The vast array of public and private networks connecting computers and users all over the globe is known as cyberspace. Indeed, it is often characterized as a "virtual world" that transcends space. People log onto computers and on-line services without regard to their own geographic location or the location of the system they enter. Computers are addressed through domain names such as "abc.xyz.com," which give no indication of physical location. Similarly, individuals correspond using domain-based addresses such as "smith@abc.xyz.com".
Because a user may be able to log into a computer from anyplace in the world (e.g., using telnet or a dial-up line), there is no way of identifying the geographic location of a user even when the location of the computer where the account is held is known. With mobile phones and computing, the location of the user becomes even more difficult to determine. The consequence of this lack of grounding in physical space is that actions can take place in cyberspace without anyone knowing exactly where they originated and the jurisdictions effected.
Finding the perpetrator of a computer intrusion or any crime in cyberspace is extremely difficult and often impossible, especially when the perpetrator has "looped" through numerous machines throughout the world to get to a target. 3 Figure 1 shows an example of how a hacker in New York City may weave and loop through a government computer in Latvia, to a computer belonging to the NY times, through GW University in
Washington DC and finally to his final target, an Air Force system in Tampa, Florida.
Washington DC and finally to his final target, an Air Force system in Tampa, Florida.
This technical difficulty in locating and identifying the perpetrator can be overcome by several law enforcement methods. These methods consist of packet sniffers, keystroke monitoring, and other environmental surveillance methods such as cameras, imagery systems and electromagnetic signal reception. Designed and developed by the FBI, the most common law enforcement diagnostic tool is a packet sniffer, which has recently become well known by the name "Carnivore." A sniffer such as "Carnivore" placed on any computer connected to the network can read all messages flowing through the network regardless of their destination. Whereas a machine would normally be configured to read only messages that are addressed to it, it can be set to "promiscuous mode" so that it sees all traffic. In addition, it can also be configured to ignore those communications which they (FBI) are not authorized to intercept.
The Carnivore device provides the FBI with a "surgical" ability to intercept and collect the communications, which are the subject of the lawful order. This type of tool is necessary to meet the stringent requirements of the federal wiretapping statutes. The Carnivore device works much like commercial "sniffers" and other network diagnostic tools used by Internet Service Providers (ISPs) every day, except that it provides the FBI
with a unique ability to distinguish between communications which may be lawfully intercepted and those which may not. For example, if a court order provides for the lawful interception of one type of communication (e.g., e-mail), but excludes all other communications (e.g., online shopping), the Carnivore tool can be configured to intercept only those e-mails being transmitted either to or from the named subject. Carnivore serves to limit the messages viewable by human eyes to those, which are strictly included within the court order. ISP knowledge and assistance, as directed by court order, is required to install the device.
with a unique ability to distinguish between communications which may be lawfully intercepted and those which may not. For example, if a court order provides for the lawful interception of one type of communication (e.g., e-mail), but excludes all other communications (e.g., online shopping), the Carnivore tool can be configured to intercept only those e-mails being transmitted either to or from the named subject. Carnivore serves to limit the messages viewable by human eyes to those, which are strictly included within the court order. ISP knowledge and assistance, as directed by court order, is required to install the device.
In 1995, federal agents, using a packet sniffer, traced down an Argentine student who had hacked into a system at Harvard University.
The hacker was using the Harvard network as a springboard to hack into Defense Department systems including the Naval Research Laboratory and Los Alamos National Laboratory. After a court order was issued, investigators placed a computer between Harvard‘s network and the Internet and set it to scan for messages that appeared to come from the hacker. By sifting through the messages, they traced the attacks to Julio Cesar Ardita, a 21-year-old university student located in Argentina. During this process, four separate screening procedures were used to protect the privacy of other users on the network. Ardita eventually pled guilty to illegal wiretapping and computer crime felonies and was sentenced to 3 years probation and a $5,000 fine.
Federal investigators have the technology to track down a hacker both inside and outside the United States; however, it still involves many legal barriers to include court-ordered wiretaps, which can take weeks to obtain.
Comments :
0 komentar to “Technical Limitations”
Posting Komentar