A collection of news items from the end of 2012

Briefly, towards the end of last year, I contributed a newsy column in the print version Infosecurity Magazine. The magazine has now kindly allowed me to post them here. There are eight items in total; viz,

False positives and the disposition matrix

Megaupload takedown – an unmitigated disaster?

Brace yourselves, Europe – the lawyers are coming

A strange spam variant with an exokernelized solution

What’s the main cause of movie piracy?

In deep space, no-one can see you surf

After Samsung, Apple turns its big patent guns on… a Polish grocer

Is your computer photochromatic?

 Just in case you missed any of them…

Containment – a kettle by any other name…?

Kettling is an emotive issue. It is a police tactic used around the world to contain and limit protests. The theory is pretty good. If any area of the protest is over-heating, isolate it and separate it and allow it to fizzle out. But the practice is not so simple. Innocent bystanders can be caught. Human rights can be violated. And in the UK, it is illegal unless the police have genuine reason to believe it is necessary to prevent violence.

The Corporate Greed demonstration in London on Saturday 15 October could hardly be called a violent protest.

Earlier today protestors were peacefully prevented from gaining access to Paternoster Square, and there has been no major disorder.
Met Police statement: Update on protests in City of London

That suggests that kettling would be illegal. And indeed, according to the BBC, there was no kettling.

But police at the scene said a “kettling” technique had not been used and that protesters were free to leave the square.
Occupy London protests in financial district

But, admitted the Met

There is currently a containment at St Paul’s Churchyard to prevent breach of the peace. We will look to disperse anyone being held as soon as we can.

A containment officer is on the scene to make sure this process works effectively.

We will attempt to communicate with people within the containment area and will provide water and toilets for those being contained.

Those who are suspected of being involved in disorder may be questioned or arrested as they leave the containment.

That’s a kettle described by a PR man. But isn’t this part of the cause of the protests? The way we are fed half-truths and misleading information to keep us quiet?

Should we blame ACTA on Norton-style statistical manipulation?

Patrick Gray (Risky Business) has gone to town on statistics released by Norton. The claim is that cybercrime now costs us almost as much as the illicit drugs trade.

If the numbers are to be believed, these reports say, that means cybercrime costs us nearly as much as the global trade in illicit drugs. It’s a sensational claim and makes an awesome headline, but any way you slice or dice the numbers they just simply don’t stack up.
Norton’s cybercrime numbers don’t add up

Patrick points out that Norton’s figures include ‘indirect’ costs while the drug figures do not.

…But if you add the USD$114bn figure for direct cybercrime losses to the USD$274bn “time lost” figure, you wind up with a total just under the figure for drug sales (USD$402bn).

…Just think of the harm being inflicted on Mexico right now by the drug cartels, not to mention narco-related drama in countries like Afghanistan. Then there’s the money spent on the “War on Drugs,” keeping drug dealers in prison and the productive capacity society loses to all those dope-smoking young males glued to their PlayStation 3s.

What comes out of this post is the extent to which vested interests manipulate figures to suit themselves. It happens all the time and everywhere. It happens in politics and throughout industry. One of the most ridiculous, overbloated and absurd figures comes from the rightsholders to justify ACTA. They will take an area that has a high use of pirated goods, extrapolate that across the world, multiply that figure by the retail value of the goods concerned, and claim that they are losing the full amount to piracy. Firstly it uses an extrapolation based on ridiculously inflated assumptions, and then assumes that everybody using pirated goods would have paid the full amount if the ‘free’ version was unavailable.

The tragedy is that it has worked. ACTA is on the point of being signed. As far as Europe is concerned, this is undemocratic, secretive and illegal. As far as America is concerned,

The United States finds itself in a particularly bizarre situation – on the one hand, it claims that the Agreement is fully in line with domestic law while, on the other, it is reportedly not prepared to be bound by the Agreement and is treating the text as a non-binding “Executive Agreement.” The USA does, however, expect the other signatories of the Agreement to consider themselves legally bound.
Countries start signing ACTA, preparatory docs still secret