Australian Cybercrime Enquiry Report Released

An anonymous reader writes "The Australian Government Standing Committee on Communications has released the results of a year long enquiry into cybercrime in a report titled Hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime. This report includes a recommendation that Internet Service Provider customers should be forced to install anti-virus and firewall software on their computers as part of their contractual obligations. The Australian Communications and Media Authority receive further powers and responsibilities under the recommendations with respect to shutting down websites hosting malicious content and ensuring that infected consumer devices are disconnected from the Internet."

Taking the piss

[bbqsrc]

The Australian Government is surely just taking the piss now. Honestly. What else can they say other than "the binary is COMING ALIIIIVEEEEE"? That would probably be a step up from Conroy's ramblings anyhow.

Re:

[crafty.munchkin]

His head is so far up his arse he can't hear the people screaming at him, or for his blood, or even politely telling him his idea's are retarded, let alone hear himself...

Re:

[heathen_01]

and ensuring that infected consumer devices are disconnected from the Internet.

Sounds like there are some reasonable suggestions in there.

Re:

[commodore64_love]

I disagree.

Antiviral software and firewalls slow-down computers. Perhaps if you have 4 gigabytes and a dual 3000 megahertz CPU you don't notice, but for my 2000 MHz P4 and 1/3 gig machine these programs make the system run slow. So I don't run them (except the occasional cleaning which always turns-up nothing).

Re:

[heathen_01]

I can't argue with that, however how does that relate to disconecting infected machines?

Re:

[HungryHobo]

Disconnecting infected machines? maybe, it would force virus writers to be a little more stealthy at the very least.

My problem is with:

"require all subscribers to install anti-virus software and firewalls before the Internet connection is activated"

I don't use an antivirus scanner.
I haven't for over 2 years yet when I have done the occasional scan(online scanner etc, just as a metric) to check every now and then.
I believe I haven't caught any viruses in that time.

AV scanners are an example of Enumerating Ba

Re:

[halowolf]

I don't use virus scanners either. I have used a firewall, install updates and common sense to protect my computer as well. But then I know what I'm doing. its a bit like punishing the victims rather than the perpetrators of crimes. I can understand the point of view though, I've cleansed many a virus from friends/family PCs over the years and mandating something to be done by all users to decrease the impact would look like an attractive proposition, but really how is something like that going to be police

Re:

[HungryHobo]

Oh ya.
I've seen some nasty cases, a funny one was someone really paranoid who had installed multiple AV scanners and was then puzzled why the machine was completely fucked and took forever to boot up.

Some of the stores round here push Bullguard because they get a good commission- a complete piece of crapware, harder to remove than most viruses.
Many a machine with that crappy antivirus I've seen.

Re:

[commodore64_love]

>>>how does that relate to disconecting infected machines?

That's not what the article said. The article said the government (via the ISP) would disconnect any machine, even healthy ones, that were not running antivirus and firewall software. They are using force upon citizens, as if they were serfs.

The mythical Orwell plug-in

[TapeCutter]

"They are using force upon citizens, as if they were serfs."

Not really, some academics were commisioned by a government committe to come up with recommendations, traditionally these sort reports list every strategy they can think of, they make great slashdot headlines but are ignored by the government (except for the one recommendation they asked for during a golf game). As anecdotal evidence for that claim; I have been reading stories on slashdot about how both right and left wing Aussie communications

Re:

[dov_0]

Anti-virus software doesn't slow down a computer anywhere near as much as a couple of trojans will!

Re:

[heathen_01]

Yes it is. [jumpstation.ca]

Re:

[shnull]

i personally scan my computer everyday when booting into windows. Yes, antivirus is a must but if they force ppl to install it, it has to be free and indeed as lite as possible. i have the topgrade core2duo cpu but the scanning slows down the computer at the harddrive. Also, a deep scan takes well over 30 minutes to complete. And more, if your virus definitions are 1 day old, you already have the chance at 0day malware, these ppl are very intelligent programmers and they keep it up to speed. But, disconnect

Re:

[bandmassa]

I scan for viruses when I boot my Mac into Windows, but I gave up scanning my Mac under Mac OS X for viruses years ago. There are no viruses for Mac OS X. None that work anyway. So, the net result in my home, if an ISP required me to install AV software on my Mac is I'll make the case that Macs don't get viruses, and if they don't accept that, I'll keep looking for an ISP that does accept that as sufficient security. Failing that, I get enough internet on my iPhone, and the so-called "Walled Garden" is anti

Re:

[shnull]

i agree, i have to see the first linux virus appear on my pc as well

Re:

[imanners]

I am embarrassed as an Australian, to have to admit that our Federal Government is serious about everything they have leaked, reported, and pushed over the past 3 weeks.

