At the Govcert Symposium 2010 the Dutch High Tech Crime Unit presented on the problems that an investigator runs into when dealing with cyber crime. The question broke down to: What makes an investigation into a computer break-in so different from a common burglary? The police officer made the audience fill in the following by asking them questions. ‘It is normal for a police officer to go into a home that is broken in to, but not to enter a hijacked computer’. Ít is normal for an officer to confiscate as evidence a crowbar used for breaking and entering, but not so if it is a command and control server (in another country).’ ‘It is normal for an officer to leave a note on the table to alert the owner that his home was broken into if he can’t be reached otherwise. At the same time it is seen as hacking if the police puts a message on a computer that it was broken in to by a criminal’.
Of course this presentation goes back to the method used by the Dutch police in the Bredolab investigation, that was reported on extensively in the media end October 2010. Who is wrong or right is something for the legislature and the courts to decide on, fact is that the topic as such was spot on and led to an emotional debate. Emotions got deeper when the question was raised by a researcher of Bonn University whether it was ethically right to fix ane infected computer of an end user without his knowledge, let alone his consent. For some in the audience all boundaries would be broken if this would happen.
What I think is important are two things. 1. In a time in which the world is faced with major problems that it has not yet learned to deal with, there are people who come up with innovative ideas that could potentially help cure at least a part of this problem – whether one agrees with the ideas or not. 2. We live in a world where we get to debate these ideas, pros and cons. It is this that makes us strong. If we manage to hold our debates with an open and constructive mind, we may even come up with a part of the much sought after silver bullet. Fact is that not participating is not only unproductive, neither will it keep a government from stepping in on the assumption it has to regulate the Internet as some people are predicting for the near future.
If you value my personal opinon? If someone is infected with a life threatening, highly contagious disease, he is a threat to his environment. That is why society quarantines such a person and isolates him from the rest of the world. If this person refuses to be treated, that may be up to the individual, but he stays in isolation. There he gets well and survives, or not. In Internet terms? Quarantine the computer, but cleaning up your machine is up to you. With the consequences to bear of course.
Yes, the questions that were raised today were of a highly ethical nature, but are the sort of questions our part of the world is facing and needs to answer in the face of people who do not care at all about these values and exploit weaknesses that are inherent to the Internet to the max. It is after all not only about infringes of privacy but at the same time protecting the privacy of the same people against criminal behaviour. This is a fine balance, but one we need to train ourselves for.
I’ve greatly enjoyed this discussion, thank you!
Wout de Natris