Wednesday, January 23, 2013
Computer Security Cases
2012's Most Notable Computer Crimes
Several high-profile criminal cases involving technology reached their conclusions in 2012. They include the conviction of several executives of an e-waste recycling company that sent waste to China rather than processing it in the U.S. as they had claimed. Also, a federal court convicted a man of breaking into AT&T's servers to steal information about its users.
Users of the Internet and electronic gear are vulnerable to criminals near and far, but we don't always hear about what happens at court and whether the alleged criminals are convicted or acquitted.
Here is an update on some those crimes for consideration.
E-Waste Conviction for Exporting IT Gear
After an 11-day jury trial in Denver, members of the management of Executive Recycling were convicted of illegally disposing of e-waste overseas; mail and wire fraud; smuggling and obstruction of justice.
Executive Recycling falsely advertised to potential customers that it would dispose of old computers, PDAs, TVs and other electronic waste in compliance with all local, state and federal laws and regulations.
CBS "60 Minutes" reporters followed shipments from Denver to Hong Kong and broadcast their report, in 2009. The electronic gear sent to Hong Kong ultimately made its way to southern town of Guiyu, China. The show called Guiya "a sort of Chernobyl of electronic waste."
"Greenpeace has been filming around Guiyu and caught the recycling work. Women were heating circuit boards over a coal fire, pulling out chips and pouring off the lead solder. Men were using what is literally a medieval acid recipe to extract gold. Pollution has ruined the town. Drinking water is trucked in. Scientists have studied the area and discovered that Guiyu has the highest levels of cancer-causing dioxins in the world. They found pregnancies are six times more likely to end in miscarriage, and that seven out of 10 kids have too much lead in their blood," the report said.
The U.S. Department of Justice provided evidence that Executive Recycling exported more than 300 cargo containers from the U.S. between 2005 and 2008, and approximately 160 of these contained electronic gear. Sentencing is scheduled for April.
Arrest of Ceglia Who Sued for Part Ownership of Facebook
The FBI arrested Paul Ceglia for alleged criminal violations including fabricating evidence for a lawsuit to obtain a substantial interest in Facebook. Ceglia claimed he signed a contract in 2004for Web design for Facebook, entitling him to 84 percent of Facebook. The criminal complaint filed for mail and wire fraud includes allegations against Ceglia that he
• filed a federal lawsuit falsely claiming that he was entitled to at least a 50 percent interest in Facebook;
• has deliberately engaged in a systematic effort to defraud Facebook and Zuckerberg and to corrupt the federal judicial process; and
• manufactured and destroyed evidence, for instance replacing a page of the original contract with a fraudulent one that made it look like Zuckerberg had offered Ceglia interest in the company.
Attorneys for Zuckerberg and Facebook "commend the United States Attorney for charging Ceglia with federal crimes in connection with his fraudulent lawsuit against Facebook. Ceglia used the federal court system to perpetuate his fraud and will now be held accountable for his criminal scheme," Computerworld reported.
In 2010, when Ceglia sued Zuckerberg, the Wall Street Journalreported about Ceglia: "In 2009, New York's Attorney General Andrew M. Cuomo accused Mr. Ceglia of defrauding customers of his wood-pellet fuel company, according to a news release from the Attorney General's office. The state claimed that he took more than [US]$200,000 from consumers and then failed to deliver any products or refunds. The wood-pellet case is ongoing."
iPad Data Breach Lead to Conviction
In November, a federal jury in New Jersey convicted Andrew Auernheimer of identity theft and conspiracy to gain unauthorized access to computers. In 2010, Auernheimer illegally gained access to AT&T's servers and stole "more than 120,000 email addresses of iPad users including New York Mayor Michael Bloomberg and film mogul Harvey Weinstein."
Auernheimer used his hacker name of "Weev" and at trial testified that he publicized the breach because "the consumer has a right to be informed when they're put at risk by a company."
In the meantime AT&T claims it solved the technology problem that allowed Auerheimer to violate their servers in order to eliminate future similar crimes.
Google Executives Acquitted
In 2010, an Italian trial court convicted three Google executives in absentia for failing to promptly take down a video which depicted teenagers who were bulling an autistic boy. Ironically, Google took the offending video within 24 hours of notice, but the trial court nonetheless convicted the Google executives.
In December 2012, an appellate court overturned the convictions, a move that was welcomed by Google and other ISPs who do not want to face criminal liability for content posted by users. Under the 1996 Communications Decency Act, ISPs do not have liability for content posted by users on their websites, but will have liability if the ISPs do not take down offending content once they are aware of its offensive nature. Other countries, including Italy, have similar laws, one of which was upheld by the Italian court.
