Search the Community

Salut. Lucrez la un software de tip remote control. Se diferentiaza de multe altele deja existente din diferite motive (si tehnice cat si etice), nu ma apuc sa le insir, nu asta e important. Problema este ca nu reusesc nicicum sa identific diferentele dintre cele 2 concepte si anume care este linia critica dintre (cyber)crime si serviciu online. Este des regasit termenul cybercrime in diferite contexte (dupa parerea mea prea des uzitat) ceea ce imi lasa impresia ca orice program ce are ca scop colectarea de informatii & statistici de pe un device este sau poate fi incadrat ca malware. Nu-s tampit, sunt constient ca e relativ usor de folosit un soft de genul pentru lucruri mai putin legale (de la spionat PC-u vecinei pana la carding & creare de retea botneti ~ lucru care de altfel l-ar facilita pur accidental). Chiar daca i-as proiecta o solutie tehnica prin care sa anunte utilizatorul constant ca softul ruleaza in background, nu vad imposibil sa vina altul sa ii genereze un patch si sa aibe un trojan nou nout la indemana. O posibila abordare in care am crezut a fost ca datele tuturor clientilor sa ramana intr-un singur server principal si sa ofer acces la ele printr-o interfata web dar asa ceva nu e chiar viabil deoarece s-ar pune la indoiala nu numai siguranta datelor cat si intimatatea acestora. Plus ca nu ar rezolva oricum problema initiala, ba chiar o accentueaza, deoarece e serverul meu si raspund de ce date exista acolo. Asa ca, a ramas varianta kitului de instalare & suport tehnic prin care isi tin ei datele unde vor. Un alt aspect important al povestii este ca nu am de gand sa deschid firme, pfa-uri si alte cacaturi de dragul birocratiei. Declar eventualele venituri, dar nu vad sa ma acrediteze faptul asta in vreun fel cum ca nu exercit vreun model de crima (M/C as a Service) ce se incadreaza prin vreo norma europeana la infractiuni penale. Ma gandesc ca o firma pe profil specific nu ar atrage probleme, scopul fiind clar si acela de "a dezvolta software", dar nu e cazul la mine. Luam ca exemplu urmatorul scenariu: Cineva cumpara aplicatia, o foloseste pentru lucruri ilegale, face un sac de bani. Incep anchete, dosare etc. Nu e greu de aflat de ce anume s-a folosit cineva-ul sa isi duca la bun sfarsit nasoalele pe net. Bineinteles ca incepe sa-mi sune mie telefonul pe tema asta, deoarece exista un website, o pagina de contact, toate cele pentru a oferi transparenta asupra intregii activitati. Care este riscul de pe o scara de 1 la 10 sa fiu ridicat de acasa cum ca sunt suspect, complice sau ca nu am respectat nu stiu ce alte baliverne legsilative de care nu a auzit nimeni pana ieri? Multumesc anticipat.

Euro cybercrime cops have taken down the RAMNIT botnet, which has infected 3.2 million computers worldwide, including 33,000 in the UK. The National Crime Agency's cybercrime unit worked with cops in the Netherlands, Italy and Germany to shut down command-and-control servers used by the botnet. One of the servers was housed in Gosport, Hampshire. RAMNIT spread malware via innocuous-looking links sent in phishing emails or social networking websites, and has mainly been used to take money from bank accounts from people running Windows OSes. Europol was alerted to RAMNIT by Microsoft, after data analysis showed a big increase in infections. The operation to take down RAMNIT was co-ordinated by the Joint Cybercrime Action Taskforce based at Europol’s European Cybercrime Centre. “This malware effectively gives criminals a back door so they can take control of your computer, access your images, passwords or personal data and even use it to circulate further spam messages or launch illegal attacks on other websites," said Steve Pye of the NCA’s national cybercrime Unit. “As a result of this action, the UK is safer from RAMNIT, but it is important that individuals take action now to disinfect their machines, and protect their personal information," he added. The NCA is advising people to check whether their computer has been infected by downloading specialist disinfection software, which is available free of charge at CyberStreetWise or GetSafeOnline. Analysis is now taking place on the servers and an investigation is ongoing, said the NCA source

By Anna Leach After China, the world’s biggest source of global data theft comes from inside the European Union, said a report published Tuesday. Verizon Communications Inc.’s Data Breach Report 2013 found that more than a quarter of the world’s data thieves operated in Romania. Some 28% of the hackers behind 47,000 data breaches investigated by Verizon were working from Romania. That was second only to China with 30%. By contrast only 18% of data thieves were acting out of the U.S. said the company. In a wide-ranging report, Verizon found that the majority of data thieves are not high-tech espionage agents, but rather petty criminals hacking for money and using rudimentary skills. Three quarters of all data thefts analyzed were financially-motivated and less than 1% used techniques that Verizon classed as high-tech. The focus on cash not politics meant that private businesses, not government, were the main target, with under 5% of attacks analysed targeting the public sector. Data thieves took all sorts of corporate information, said Verizon’s global investigation manager Dave Ostertag. “Thieves steal corporate information for a variety of purposes,” he said. “If you steal quarterly earnings statements prior to announcement, that has value to someone. If you have a process that your competitors don’t have — that process makes you more efficient or you have a larger market share because of that process, that has value.” The theft of intellectual property has become an increasing problem, especially for small business in the technology and science sectors: “Smaller companies used to say ‘we don’t have to worry about a data breach’, that’s not true any more,” said Mr. Ostertag. “When we look at espionage, it’s not just defense contractors and the government, it’s boutique engineering firms that might specialize in say aerospace, or might specialize in undersea [engineering], with maybe a hundred employees or less. These type of companies are victims too. “It might be a small firm that’s got a piece of information that might be valuable to a competitor or to a state.” Even when hacking is state-affiliated — and 19% is according to the report — it may be targeting a private business for commercial purposes rather than state bodies. Verzion’s Data Breach Report 2013 is based on 47,000 incidents investigated by their security arm Verizon Risk for their clients in 2012. Some 621 breaches were analyzed in more detail. The report also draws in data from Verizon’s 19 partners on the report including the Danish Intelligence Service, Carnegie Mellon University, Deloitte and the U.S. Department of Homeland Security. The source: After China, Romania is Biggest Source of Data Theft Says Report - Tech Europe - WSJ Hai ca stiu ca poti. Inca putin si locul 1 e doar al tau. Romania nu duce lipsa de "baieti" si asta se vede!