Friday, February 15, 2008

Should spoofing be a part of Pakistan Cyber Crime Law?

Before I give my comment on that whether ‘spoofing’ should be a part of Pakistan cyber crime bill, I would like to tell u people something about ‘spoofing’.

By definition A spoofed email is one that appears to come from one source but has actually emerged from another source. Falsifying the name and / or email address of the sender of the email usually does email spoofing [1].

Usually spoofing includes:

-Spreading viruses and worms
-Message
-Email bombing
- Threatening emails
-Email Frauds

Spreading viruses and worms

Emails are often the fastest and easiest ways to propagate different code over the Internet. The Love Bug virus reached millions of computers within 36 hours of its release. Hackers often bind viruses, worms with e-greeting cards and then email them to unsuspecting persons. Such contaminants can also be bound with software that appears to be an anti-virus patch.
Example.
Consider Mr.Ali whose email address is Ali@hotmail.com. His friend Mr.Junaid email address is Junaid @yahoo.com. Using Send Fake Mail, Ali can send emails purposed to be sent from Junaid’s email account. All he has to do is enter Junaid@yahoo.com in the space provided for sender's email address. Junaid's friends would trust such emails, as they would presume that they have come from Junaid. Ali can use this misplaced trust to send viruses, worms etc. to Junaid's friends [2].

Message
I define message spoofing by giving an example. Consider information@mcaffee.com (this is a spoofed email but the victim does not know this). The email informs him that the attachment contained with the email is a security patch that must be downloaded to detect a certain new virus. Mostly users would open an email and would download the attachment, which actually could be a virus itself!

Email bombing
Email bombing refers to sending a large amount of emails to the victim resulting in the victim's email account or servers crashing. A simple way of achieving this would be to subscribe the victim's email address to a large number of mailing lists. Mailing lists are special interest groups that share and exchange information on a common topic of interest with one another via email. If a person has been unknowingly subscribed to hundreds of mailing lists, his incoming email traffic will be too large and his service provider will probably delete his account. The simplest email bomb is an ordinary email account. All that one has to do is compose a message, enter the email address of the victim multiple times in the "To" field, and press the "Send" button many times [3].
Example.

Consider writing the email address 25 times and pressing the "Send" button just 50 times (it will take less than a minute) will send 1250 email messages to the victim! If a group of 10 people do this for an hour, the result would be 750,000 emails! There are several hacking tools available to automate the process of email bombing. These tools send multiple emails from many different email servers, which make it very difficult, for the victim to protect himself [4].

Threatening emails
People are threatened on different issues to get benefits or money from them. Consider a threatening e-mail story.
Example.
In a recent case, Poorva received an e-mail message from someone who called him or herself 'your friend'. The attachment with the e-mail contained morphed pornographic photographs of Poorva. The mail message said that if Poorva were not to pay Rs. 10,000 at a specified place every month, the photographs would be uploaded to the Net and then a copy sent to her fiancé. Scared, Poorva at first complied with the wishes of the blackmailer and paid the first Rs. 10, 000. Next month, she knew she would have to approach her parents. Then, trusting the reasonableness of her fiancé she told him the truth. Together they approached the police. Investigation turned up the culprit - Poorva's supposed friend who wanted that Poorva and her fiancé should break up so that she would get her chance with him [5].

Email Frauds
Email spoofing is very often used to commit financial crimes. It becomes a simple thing not just to assume someone else's identity but also to hide one's own. The person committing the crime understands that there is very little chance of his actually being identified.
Example.
In a recently reported case, a Pune based businessman received an email from the Vice President of the Asia Development Bank (ADB) offering him a lucrative contract in return for Rs 10 lakh. The businessman verified the email address of the Vice President from the web site of the ADB and subsequently transferred the money to the bank account mentioned in the email. It later turned out that the email was a spoofed one and was actually sent by an Indian based in Nigeria [6].

Conclusion:

So after describing everything about spoofing, I would like to pass my this comment that spoofing should be a part of Pakistan cyber crime bill. But on this question that whether spoofing is a cause of cyber crime or it is just a part of cyber crime, I would like to say on it that it is a part of cyber crime as there are many other major crimes are present like electronic forgery, cyber stalking, packet sniffing are all wrong. But the way by which the crime spoofing is explained in the Budapest Convention on Cyber-crime is not right. It have to be explained in a very clear way because in a country like Pakistan where the literacy rate is very low and people don’t have enough awareness about such things.

1. http://dictionary.reference.com/browse/spoofing
2. http://cybercrime.planetindia.net/email_crimes.htm
3. http://cybercrime.planetindia.net/email_crimes.htm
4. http://cybercrime.planetindia.net/email_crimes.htm
5. http://cybercrime.planetindia.net/email_crimes.htm
6. http://cybercrime.planetindia.net/email_crimes.htm

Thursday, February 7, 2008

Terms of Service Answers..

According to Clause 3, Privacy, and Clause 5, Content of the Service, Google may share your personal information and your content with a government.
What are the risks of such a clause?
Misuse of my personal information, my links, and content of communications by other guys specially people who are criminals, corrupts can blame on me after doing some kind of robbery. Secondly by clause 5 my saved items (like my office information, my research paper) are not secure.
According to Clause 11, Indemnification, you cannot sue Google for any use of the blog service.
Connecting this clause with the previous question, how might a service abuser benefit from such clause?
A service abuser can corrupt my data, can blame on me after doing some kind of robbery. And I can not consider Google responsible for my problem and I can’t sue Google.
According to Clause 6, all blog content is licensed under the Creative Commons License.
What are the objectives of the Creative Commons License?
Creative Commons provides free tools that let authors, scientists, artists, and educators easily mark their creative work with the freedoms they want it to carry. You can use CC to change your copyright terms from "All Rights Reserved" to "Some Rights Reserved." We're a nonprofit organization. Everything we do including the software we create is free.
What other public licenses are available for use?
GPL (Gernal Public License)
Artistic License 2.0

Future Of Ideas An Overview...