Discussion: Provide your views and thoughts on each of the above cases. How can security be tightened to prevent each of this incidents from happening in the future, provide your solution(s).
Posts to be completed by Wednesday, January 30th, 2013
Subscribe to:
Post Comments (Atom)
E-Waste Conviction for Exporting IT Gear - my opinion is it is ridiculous that someone would rather become rich, and then ethically deal with the E-waste appropriately. These are innocent lives being taken advantage, for what one company’s greed. To better prevent this from happening, there should be better follow ups. When you are constantly checking up on someone’s routine and this isn’t actually their routine something will slip. Also have programs in place to see what’s going on with the business. See how the process is done and dealt with.
ReplyDeleteArrest of Ceglia Who Sued for Part Ownership of Facebook - if someone is convicted of fraud in one case it sure doesn’t look good for them in another case for example facebook, and the wood pellet case.
iPad Data Breach Lead to Conviction - If Andrew is doing this to better consumers knowledge and how easily they can be taken advantage fine, but if he is doing it for the wrong reasons yes he should be convicted, but this is just another example for consumers to realize we are all victims and can be taken advantage, and unless you know it is secure to put your information on the internet don’t! AT&T already should have had a well working security system to protect their consumers if not, pay someone to try and break in, but use an assortment of different hackers, if they can break in you know it isn’t secure site and you need to fix it. Use a wide range of different security systems so it will take time before they even get any information but before then someone has already detected a hacker.
Google Executives Acquitted – When they are told to promptly take something they should especially when it relates to bullying. Even though they are liable for what people post, it’s their job to get rid of it as soon as possible when it isn’t appropriate that’s where they are at fault. You built something that can be misused you are reliable for it. They need to have a filter, or some kind of needs to be approved before it can be posted on their website program in place to prevent this from happening and them being at fault.
E-waste
DeleteThis was an unbelievable case. I cannot believe that so much harm was done before anyone had caught onto what was happening, or maybe they did but didn’t realise the effects. I am glad that the members who managed the company have been prosecuted and somewhat surprised that there were no charges to do with the health and negative effects on the people who live in Guiyu. The US department of justice should keep a closer eye on things such as these in the future.
Celgia
This story does not surprise me that someone would try and weasel their way into a piece of Facebook. What surprises me is how easily someone could get a hold of an original contract. I feel like for security to be tightened Facebook has to not only pay attention to their online information but paperwork as well. Another way to protect is background checks. The company should have never been so closely tied or even associated with someone who has already been convicted of a major online crime.
iPad Breach
In this case I was surprised at how much information was vulnerable to be found, even by a professional, 120,000 peoples emails were taken. AT & T is just lucky that it was emails and not even more personal information like banking or SIN numbers. I don’t have many suggestions for security because it sounds like AT & T has really tightened up the system to eliminate other crimes.
Google Execs
This case is more controversial than the other three. It is hard to decide what is right and wrong because there are two laws contradicting each other in ways. Google is responsible for so many websites, and they are a middle man to them. Google should not be responsible for every video posted. I would like to know if the people who posted the video even got any time of punishment. This cannot always be Google’s responsibility because there the easiest to point fingers at. To prevent things like this from happening Google could maybe come up with a filtering system that uses keywords in titles and comments to find these videos before they become a problem.
E-Waste
ReplyDeleteIn my opinion this case is ridiculous, the dumping of the waste is completely unethical. It was good to see that the members of this company were prosecuted. To prevent something like this in the future i feel that things should be tigher watched as of course the more time you spend watching someones actions you are bound to find something wrong.
Celgia
I am not suprised with this case as many times if someone is to commit fraud they are goign to do it. I feel that in general facebook deifnately needs to tighten all of their security processes.
IPad Data Breach
I find it interesting that a big company such as A&T didnt have somethign in place in the first place to prevent these type of actions. Its good to hear that they have already made changes to stop these actions in the future.
Google
I understand that this is a very touchy subject and very unfortunate but i believe that google cannot be held responsible for all of the videos that become posted. I believe that the person who posted this video should be penalized. In order to stop this from happening again maybe google can implement a better report system where people who watch the video can report it for specific reasons to google staff
E-Waste Conviction for Exporting IT Gear
ReplyDeleteIt isn’t right that this entire community and the environment is suffering because the executives weren’t responsible enough to implement the proper techniques for disposing of the equipment. The behaviour shown by these executives was very unethical, it wasn’t right of them to lie to their consumers and to have the people of Guyiu be subject to these conditions. To prevent future incidents like these companies need to be monitored more closely. It shouldn’t have to come down to that, but if these people are showing they can’t be trusted a security policy must be put into place that allocates people to watch what is going on within these companies.