Can I be Russian instead now ?

Re:

[Anonymous Coward]

Well it's not the Australian Government, it's a committee of the Australian Parliament, and I'm sure useless suggestions in the report will be ignored as is usual. If it was the Australian Government the report would have been commissioned by Senator Conroy (the current World's Greatest Luddite) and be about installing an iris on all computers to close off the portal to tricks and japes.

Re:

[BrokenHalo]

...and I'm sure useless suggestions in the report will be ignored as is usual.

Our experience shows that the government prefers to ignore useful suggestions.

Useless things like attempting to micromanage what internet users see on their computer screens are fair game for our illustrious leaders, and will be pursued with all the diligence they never deserved.

Quarantine

[hendrikboom]

Kind of like a public-health measure.

Advantage: Boxed software.

[DeadPixels]

ISPs would have to: require all subscribers to install anti-virus software and firewalls before the Internet connection is activated

It seems to me like this is a strange requirement. I couldn't tell you the last time I actually went to a brick-and-mortar store and bought an antivirus product. And what about lesser-known or free antivirus solutions? Unless you're going to find someone with an internet connection and download them onto USB/an external drive, it seems like this requirement would negatively impact their marketshare (which, if they're lesser-known, would admittedly be small).

Re:

[LambdaWolf]

ISPs would have to: require all subscribers to install anti-virus software and firewalls before the Internet connection is activated

It seems to me like this is a strange requirement. I couldn't tell you the last time I actually went to a brick-and-mortar store and bought an antivirus product. And what about lesser-known or free antivirus solutions?

Indeed. And how do they define the threshold of effectiveness and necessity of "anti-virus software"? Will the nine-year-old copy of Norton that originally came with the dusty old PC that I just plugged in suffice? And what do I need to put on this highly secure Linux distribution I just installed? If I write my own operating system from scratch, do I need to wait until someone releases an anti-virus product for it before I can legally connect it to the Internet? Can I write my own anti-virus software from

Re:Advantage: Boxed software.

[Reziac]

I'm wondering which antivirus vendors' lobbyists are pushing for this.

Follow the money...

Re:

[kid.whisky]

I'd imagine all of them, as they're the only group that directly stand to benefit (that I can see).

Re:

[uninformedLuddite]

Mr Conroy in his bountiful wisdom has come up with a one line solution
127.0.0.1 anything.not.nice

Re:

[AmiMoJo]

Try Windows Antivirus 2010. It installs automatically when you visit one of their partner web sites and on my system it detected 1000s of viruses that McAfee missed.

Best $29.99 I ever spent!

Re:

[BrokenHalo]

I couldn't tell you the last time I actually went to a brick-and-mortar store and bought an antivirus product.

I could. The answer is "never". But then, most of the non-mainframe computers I have owned or operated (apart from those DOS boxes, which don't really count) have worked on some form of Unix, so viruses are essentially a non-issue and firewalling is easily enough handled by iptables and/or a comprehensive hosts file.

Re:

[Redlazer]

And what about people who don't use antivirus in Windows? What about Linux and Mac? What if my internet is just for my phone?

Infected websites?

[Drakkenmensch]

Considering that ad banners can be infected with java viruses, does that mean that any website with ads should be, by this law, taken offline? Pretty soon the computer users will have the legal obligation to stop using the internet entirely...

Re:

[commodore64_love]

>>>does that mean that any website with ads should be, by this law, taken offline?

Or return to the simple GIF and PNG ads of yesteryear. That sounds like a positive outcome to me, since I'd rather download a 20k banner than a 500k movie banner.

Re:

[AmiMoJo]

+ Adblock Plus
+ Flash Block
+ Disable Java

= Problem solved

Actually it's probably better to just not install Java in the first place.

How would ISPs force the contractual obligation?

[Anonymous Coward]

A stupid law like this will lead to the requirement the ISP install some kind of audit software on your PC to monitor compliance. Something like punkbuster. It would have to monitor your local system and possibly report back to the ISP. I don't see any other way this could work. This would be a nightmare to support a range of OSes and would possibly make a system that was properly maintained to be less reliable.

This is a great opportunity!

[Rich.Miller.6]

It's time to reclassify Linux as an antivirus product. Experience to date suggests that it is much more effective than single-purpose antivirus products - and it does so much more, for free!

Re:

[HungryHobo]

Parent is wise.

I like linux but neither my linux nor my windows desktop has become infected in the last couple of years since I exercise reasonable paranoia and am familiar with the common channels of infection.

zero day worms which can get in through a firewall without any user participation are rare.
Shovelware-malware which infects you with a fake "update" screen or with an email attachment is so so much more common.

