Professional Documents
Culture Documents
Rodney D. Ryder
Crime and the Internet: [Challenging] Criminal behaviour in the Information Age
Introduction - Structure
Part 1 Crime and the Internet
Cyberspace: an introduction Understanding the impact of the new media Parameters of destruction: the logic bomb versus the truck bomb
<Cyberspace> as introduced by William Gibson [A place governed by its own laws] Law and Borders: the independent theory of cyberspace law [David Post and David Johnson, Stanford Law Review] a consensual hallucination [William Gibson, Neuromancer] <Cyberspace> as derived from <cyberkinetics> [the science of communications and control theory]
Cyberspace as a distinct market place Minimising liability in the new medium [Dow Jones v. Gutnick] Targeting as the norm in cyberspace Jurisdiction and you: YAHOO!
There are no forbidden questions in science, no matters too sensitive or delicate to be probed, no sacred truths. That openness to new ideas, combined with the most rigorous, skeptical scrutiny of all ideas, sifts the wheat from the chaff. It makes no difference how smart, august, or beloved you are. You must prove your case in the face of determined expert criticism.
-Carl Sagan
8
Computer forensics is forensics applied to information stored or transported on computers It Involves the preservation, identification, extraction, documentation, and interpretation of computer media for evidentiary and/or root cause analysis There should be a process and that process should be followed, but flexibility is essential, because the unusual will be encountered.
10
11
Can be anything!
As small as a few bytes Could be, and hopefully will be complete files
Could be Deleted Could be Encrypted
13
14
Prove that the evidence is indeed what the criminal left behind. Contrary to what the defense attorney might want the jury to believe, readable text or pictures dont magically appear at random. Calculate a hash value for the data MD5 SHA-1,256,512
15
Always work from an image of the evidence and never from the original. Prevent damage to the evidence Make two backups of the evidence in most cases. Analyze everything, you may need clues from something seemingly unrelated.
16
1. Continuing Operations v. Preservation of Evidence 2. Identify the Incident Manager and Team usually department heads or officers 3. Assess Systems Impaired and Damages
17
18
#5 Fail to realize how much money their information and organizational reputations are worth.
#4 Rely primarily on a firewall. #3 Fail to deal with the operational aspects of security: make a few fixes and then not allow the follow through necessary to ensure the problems stay fixed #2 Fail to understand the relationship of information security to the business problem -- they understand physical security but do not see the consequences of poor information security. #1 Assign untrained people to maintain security and provide neither the training nor the time to make it possible to do the job.
19
21
22
23
Intermediary liability under tort law Distribution of content: [a] copyright violations [music, films, images]; [b] prohibited content [hate, racism, pornography] Departure from global practice on liability.
24
Theorizing Pornography
The concept of harm from sexual speech: 1868 [English] Queens Bench decision, Regina v. Hicklin [the famous Hicklin test, set the standard for the twentieth century, the deprave and corrupt test] Ginsberg v. New York [1968]: harm to minors; ethical and moral development American Civil Liberties Union v. Reno: no one accesses pornography by accident The Indian Penal Code [1860] and the Information Technology Act [2000]: old wine in a new bottle
25
E.g. in UK:
Human Rights Act 1998 Telecommunications (Data Protection and Privacy) Regulations 1999 Regulation of Investigatory Powers Act 2000 Telecoms Lawful Business Practice Interception of Communication Regs 2000
27
1996
1998 1998 1999
BUSINESS ISSUES
29
Section 43 (a)
Penalty for unauthorised access to a computer system
Section 43 (b) Penalty for unauthorised downloading or copying of data without permission
Section 72 Offence of accessing any electronic record, book, register, correspondence, information, document or other material and, without the consent of the person concerned, disclosing such information to another person 30
32
Any questions?
33
Legal Services
Rodney D. Ryder