This is a scary scenario -- losing access to your small-company computers
totally inadvertently:
------- Included Stuff Follows -------
PC World - Business Center: Knock, Knock, It's the FBI
Mark Gibbs, Network World
Saturday, April 26, 2008 4:00 PM PDT
Just imagine if one day in the near future the FBI comes to your
enterprise with warrants that allow them to seize and remove any computer-
related equipment, utility bills, telephone bills, any addressed
correspondence sent through the U.S. mail, video gear, camera equipment,
checkbooks, bank statements and credit card statements. The first question
you'd ask is, "Who has done what?"
You're going to be presume your CEO has been involved in some outrageous
stock manipulation, or maybe your CFO has been cooking the books. But no,
the agent in charge says: "Someone here clicked on a Web link and we're
going to find out who did it."
A link?! Clicking on a link can now be a federal offense?! Was it a link
to the truth about JFK's assassination (which we all know the CIA was
responsible for . . . or was it the Moonies?). Was the link going to
launch an ICBM at the Kremlin? Nope, it was a link to a nonexistent cache
of kiddie porn that was created specifically by the FBI to attract
pedophiles.
As is often said at moments like these, I am not making this up; this is
exactly what happened to a doctoral student at Temple University who was
also a history professor at La Salle University named Roderick Vosburgh.
FBI agents knocked on Vosburgh's door early one evening and proceeded to
throw him to the ground before cuffing him. Sounds a little heavy-handed,
but who knows, he could have been armed with a RAZR for all they knew.
...
Now, this is interesting for a number of reasons that should worry all of
us in the IT industry. First, there's the issue of intent. It turns out
that by simply accessing one of these links you are de facto, presumed
guilty by your IP address being the proximate cause.
...
The second issue concerns browser add-ons that attempt to pre-cache the
content of links on a page. These add-ons are to improve perceived
performance, but imagine that you run a Web search and wind up on a page
that links to one of these FBI honeypots: Your browser will access the
link and, unless you are masking what you do through something like the
Tor network, the Feds will get your IP address. Before you know what's
going on, there will be a knock on your door, you'll be hurled to the
ground, cuffed, Mirandized, and all of your computer gear, financial
records and leftover Chinese food will be en route to the local FBI
office.
But what if an employee's browser pre-caches the contents of one of these
FBI links, or the employee actually clicks on it? Can you imagine the
chaos and insanity that would result from the FBI paying your company a
visit? Work would grind to a halt, PCs and other gear would be impounded,
records taken and your business would be dead in the water.
Of course, sizes matters. The risk for, say, Proctor and Gamble is rather
less than for the likes of Plastic Sidings 'r Us, but every company in
between should be concerned.
...
--------- Included Stuff Ends ---------
Full article with comments here:
http://www.pcworld.com/businesscenter/article/145174/knock_knock_its_the_f
bi.html
or here if the above wraps unusably: http://preview.tinyurl.com/6ol6up
~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~
~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
