Hackers

As information becomes a commodity, cyber crime is becoming a serious affair. So serious, in fact, that the FBI is taking steps to dismantle the operations of one of the more frustrating subsets of web criminals, the ones that run bot nets. Bot nets are clusters of computers, often operated remotely without their owners knowledge (or consent), used by spammers and criminals alike to launch everything from Denial of Service attacks to waves of Cialis ads.

As a part of the press release today on the subject, the FBI reports that they have arrested 8 “bot herders” put out warrants for 13 others and uncovered over 1 million victim computers.

This raises a much larger question about information in the digital age, and what we’re doing to protect it.


Infocrime

In Romania, 9 people were arrested for allegedly committing $130,000 worth of fraud using credit and bank information that they obtained through phishing.

In California, a man received a 24 month sentence for eBay fraud after offering $93,000 worth of merchandise for auction but never delivering on the goods.

And in Ohio, two women have just been indicted on charges of illegally intercepting passwords and user names from their local school district.

And this is all just in the last month.

As more of our information makes it onto the web, people are coming up with more and more creative ways to get at it. What’s interesting when you look at technology is that so little effort is being put into securing identity.

What are our solutions now?

  • Spam blockers
  • Virus scanners
  • Passwords


Digital Identity

These are all solutions at transaction level. Data is being protected and there are ways to make sure that our information doesn’t leak into the wrong hands but at the end of the day, there is no coherent way to verify I am the person who is trying to access the data.

If there is one major advancement in technology that must happen before the web will truly grow up, it will be some method of establishing an individual’s credentials in a unique and universal way. Passwords and usernames are just too easy to spoof, what’s needed is a method of verifying that I am the one entering that password and not some spammer from across the world.

Initiatives like OpenID and Cardspace are good first steps, and even systems like Disqus are tackling one facet of the problem but the biggest killer app in identity will be the platform that gives me complete access to all of the identity transactions that are being made with my credentials (IP address, passwords, usernames, credit card information) attached to it and allows me to manage them like I would a bank account.


Web 2.0 Roundup

Is there a technology on the horizon that will tackle this problem? That’s the question I pose to you. A second might be even more interesting, how safe do you believe your digital identity is from those who would use it for their own purposes and what are you doing to protect it?

[Be sure to subscribe to the RSS feed before leaving]

  • del.icio.us
  • Digg
  • StumbleUpon
  • Reddit
  • Fark
  • Mixx
  • Propeller
  • TwitThis