-Caveat Lector-
from:
http://cryptome.org/dark-spy.htm
Click Here: <A HREF="http://cryptome.org/dark-spy.htm">Uncovering the Dark
Side of the world wide web</A>
-----
21 October 2000. Thanks to NH.
Source: http://people.ft.com/
------------------------------------------------------------------------
Financial Times, October 20, 2000
Uncovering the Dark Side of the world wide web
By Marcus Gibson
In an achievement that is almost the equivalent of the Human Genome project
for the internet, a new Scottish software company has not only succeeded in
plotting a map of the world wide web but has also uncovered its Dark Side.
The achievement had its beginnings three years ago at a brainstorming session
between a group of software programmers in Scotland. "How do we write a
program that detects anything bad that's going on on the internet?" asked
Stephen Whitelaw, former Glasgow University lecturer and chief executive of
Buchanan International, a security software company based outside Glasgow.
A team member replied: "Well, you'll first need to map all that's good and
bad - an awesome challenge - and keep adding to it on a daily basis. Only
then will you be able to trace, log and map what's bad in it."
The next morning Whitelaw declared: "OK, let's do it. No matter what it
costs."
And so The Map - of the dark side of the web - was born. Eighteen months
later, the team produced a unique profile of the world wide web in all its
inglorious forms.
About 40 broad categories of undesirable activity, including pornography,
fraud, anarchism, "freaking", virus creation, promoting violence, cyber
terrorism and hacking, have now been registered in forensic detail.
The programmers found that more than 20,000 new hosts for pornography sites
were being created daily. The average site contained just 43 images, and 98
per cent held almost no original material. However, some sites had more than
100,000 images.
The porn-viewing public - which forms just 2.5 per cent of the database -
cannot keep up: the number of sites is growing exponentially but the number
of visitors to them only linearly, says Whitelaw. Child pornography, much of
it now originating in eastern Europe, is a big growth industry, he adds.
For the past decade, Buchanan has provided security software and
criminal-tracking services to the police, security services, banks, the RUC
and utilities such as airports and oil rig operators. Recently, it was
involved in tracing the international tentacles of the vast Wonderland
paedophile ring, which led directly to hundreds of arrests. One password used
by the ring took 35 days for Buchanan to crack.
Eastern Europe also produces some of the best and most fanatical hackers who
thrive in semi-anarchic societies.
On his laptop, Whitelaw shows me how to find manuals on bomb-making and
sophisticated lock-picking techniques, complete with DIY diagrams.
Next, he demonstrates how easy it is to access lists of thousands of unissued
credit card numbers, and harness special software that generates the
addresses of credit card-holders, or smart ways of robbing automatic teller
machines. Banks already make up a big source of Buchanan's income.
He shows me more. Criminals - who have a peculiar habit of inputting all
their deeds into PCs and handheld computers - often use software to erase
such incriminating information. Modern techniques, however, such as the
molecular analysis of a hard disc, can reveal much of what was "deleted".
Finally, Whitelaw demonstrates steganography - the art of concealing text
within more text. "Steganography is considered the third biggest threat to US
security after biological and chemical attack," he says.
His laptop shows a letter containing seemingly harmless text. But, once
decoded, a very different meaning emerges: it is an order to carry out an
assassination.
Security experts are seriously worried about the threat of attacks on airport
flight management computers, power systems, and hospital equipment, let alone
stock markets such as Nasdaq.
To make commercial use of the map, Whitelaw late last year established Actis
Technology, a small company based alongside Buchanan, and on Thursday at the
Loch Lomond Golf Club, Actis launched a muscular software program designed to
provide total monitoring and control over a company's electronic interface
with the outside world, encompassing IT networks, the internet and e-mail.
Unsuspecting companies are largely unaware that a great deal of the world's
criminal communications are carried out using their own PCs, notes Whitelaw.
Actis has already secured an advance order for the program from aerospace
company Boeing. With 300,000 PCs linked to the internet, and 100,000 non-US
citizen employees, Boeing is understandably nervous about confidentiality.
The new program will allow the control and monitoring of input. The software
contains a vast list of trusted hosts, hosts that should be treated with
caution and "not trusted". Managers can fix response options for each
questionable activity or link being tracked; downloading files from dubious
sites using a company PC triggers an alert.
In September, Orange Telecom sacked several dozen UK staff for storing and
swapping pornog-raphy on their PCs after an extensive investigation.
Whitelaw's software can be programmed to deal with such abuses. "We can set
up the system to turn a blind eye to files containing fewer than 50 photos,
or prompt an alarm with a supervisor." More than 60 "options for action" can
be programmed, depending on the severity of the event.
