DISCLAIMER: Logging other people's keystrokes or breaking
into other people's computer without their permission can
be considered illegal by the courts of many countries.
The monitoring software reviewed here is ONLY for authorized
system administrators and/or owners of computers.
We assume no liability and are not responsible for any misuse
or damage caused by the keylogging software. The end user of
this software is obliged to obey all applicable local, state,
federal and other laws in his country of residence.
December 27th, 2007
Rx for cybersecurity: Let the user beware?
If you are looking forward to finding a new PC under the tree Christmas morning, here is a sobering thought to consider while setting up your high-speed Internet connection. Estonia’s defense minister recently floated the idea that legal liability could be a helpful tool for ensuring some minimum standards for security by end users.
What does the Estonian minister of defense have to do with your computer? Ask, rather, what your computer has to do with Estonia. Last spring, the Baltic country became the first to experience a nationwide online attack, with traffic volumes 400 times greater than normal interrupting service to government Web sites, online news services and online banking. Defense Minister Jaak Aaviksoo estimated financial damage at $1 million to $5 million.
Aaviksoo said the attacks appeared to have been coordinated and financed by ‘our big neighbor.’ (Hint: Russia.) But the traffic came from a botnet of as many as 1 million compromised computers in 50 countries worldwide. He estimated that as many as 100,000 of those computers could have been in the United States.
In a talk at the Center for Strategic and International Studies in Washington, he called for more cooperation on cybersecurity at national and international levels. But he also speculated about what it might take to improve security at the individual level.
Millions of computers worldwide have been quietly infected by malicious code, putting them under the control of a herder who can organize them into botnets and rent them out for nefarious purposes at 10 to 50 cents each. The user continues to surf the ’net, unaware that his computer is spewing spam and attack packets or hosting embarrassing or illegal files.
Ignorance might be bliss for the user, but it is a major headache for those on the receiving end of the attacks.
What is the responsibility of the user in ensuring a healthy Internet ecosystem? The technology and information exists to provide pretty good security for PCs, but awareness and will often are lacking. Maybe a dose of liability could help cure that.
After all, firearms and automobiles are regulated. Manufacturers are required to include minimum levels of security in the form of seatbelts, airbags and safety catches. Owners are expected to exercise a level of responsibility in using these products. If they do not, they can be held liable for damage they cause. Even swimming pools pose a liability for owners if not properly protected. Why not minimum security requirements for PCs, Aaviksoo asked, with appropriate liability for those who fail?
‘The question so far is unanswered,’ he said. ‘It is all speculative so far.’
There are some obvious difficulties with the idea. With a gun or a car, for instance, there usually is a one-to-one relationship between the instrument and the damage. One car runs into yours, or one gun shoots you, giving you a clear target for assigning liability. But what do you do if there are a million computers attacking you? Sue each owner for $1 apiece? That’s not very practical. And there is the question of deep pockets. A driver might well be a deadbeat, but his insurance company can afford to pay me millions if his car puts me in the hospital. Who is insuring the security of computers?
But if the notion of legal liability for individual users has problems, some requirements for a minimum level of security make sense. The technology exists, already built into many operating systems and applications. Antivirus and firewalls come loaded onto many PCs out of the box, and service providers can filter traffic coming from and going to those computers.
Regulation is a slippery slope, and enforcement is so complex that it could be more trouble than it is worth. But if end users and service providers do not consistently adopt best security practices on their own, those damaged by their negligence might come in search of deep pockets.
Source: GCN
All news for December, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year
DONATION: Keylogger.org is an independent research
project supported by a team of enthusiasts. If you find this
project useful or would like to help foster its continued
development please consider making a donation using PayPal`s
online secure payment service. A PayPal account is not required.
All major credit cards are accepted (MasterCard/Eurocard,
Visa/Delta/Electron, American Express, Switch/Maestro, Solo).
Simply click the button below.
Any amount would be useful and appreciated!
Thanks in advance for your support!
|