In the process of making a film, a director must “clear rights.” A film based on a copyrighted novel must get the permission of the copyright holder. A song in the opening credits requires the permission of the artist performing the song. These are ordinary and reasonable limits on the creative process, made necessary by a system of copyright law. Without such a system, we would not have anything close to the creativity that directors such as Guggenheim have produced.
The stuff that appears in the film incidentally like Posters on a wall in a dorm room, a can of Coke held by the “cigarette smoking man,” an advertisement on a truck in the background. These are creative works and have to be copyrighted but up to some limits as if everything is copyrighted then creative peoples can not proceed.
All around us are the consequences of the most significant technological and hence cultural, evolution in generations. This revolution has produced the most powerful and diverse spur to innovation of any in modern times. But I do mean to convince you of a blind spot in our culture, and of the harm that this blind spot creates. In the understanding of this revolution and of the creativity it has induced, we systematically miss the role of a crucially important part. We therefore don’t even notice as this part disappears or, more important, is removed. Blind to its effect, we don’t watch for its demise. Lessig is talking about not copyrighting the stuff that appears in the film incidentally. He considered it just unawareness of people and called it as ‘blindness’.
Innovation makes enemies of all those who prospered under the old regime and only lukewarm support are forthcoming from those who would prosper under the new. Their support is indifferent partly from fear and partly because they are generally incredulous, never really trusting new things unless they have tested them by experience. There are two futures in front of us, the one we are taking and the one we could have. The one we are taking is easy to describe. Take the Net, mix it with the fanciest TV, add a simple way to buy things, and that’s pretty much it. It is a future much like the present. America Online (AOL), it is the most cynical image of Time Warner’s marriage to AOL: the forging of an estate of large-scale networks with power over users to an estate dedicated to almost perfect control over content. That content will not be “broadcast” to millions at the same time; it will be fed to users as users demand it, packaged in advertising precisely tailored to the user. But the service will still be essentially one-way, and the freedom to feed back, to feed creativity to others, will be just about as constrained as it is today. These constraints are not the constraints of economics as it exists today not the high costs of production or the extraordinarily high costs of distribution.
The most dramatic are the changes in the costs of distribution; but just as important are the hangs in the costs of production. Both are the consequences of going digital: digital technologies create and replicate reality much more efficiently than nondigital technology does.
It is in the chapter that “consumers” do more than simply consume Apple Computers provides its users to just use our systems to produce different things relating to music. Yes, these are strictly consumers of Internet services. Because for example music mixer, they are not bringing all the music components at a place to play them to build a music or melody but they are using just ready made mixers manufactured by diff. companies.
Over the past hundred years, much of the heat in political argument has been about which system for controlling resources—the state or the market—works best. The Cold War was a battle of just this sort. The socialist East placed its faith in the government to allocate and regulate resources; the free-market West placed its faith in the market for allocating or regulating resources. The struggle was between the state and the market. The question was which system works best. That war is over. For most resources, most of the time, the market trumps the state. There are exceptions, of course, and dissenters still. But if the twentieth century taught us one lesson, it is the dominance of private over state ordering. Markets work better than Tammany Hall in deciding who should get what, when. Or as Nobel Prize–winning economist Ronald Coase put it, whatever problems there are with the market, the problems with government are far more profound. This, however, is a new century; our questions will be different. The issue for us will not be which system of exclusive control the government or the market should govern a given resource. The question for us comes before: not whether the market or the state but, for any given resource, whether that resource should be controlled or free.
“Free.” So deep is the rhetoric of control within our culture that whenever one says a resource is “free,” most believe that a price is being quoted free, that is, as in zero cost. But “free” has a much more fundamental meaning in French, Libra rather than gratis, or for us non–French speakers, and as the philosopher of our age and founder of the Free Software Foundation Richard Stallman puts it, “free, not in the sense of free beer, but free in the sense of free speech.” A resource is “free” if one can use it without the permission of anyone else; or the permission one needs is granted neutrally. So understood, the question for our generation will be not whether the market or the state should control a resource, but whether that resource should remain free. A resource is produced says nothing about how access to that resource is granted. Production is different from consumption. And while the ordinary and sensible rule for most goods is the “pay me this for that”. Free resources have been crucial to innovation and creativity; that without them, creativity is crippled.
The future that we could have is much harder to describe. It is harder because the very premise of the Internet is that no one can predict how it will develop. The architects who crafted the first protocols of the Net had no sense of a world where grandparents would use computers to keep in touch with their grandkids. And as I will argue, there are strong reasons why many are trying to rebuild these constraints: they will enable these existing and powerful interests to protect themselves from the competitive threat the Internet represents. The old, in other words, is bending the Net to protect itself against the new this context of creativity has been changed by the Internet. The examples will show how many of the constraints that affected real-space creativity have been removed by the architecture, and original legal context, of the Internet. These limitations, perhaps justified before, are justified no more. Or at least, were justified no more. For the argument of the third and final part of this book is that the environment of the Internet is now changing. Features of the architecture both legal and technical that originally created this environment of free creativity are now being changed. They are being changed in ways that will reintroduce the very barriers that the Internet originally removed.
These barriers, however, don’t have the neutral justification that the constraints of real-space economics do.15 If there are constraints here, it is simply because we are building them in. And as I will argue, there are strong reasons why many are trying to rebuild these constraints: they will enable these existing and powerful interests to protect themselves from the competitive threat the Internet represents. The old, in other words, is bending the Net to protect itself against the new. This is all about the chapter “Free” of book THE FUTURE OF IDEAS.