Where serious crime emerges - such as transmission of paedophile photos, or
so-called "snuff", or murder, videos - the corporate server can be programmed
to take a copy of the file for use as evidence in future prosecutions and
then switch off power to that particular PC.
Later, using the Buchanan database, an offending file can be traced to its
source. Colin Rose, Actis' chief operating officer, said: "We can drop the
file into the map, and within hours it will tell us where it was posted
first, all the sites it was sent to and from what sites information has been
downloaded. You've then got a complete picture of a ring. It's so easy, so
quick. You'll soon know if it's a loner, or a conspiracy involved.
"But some of the material we see is awful. You need counselling after you've
watched it."
The technical difficulties in creating the map were considerable. Handling
the data alone became a gigantic headache. Consuming about 80 gigabytes of
data an hour, Buchanan and Actis have created the second largest database of
any organisation in Europe - governments included - according to Oracle.
The team now has complete access to the world's newsgroups, where many
viruses are initially posted and distributed, and to every image and every
attachment. UK Home Office officials also visited Buchanan and granted
special access to Janet, Britain's national communications backbone.
These intellectual feats breed eccentrics. One Actis employee, Roy
MacNaughton, a 21-year-old drop-out from Glasgow University and a gifted
astrophysicist who was also a concert grade pianist at the age of 12, guards
the database.
A second, a ruthless tracker of criminals known only as Stew, is unkempt,
sleeps in the office overnight and pads about barefoot. "We found Stew in the
PC section of a bookshop in Glasgow - the best place to find his sort," says
Whitelaw. "The last thing I want is disciplined minds."
The results are impressive. When the Melissa virus disabled computers around
the world, for example, Actis showed how it could be tracked to its earliest
fingerprint, a programmer in New England, in less than 24 hours - two days
quicker than it took the US authorities.
Actis was also consulted when the I Love You virus spread glob ally. "No one
else has the global map, or the back data," claims Whitelaw.
The company's fame at tracking files soon spread. Buchanan began to receive
hundreds of requests a day from global law enforcement organisations wanting
to track down dubious files.
But not all inquiries are welcome. The government of Singapore asked if it
could control web content; the Chinese authorities made a similar request.
Whitelaw refused. Helping to track criminals was one thing; helping regimes
find human rights activists quite another.
Eight months ago Buchanan stopped accepting requests, except from a core
clientele.
The company is also one of only two able to recover passwords almost without
fail, often a key element in bringing criminals to court - and of use to
companies hit by malicious former staff who change passwords on leaving.
Actis is now directing its efforts to keeping the map up to date, and
assessing the threat of the new.
This year Actis received �4m in funding from the Royal Bank of Scotland and
Caledonian Herit-able, valuing the company at $25m, the highest "day one"
valuation of any Scottish start-up company to date. Investors now realise the
value of such a map is enormous. Estimates range up to $300m - because
without reference to such a database, no filtering or other security software
can fully cover the web.
Whatever happens to Actis, the completion of the map is probably the first
big step in the quest to control internet anarchy.
-----
Aloha, He'Ping,
Om, Shalom, Salaam.
Em Hotep, Peace Be,
All My Relations.
Omnia Bona Bonis,
Adieu, Adios, Aloha.
Amen.
Roads End
<A HREF="http://www.ctrl.org/">www.ctrl.org</A>
DECLARATION & DISCLAIMER
==========
CTRL is a discussion & informational exchange list. Proselytizing propagandic
screeds are unwelcomed. Substance�not soap-boxing�please! These are
sordid matters and 'conspiracy theory'�with its many half-truths, mis-
directions and outright frauds�is used politically by different groups with
major and minor effects spread throughout the spectrum of time and thought.
That being said, CTRLgives no endorsement to the validity of posts, and
always suggests to readers; be wary of what you read. CTRL gives no
credence to Holocaust denial and nazi's need not apply.
Let us please be civil and as always, Caveat Lector.
========================================================================
Archives Available at:
http://peach.ease.lsoft.com/archives/ctrl.html
<A HREF="http://peach.ease.lsoft.com/archives/ctrl.html">Archives of
[EMAIL PROTECTED]</A>
http:[EMAIL PROTECTED]/
<A HREF="http:[EMAIL PROTECTED]/">ctrl</A>
========================================================================
To subscribe to Conspiracy Theory Research List[CTRL] send email:
SUBSCRIBE CTRL [to:] [EMAIL PROTECTED]
To UNsubscribe to Conspiracy Theory Research List[CTRL] send email:
SIGNOFF CTRL [to:] [EMAIL PROTECTED]
Om
