Download presentation
Presentation is loading. Please wait.
Published byShona Richardson Modified over 9 years ago
1
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Carnivore, an assault against privacy From Action to Reaction Herkko Hietanen Electronic Frontier Finland HUT Law and Technology
2
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Content Threory of Information Warfare Patriot act Convention on cybercrime EURO DMCA and DRM From action to reaction –Grass-root level-
3
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY A Theory of Information Warfare Information recources have two sorts of value: 1. Exchange value 2. Operational value The Player must have a motive, means and opportunity
4
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Government’s Motives Fight against terrorism, crime, drugs etc. Gathering of evidence for criminal process Military, financial and political intelligence.
5
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Government’s Means Capabilities and Access (availability) Capability Technical means Access Court orders and laws -US v. Scarfo,Criminal No.00-404 (D.N.J.)
6
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Government’s Opportunity Technical access and co-operation of ISP Success rate Perception that one doesn’t get caught or stopped It may be neccecary to obtain technical access before other objectives can be achieved
7
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Borders of Privacy in Communication Legal ProcessConsent of partiesEmployers Rights Criminal investigation and crime prevention Fundamental right to privacy in communication Legal institutions Prisons Mental Institutions Governments documents Security inspections Criminal confiscation
8
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY USA PATRIOT ACT OF 2001 USA Patriot Act was signed into law on October 26, by President Bush. Expanded Surveillance Increasement of forensic cybercrime capabilities Money laundering Expanding criminalisation of terrorism Increased funding to Heroes of 11.9.
9
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY USA Patriot Act's most troubling provisions Expand the ability of the government to conduct secret searches. Give the Attorney General and the Secretary of State the power to designate domestic groups as terrorist organizations and deport any non-citizen who belongs to them. Grant the FBI broad access to sensitive business records about individuals without having to show evidence of a crime. Lead to large-scale investigations of American citizens for "intelligence" purposes. Minimize judicial supervision of federal telephone and Internet surveillance by law enforcement authorities. Right to hold foreigners in custody for 7 days.
10
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Statistic US Courts 1998 1,186 Criminal Wiretaps 73% Narcotics 69% Telephone 19% Electronic Devices including e-mail etc. Avarage Cost 61,176 $
11
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY EUROPE –How are we affected?- Global communication network Who can dictate CyberLaw? Racial discrimination. Arab Terrorist Fading of Human Rights
12
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Council of Europe: Convention on cybercrime Harmonise cybercrime law in over 40 member nations U.S. law enforcement officials helped to write the document Provide tools for investigation and prosecution Set up international co-operation network
13
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Convention on cybercrime Make it a crime to create, download, or post on a website any computer program that is "designed or adapted" primarily to gain access to a computer system without permission. Also banned is software designed to interfere with the "functioning of a computer system" by deleting or altering data. Authorities can order to reveal passphrase of an encryption key. Makes it a crime to possess even digital images that "appear" to represent children's genitals or children engaged in sexual conduct. Require websites and Internet providers to collect information about their users. Spontaneous information sharing cross spying?
14
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY DMCA, Copyright laws, EURO DMCA and DRM Digital Millenium Copyright Act DMCA USA 1998 EURO DMCA 2001 Directive on the harmonisation of certain aspects of copyright and related rights in the information society. aka. EUCD DRM=Digital Rights Management No commercially viable system is 100% secure support comes from legislation
15
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Self-enforcing digital contracts No commercially viable system is 100% secure support comes from legislation Article 6 of Euro DMCA legal protection against the circumvention of DRM Who will enforce how DRM systems operate when tools are taken away? Who’s the bad guy?
16
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Security threats for e-mail message ISP Sender Receiver -Backdoors -Copies of message -Using of unprotected connection -Weak standards -Viruses -In-house leaks -Physical security -Weaknesses of attachments -Malconfiguration of system -Direct tapping to hardware -Wrong receiver/message -Monitor image capturing (Tempest) -Black boxes at routers (Carnivore) -Tapping in to infrastructure -Partnering with the enemy -Infrastructure malfunctioning -In-house leaks -Key escrow (PGP?) -Clipper chips -Weak programs with built-in faults -In-house leaks -Virus that send users mails forward -System or program backdoor -non-compibality of systems or standards. -Negligent or inexperiment storage of information -Malconfiguration of system and weak e-mail standards. -Steganografy -Reliability of receiver
17
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY From Action to Reaction Those who are being monitored will react. Law will always be one step behind the privacy technology. Privacy as business
18
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Grassroot action Open Source standards will evolve to avoid surveillance Communities response From Grassroot to International concern Skylarov case
19
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Still thirsty for information? www.eff.org www.eff.org http://conventions.coe.int/Treaty/EN/cadreproje ts.htm http://conventions.coe.int/Treaty/EN/cadreproje ts.htm www.epic.org www.epic.org www.eurorights.org www.eurorights.org
20
SoberIT Software Business and Engineering Institute HELSINKI UNIVERSITY OF TECHNOLOGY Questions..? Herkko Hietanen Researcher, Helsinki University Of Technology PR-Manager EFFi Mobile +358-50 5822 553 E-mail: herkko.hietanen@hut.fiherkko.hietanen@hut.fi P.O.Box 9600 FIN-02015 HUT, Finland
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.