Like that other bloke who rose from the grave, the El Reg security desk is back this week... Welcome back, Brits, from your Easter break – assuming you weren't working or on-call over the four-day weekend. Since you've been away from your desks, RSS feeds, and browsers, it's been a busy time in cyber-security, what with not one but two Facebook privacy cockups, one cunningly timed to coincide with the release of the …
With this "dark web" and such, why isn't it infiltrated by some nice law enforcement organization, maybe an international one?
I mean if there is such a den of thieves, we (the good guys) ought to be after them.
Maybe there is such thing, might be called INTERPOL or some such.....
"With this "dark web" and such, why isn't it infiltrated by some nice law enforcement organization, maybe an international one?"
Shhh - criminals might get suspicious if you point out the obvious.
Take a look through Silk Road/Silk Road 2 news reports and you will see that they are generally as impenetrable as a offline criminal organisation. If they are small and everyone is known to one another, law enforcement struggles to get in - but if they get larger, the ability to trust everyone is stretched and law enforcement often finds a way into those gaps.
'With this "dark web" and such, why isn't it infiltrated by some nice law enforcement organization, maybe an international one?'
If they were doing their job then they probably created the "dark web" so no everything going on there but resolutely maintain the "we need backdoors as criminals/terrorists can communicate without us being able to see what they are saying" line ... preferrably backed up by high profile companies taking the "we take our customers security seriously so we're not putting in backdoors for anyone" response.
Something like this happened in Afghanistan with the Taliban when US authorities made an enourmous deal over Mint "worldwide SIM cards" beign a huge security risk as people could buy them without an associated account so they couldn't be traced .... plan worked perfectly and Taliban all started to use Mint cards until a loose mouthed army general commented that "targetting the Taliban was simple - we just wait till a phone using a Mint SIM is turned on and send in the drone" - needless to say, as a result of this revelation the Taliban stopped using Mint or any mobile comms and revert to messages being passed in person
@AC - 'a loose mouthed army general commented that "targetting the Taliban was simple - we just wait till a phone using a Mint SIM is turned on and send in the drone"'
This might explain why the US has so much trouble winning over the 'hearts and minds' in these countries. Unless Mint actually had a policy of only selling to people with Taliban membership cards, that sort of policy would cause a lot of collateral damage (translation: indiscriminate murder).
See also: bombing Ben Tre, Vietnam.
That's more or lesson one for wannabee security staff: leave your ego at the door.
If you don't work with the assumption that somewhere out there there's someone smarter than you, you are not yet sufficiently seasoned to be trusted near anything critical.
Our recovery planning tends to START with the assumption we've been breached - we work backwards from worst case. Anything less and we would not be doing our job.
“Israeli computer security outfit Verint has confirmed that its servers were hit with ransomware.”
Now that's a selection of words you don't expect to see in the one sentence.
“The company is working to contain and handle the situation, with the help of outside parties.”
Shouldn't that be former computer security outfit?
“Ryuk, a potent piece of ransomware thought to emanate from North Korea and used to help fund the dictatorship there.” ref
If I wanted to fund my dictatorship, I would get in on one of those UN NGOs, there's loads of people making a good living out of it, So far thirteen Billion made out of Haiti and nothing to show for it. ref
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
