thanks for reading along, and be careful out there.
No comments:
Post a Comment