Facebook
Because Facebook is such a successful organization it isn’t surprising to me that people are going to do whatever they can to try and get a piece of it. An incident like this can potentially be bad for Facebook’s reputation; it isn’t good that this man even had a way of receiving a copy of the original contract. I’m glad that the United States Attorney laid charges against this man; more work needs to be done to prevent cases like this from reoccurring. Facebook needs to tighten it’s security policies on who has access to what information. With the popularity and wealth of Facebook, and them holding so much of the worlds information it is highly important that they have multiple security plans to keep dangerous people out.
iPad Data Breech
It is very alarming to think of events like this happening. A large majority of the world’s population has information stored with companies like AT&T. It is scary to think that someone can so easily gain access to that information. As a consumer you want to participate in all of the evolving technology trends but there is always a part of you wondering how much trust can you put into that technology. You’re always at a risk of someone finding your information. It is very important for all of these companies to have the top security systems and policies that evolve with the technology. As technology evolves it becomes easier for people to access this information. Security teams need to be one step ahead and they always need to be implementing new and better policies.
Google Executives
Personally I agree that companies like Google should not be held liable for videos that their users post. With thousands of people using these websites it is hard to monitor and keep track of everything that is being posted. As soon as they become aware that a video like this is on their website they should have to immediately take it down. These companies need to make sure they have a reporting system in place. This way user can report any video they find offensive. They can put a button beside all videos that if a user clicks it the video link will be immediately sent to Google executives for their review.
E-Waste
ReplyDeleteAs bad as this case sound, I find it interesting how most people think "Out of sight, out of mind." People look at this article and think how miserable the company is, as they sit at their computer and use their cell phone. Want to prevent electronic waste? Stop producing electronics....
Facebook
Once a significant amount of money gets involved, people will lie, deceive, and steal from one another. Maybe Ceglia did deserve part of Facebook, but his fraudulent actions did not help his case. I dont think there can be any prevention of what happened in this case. As long as our legal system is set up the way it is, everyone that even told an owner of a company an idea wants a piece of the cake.
iPad
The hacker was just showing AT&T that their system was able to be breached and for them to fix it. This hacker was not malicious, and many of them are not, as they just want to show the large company that their security is not as good as they think. In many instances they try to contact the company multiple times to inform them of the security problem, but they dont want to hear it or believe them. So the hacker then shows them how the hole can be exploited. Hire the best hackers to be security experts to stop the latest hackers that actually are malicious.
Google
If we start making the large websites responsible for what users put up, then we will no longer be able to have a general website like youtube.com anymore, because they will be ruined. The user that posted the video should be the one responsible for the act solely. If a website is contacted about an inappropriate video and they do no take it down, then I think it would be the websites responsibility.
E Waste
ReplyDeleteI find it really funny that 60 mins had to uncover the truth, why was the state not following up on this? As for the environmental issues and health problems of the citizens that have arisen because of this, its terrible that we live in a day and age where money out weighs people.
Facebook
Hats off to you Paul Ceglia. I hope your next get rich quick scheme goes off with out a hitch. You know what they say, third time is the charm.
iPad Data Breech
As technology advanced so does the way criminals operate AT&T is a great example of why you should constantly be ahead of the threats with the most up to date software.
Google
Offensive nature? Over half of the stuff on the internet maybe offensive to a person. I agree that the video should have been removed but there are a lot more videos I find offensive that are still out there. Google should not be accountable for what viewers upload to their site, the people watching should be accountable for what they choose to watch. Thanks to google for removing the video, but there is going to be a lot more offensive images and videos uploaded, maybe we need to start penalizing those who upload the videos more harshly.
E-waste
ReplyDeleteAll corporations and companys disposing of e-waste should be monitored more to ensure that they are following regulations et our by themselves so that things like this dont happen.
Celgia
Faceboook owners or whoever is involved should ensure theat all there documentation is copyrighted and protected. Facebook has previousl dealt with people trying clain Facebook as there idea so from then on they should have protected and secured all there documentation so things like this cant happen.
iPad Breach
WIth AT&T it was unfortunate what happened but someimes no matter how strong the security system is it can still be hacked. AT&T has been around along time and they havent had secuirty issues till now so I think they just need to tweek the system already in place to make it even more secure and more harder to be hacked.
