Section 12.4. Vision of a Community Response

12.4. Vision of a Community Response

Spam, viruses, spyware, and phishing are the Internet equivalent of rats in New York City. You can control them, even clear them out temporarily, but try as you might, they still keep coming back.

Scams will undoubtedly become more sophisticated in the next few years. Not only must they evolve to escape whatever countermeasures are developed to defeat them, they have to deal with an audience that is becoming ever more aware of their tricks. Techniques such as keystroke logging, proxy servers, and port redirection have already been observed in the field. Perhaps the greatest threat lies in the new forms of social engineering that scammers will use to entice their victims. The traditional approaches of fake bank sites, email attachments, and offers to transfer large amounts of money are so well known that you wonder how anyone could still fall victim. But clearly they still work well enough that new types of scam are few and far between.

This is a menace that we have to learn to live with and to manage, rather than thinking someone will come along with a technical fix that will eradicate it completely. But it is important to remember that this is a menace created by people who hope to make easy money at someone else's expense. If the financial reward is too low, if the effort required gets too large, or if the risk of getting caught becomes too high, then they will give up and go somewhere else. Right now the balance is tipped in their favor. What we need to do is tip it back.

We can turn to the professional computer security experts to help us. That makes a lot of sense in terms of anti-virus software or spam filters, but many of the activities that pollute today's Internet are too variable and diffuse to be countered by specific software tools.

The community of software developers and systems administrators, that you and I are part of, has a tremendous collective skill set. I feel that with that we have a collective responsibility to use our skills to push back on those who want to mess with our Internet. We have the potential to achieve a great deal.

Firstly we can catalogue and categorize the many scams that are out there. We can report them to law enforcement or groups like the APWG, or post their details to newsgroups. The more people that are out there following up on phishing emails, scams, and so forth, the sooner we can spot new web sites and new tactics.

As more people study sites like these and understand how they function, new ways to identify and counter them will undoubtedly emerge. The more brains we can get to think about the problem, the more effective we will be at dealing with it. The techniques that I have described here are relatively simple. I fully expect readers to build on their foundation and apply them in ways that I cannot imagine. I strongly encourage you to do so.

All this activity puts pressure on the bad guys. They operate on the assumption that their identities can remain hidden while their scams are played out in full view on the Internet. Balancing the risk against the reward is an important calculation for any criminal. That sense of security and anonymity is a critical variable. Anything our community can do to weaken that sense will have a direct impact on the number and type of people that are engaged in Internet crime. The hard-nosed professionals will continue on regardless but for many of the smaller players, the fact that there are a lot of people out there trying to pull back the curtain and reveal them will give them pause for thought and will cause some of them to get out of the game.

I have used the analogy of a Neighborhood Watch before and I think it quite apt. I want to live in a safe neighborhood. I don't expect or want to see police cars cruising up and down the streets all the time. I definitely don't want to see vigilantes walking around with baseball bats. What makes my neighborhood safe is the fact that people like me walk our dogs, chat to our neighbors, and generally keep an eye out for anything that looks out of place. There is no organization, no badges or walkie-talkies, just a group of people that look out for each other. Anyone up to no good knows they stand a high risk of being spotted and so they are going to go somewhere else.

If we are willing to put in the effort, we can do the same on the Internet. Some of the would-be criminals will find some easier place to practice their trade. Those that remain are forced to work a lot harder to avoid discovery and to use ever more sophisticated techniques. That limits the number of people that can operate successfully and creates new opportunities for mistakes that we can take advantage of. Through a broad community response we have the potential to take back the Internet. I hope that this book will inspire readers to step up to that challenge.

I also hope that readers will use the techniques described here to explore the Internet and to learn how it functions. The chapters cover a broad range of protocols and tools, rather than focusing in depth on any one of them. I hope that you will use them to expand your personal skill set laterally, perhaps then looking into specific areas in detail.

You should find many opportunities in which you can apply what you have learned. Any one of them can develop into a rich puzzle for you to understand and solve. That process alone can be rewarding. The more you explore, the more you will discover and, I hope, the more fun you will have doing it.