Europe to get cybercrime alert system

Discussion in 'other security issues & news' started by ronjor, Dec 1, 2008.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
    Story
     
    Last edited: Dec 2, 2008
  2. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    From the article:
    How would this be done? Is this an admission that Windows does have a means built in by which law enforcement can access your hard drive remotely?
     
  3. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,702
    Hello,
    Relax. There's no matrix-style "backdoor." Remote search means more vulnerability scanning, more tarpits, more honeypots. That's all.
    Mrk
     
  4. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    How does any of that translate into remotely searching a hard drive?
     
  5. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    hi,

    I guess that such projects can be considered as a positive things, even if i have some doubts about its total efficiency (the most part of the job must of course be done "on the ground").

    More than technical, the main limitation and obstacle are liability and jurisdiction dilemma.
    With the FBI CIPAV and the Timberlinebombinfo affair, policewares are a mature technology, and much more official than in the past.
    Some RFS ( Remote Forensic Softwares) are highly sophisticated, often with rootkits and firewall/IDS bypassing/eluding methods (but it is a confidential and UNnoisy market).
    And such projects are planned in many Europeans countries, not only Germany with the Bundestrojaner.

    More over, most cyber criminals are familiar with security, and anti-policewares countermeasures can be applied without the need of a solid background ( some anti-CIPAV tutorials can easily be found via a Google search)...
    And high skilled criminals have off course an arsenal of technologies, material and jurisdiction protections to avoid any kind of tracking...

    Would some AV editors collaborate with government security agencies by database withelisting/excluding this policeware ?
    As it was the case in the past with Symantec/Norton and the FBI/Magic Lantern?
    If Europol or any other cybercop alliance use " legal hacking and intrusion" against a cybercriminal located in a russian or chinese admimistration office, would this be considered as computer espionnage or cyber attack ?

    But i concede that it is a complex subject: the DoJ of most democratic countries should find the well balanced way that will give enough rights to law enforcement agencies for doing their job, and on the other side, limits privacy intrusions and law abuse.

    For those interested, there is paper by L. Grunwald and presented this year at Blackhat wich is good summary (sorry, direct download): "Hacking and injecting federal trojans"
    (all anti-forensics methods and policewares countermeasures
    have not been listed).
    For example, using Voip encryption like Skype against eavesdropping is well known.
    And as an anti-anti-forensic method, some chinese governement agencies have put on various download servers buggy/unprotected versions of Skype...
    And if "Someone in particular" is afraid of evidences gathering on hard disk, he just needs to use a LINUX LiveCD ( i am particularly a fan of Protech), but this countermeasure is not a real obstacle;)

    Au revoir,
     
Loading...
Thread Status:
Not open for further replies.