Business Daily from THE HINDU group of publications
Monday, Jul 24, 2006
eWorld
Features
Stocks
Cross Currency
Shipping
Archives
Google

Group Sites

 eWorld - Security
Info-Tech - Internet
Columns - Security Musings
Net lends a hand...

R.K. Raghavan

... to help authorities solve crimes in cyber space, playing an increasingly important role.

There are resourceful groups in some parts of the world that resort to the Internet imaginatively to curb crime, especially against women, in public places.


HELPING TO TRACK the bad guys.

To establish how the Internet can help solve crime, petty or serious, I thought I would tell you something that is really hilarious.

Three youths — KaneAndrews (18), Anthony Harper (20) and Peter Harrison (23) — of Torquay, Devon (UK) recently broke into a church at Churston, and after dressing themselves as Jesus and the Devil, staged a mock battle between `good' and `evil'.

Capturing their antics on video, they posted the clownish scene on the Internet.

Equally ridiculous was another of their videos showing them vandalising a school and a seafront shelter, and making obscene gestures at passers-by.

Stumbling on these scenes on a Belgian Web site, an appalled viewer, who recognised the setting against which one action was set, tipped off a local newspaper, which alerted the police.

The three misguided boys were promptly nabbed, and are now facing trial before a Magistrate.

While the crime itself may be childish, deserving little or no notice, the use of the Internet by a group of urchins to boast about themselves is not without significance.

It highlights how public decorum and sensitivity can be assaulted by such thoughtless exhibitionism, which is promoted by unrestricted access to cyberspace.

In an ethnically or religiously polarised community, tendentiously portrayed scenes as the one at the church could be easily posted on the Internet with a view to destabilising public order.

Net for social cause

At the other end of the spectrum are those who use the Internet for a social cause. I am gratified to know that there are resourceful groups in some parts of the world that resort to the Internet imaginatively to curb crime, especially against women in public places.

We know how women commuters in overcrowded public transport, buses as well as trains, are stalked and physically harassed during peak hours of travel. Many of them suffer in silence because of a sense of self-esteem and the difficulty in identifying their tormentors.

Seven New York women thought otherwise of the problem, and took the bold initiative, a few years ago, of launching www.hollabacknyc.blogspot.com, which posts any picture sent by a woman victim.

This has been supported by the New York Police Department's `Operation Exposure', leading to a number of arrests.

Camera phone to the rescue

The movement encourages women capturing scenes of male misbehaviour with the help of a camera phone and sending the picture immediately to the blogspot.

The photograph will have to be accompanied by a brief description of the incident. This novel method of countering sexual harassment, especially while travelling in public transport, has caught widespread attention.

It explains the springing up of numerous such blogspots across the globe. We need this one in our own cities, if it does not already exist.

The pictures posted on the Net may not be all that clear or always hold well in a judicial proceeding. But the fact that such a tool is available to a woman commuter should be sufficient deterrent to ruffians who derive immense delight from such uncivilised behaviour towards the fair sex.

Reconstructing emails

While still on the subject of investigating crime, the Metropolitan Police in London are now busy reconstructing a few erased e-mails. This is in connection with a scandal that has rocked the Blair Government in the recent past.

Known as `cash for Peerage', the allegation is that knighthoods have been sold to moneybags who have made huge donations to the Labour Party. A major fund-raiser for the Labour Party, Lord Levy, was arrested recently, and several in high positions in government and society are being questioned by the police.

It is strongly rumoured that e-mail messages that constitute strong evidence to prove the corruption have been erased from a number of government computers to hush up the corruption suspected here.

A California-based company called Guidance Software is assisting the investigation with the help of one of its products known as EnCase. There is, however, some scepticism whether this package will do the trick.

This is because some computer users are so clever that they can get around whatever software is available to the cyber forensic expert.

So, let us wait and watch how successful Scotland Yard will be. If they succeed, the message will go around strongly to crooks in public life that they cannot hide their misdeeds in cyberspace. A failure of the Yard, on the other hand, will only promote more misdeeds!

Incidentally, encouragement of crime should come not only from the unsuccessful investigation into the above scandal but from some news that is trickling in about forays of unscrupulous elements into a leading US bank Web site.

All of us had been told hitherto that a two-factor authentication (passwords plus an access card or a token that generates a password that changes every minute) was proof against phishing. Now we understand that this is only as long as Phishers do not fake the second device as well.

In this particular instance, reported by a Washington Post columnist, when you are trying to get into your online account, you receive a bogus e-mail which informs you that some unauthorised person (whose IP address is also furnished) had tried to get into your online account and that you need to reconfirm your account information.

When you click on the link to proceed further, you are led to a site that looks very authentic and has a long Web address that appears to end with your bank name but in reality terminates in a Russian Web site.

This Web site asks for your name and password and also information relating to the token-generated key.

Even when you become suspicious and want to test the genuineness of the site by typing in bogus information, you get an error message, leaving you in no doubt that the site is real!

The trick employed here is that the bogus site acts as a "man in the middle", and whatever data you submit to it is fed to the actual log-in site of your bank which naturally rejects any specious information that you had furnished as a test.

Can there be anything more ingenious? Do we possibly need to do some research to outwit the crooks involved here?

(The writer is a former CBI Director who is currently Adviser (Security) to TCS Ltd.)

More Stories on : Security | Internet | Security Musings

Article E-Mail :: Comment :: Syndication :: Printer Friendly Page

Stories in this Section
Foxed? Apply innovation!

Moodle along
Some of all fears
Booting trouble
Start button missing
A different approach
Go for a mouse trap
Net lends a hand...
Stay alert
Three levels of software piracy control
Quiz
Games are now part of our broader mediascape
Cartoon
Flip to the future

The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription
Group Sites: The Hindu | Business Line | Sportstar | Frontline | The Hindu eBooks | The Hindu Images | Home |

Copyright © 2006, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line