Google Execs
I think that Google needs to have a system or some sort of way to view and pre screen videos that are extremely inappropriate before just uploading the videos to the internet. This way they can manage what is being posted on there behalf.
E-Waste Conviction for Exporting IT Gear:
ReplyDeleteIt's rather sad to me that knowing the extensive amount of harm they were doing to actual humans and their families, a company would go through with this sort of thing. It just goes to show how money has too much power in the world today. It disgusts me that someone could know these consequences and go through with it anyways, especially with all the money and time being put into cancer prevention and research; it's kind of a vicious circle. A stronger effort needs to be made to keep an eye on business ethics and make sure laws and regulations are being followed, especially when it comes to the health of the people and environment.
Arrest of Ceglia Who Sued for Part Ownership of Facebook:
Facebook, as the success it has become, should know better than to deal with fraud criminals... For one, I guess they need a new contract now... if it is so easily duplicated.
iPad Data Breach Lead to Conviction:
It's kind of funny actually, if it is the case that this was simply a lesson to AT&T and not an actual hacker using people's personal information. Anyways, at least both parties were informed after it happened and AT&T has tightened up security measures. Not too sure how safe I would feel giving them my info after that incident regardless.
Executives Acquitted:
I don't feel like Google should in anyway be held responsible for this video. With social media websites, the views and opinions of the user do not in any way represent the views of the company. They did what they could in taking it down as soon as possible, and I really think that's all they needed to do. They need a disclaimer that holds the user responsible for what they post on the internet.
E-Waste Conviction for Exporting IT Cases:
ReplyDeleteFor this case, there is really no security issue but more of an enviromental issue. Executive Recycling was not being environmentally sound by distributing this e-waste to areas that are having tremendous pollution and carcinogen problems. The security issue is not with the company, but in the borders that allowed these products to enter their country. This village is a form of cheap labour, but it is running a risk for the townspeople. The people using Executive Recycling were told their old computers were being disposed of safely; if they knew that their waste was not being taken care of properly, they would not have sent their products there. The security issue here is at the border that should have checked the containers before allowing them into a pollution site and shutting down Executive Recycling down before they made all these shipments.
Arrest of Ceglia who Sued for Part Ownership of Facebook:
The security issue here is that Paul Ceglia would have access to information by way of hacking into Facebook systems to falsify documents. To combat this issue, Facebook, Facebook needs intrusion alerts and passcodes to get into legal information so this would not have been an issue. If this person did have access at one point, passcodes should be changed frequently and only given to people who need the authority to do so.
iPad Data Breach Lead to Conviction:
This man did this to show that a person could cheat the system. He found loopholes that could lead to the undermine of AT&T. To solve this, watches need to be put in placeto look for unusual practices and intrusion alerts to warn people of invasions. This inforamtion, like the Facebook documents, should only be on the passcoded intranet.
Google Executives Acquitted:
It is good that these executives were acquitted for content placed on their sites because they are not posting these videos, pictures, etc. themselves, their client's are. Chacks and screens need to be put in place to see if the content is approved of. These have been in place for a while on YouTube with the "Report Video" link. This will likely cover the 24 hour period on removing the content. Checks will always have to be done by staff for new content coming in to be thoroughly sure.
E Waste
ReplyDeleteI find it very unethical of Executive Recycling to be exporting all of this "e-waste" into China without looking into the risks involved. The overall business idea is good, but the way it was executed was very poor. If they were serious about having a successful business they could have done a lot more market research in order to keep it alive.
Facebook
Its tough to say whether there is a solution for this situation. If Facebook just keeps installing new securities, the theif will find new ways around it.
iPad
I think AT&T is lucky that Andrew only hacked peoples email addresses. It would have been alot worse if he got ahold of more valuable information like banking information etc. Sounds like they have already added more security to their systems, which is good.
Google
Its too bad that these executives got convicted for someone else's video. Maybe if they had a system where other users could report the videos it would be sent to Google alot quicker and would be handled in a faster fashion.
Ewaste
ReplyDeleteIf we don't take measures to stop harmful e-waste from seaping into our water supply, this will not be where it ends, if it is happening there it most likely is happening in our own country.
Facebook
There seems to be no real security that could be implemented, fraud and illegal activities on the internet are going to happen, hopefully facebook can keep one step ahead.
iPad
this incident could have caused real damage to AT&T customers, because he could have emailed the customers viruses or crashed a whole system if he knew how, which he probably did if he could attain that many emails.
Google
I thought that the punishment should have been placed on the bullies in the video rather than Google, I think it is unreasonable to expect google to know everything that is posted on the web if no one lets them know, and they did take it off when they were notified.