Re:

[BrokenHalo]

Malware and anti-virus software are non-starters because the game is already lost by the time crap like this has an avenue to be allowed to execute on your computer.

True. Most of these exploits become a problem because they have been allowed to hop over a human stupidity barrier. It would be futile for any politician to legislate on this issue, since most politicians are as thick as shit.

Trouble is, that won't stop them trying.

you voted for them

[FuckingNickName]

I thought you Aussies were laid-back, laissez-faire sort of people? Not in the pure capitalism sense, but in the "you mind your business, I'll mind mine and we'll chill together" sense? Why the sudden conservative turn?

Re:

[mjwx]

I thought you Aussies were laid-back, laissez-faire sort of people? Not in the pure capitalism sense, but in the "you mind your business, I'll mind mine and we'll chill together" sense? Why the sudden conservative turn?

Newsflash, Politicians are arseholes everywhere, even in Australia.

This is just a report, someone will make some recommendations and there may even be some talk on the subject. Politicians will agree that some fireviruses and anti-walls should be installed whilst everyone else ignores th

Re:

[commodore64_love]

>>>Why the sudden conservative turn?

I assume you are using this word in the European sense (conservative==centralized power), not the American sense (conservative==constitutionalist). In any case it does appear Australia is turning more-and-more towards a totalitarian state, step by step, and away from individual liberty.

Re:

[Lunix Nutcase]

not the American sense (conservative==constitutionalist).

BWAHAHAHAHAHAHAHAHAHA. This is a joke, right?

Re:

[commodore64_love]

No. A lot of persons who claim to be conservatives (like George Bush) are actually liberals. The Reps and Dems are simply two halves of the same party - the Big Government Party.

A true conservative party would be the Libertarians. And possibly the Constitution Party. Certainly not the R's or D's.

Re:

[grege1]

The balance of power in our Senate is held by independents and the Greens, but mostly by an ultra consertvative called Senator Fielding who represents the christian orthodoxy. To pass legislation the government must get the Greens and Fielding on side to out vote the opposition Liberal Party who are not liberals but conservatives. Thus the government is always having to suck up to Fielding. After the next election, later this year, it is unlikely that Fielding will have that power any more, even if he is

Re:

[drsmithy]

To pass legislation the government must get the Greens and Fielding on side to out vote the opposition Liberal Party who are not liberals but conservatives.

The Libs are, indeed, liberals. It's just the term has a different meaning in Australia (and the rest of the world) as compared to America - it refers to the economic, not social, policies (though even on that front, the Libs are far more 'liberal' than so-called 'liberals' in the US).

Re:

[Cimexus]

We still are.

Slashdot tends to hype things up, exaggerate, and report on suggestions, ideas, and whimsical musings from a couple of politicians, as if they were a done deal and were being introduced into law right away.

It's not the case though.

Internet filter: Conroy and his lot have been talking about it for two years now. But their own trials showed it was essentially useless. The draft legislation hasn't even been written, let alone introduced into Parliament as a Bill. And if it were introduced, it woul

Just wait for insitutional stupidity ...

[gstoddart]

I'm imagining some poor schmuck on the phone with an ISP trying to explain that the government mandated anti-virus software doesn't support their OS of choice (which the moron on the phone has never heard of) and being told that they can't have internet access because they don't have Windows.

Don't act like it won't happen. Heck, most ISPs if you're trouble-shooting almost demand that you remove the firewall and plug the machine directly into the cable modem, and only have trouble-shooting instructions for Windows and can't comprehend that you might actually be qualified to say that, since nothing has changed on your end, their network must be currently broken.

While I appreciate the intent of this, every time someone tries to legislate solutions to technical problems, they break more stuff.

Re:

[Drakkenmensch]

And now imagine that through any combinaison of lobbying, negotiation, kickbacks and possibly blackmail, Symantech gets the EXCLUSIVE contract to have Norton be the ONLY allowed antivirus to be accepted by law. Ever paid 250$ for your antivirus? It could happen.

Re:

[commodore64_love]

>>>being told that they can't have internet access because they don't have Windows.

My AOL Dialup ISP is like that. They don't support anything but 98, XP, Vista, and Se7en. Mac, Amiga, and Linux OS users are told by the sign-up website that they can not join.

Re:

[gstoddart]

AOL? Dialup? Amiga?

What are these strange words you use? ;-)

Re:

[BrokenHalo]

Over the years, I have been told by any number of ISPs that "we don't support Linux". I've found it easiest to just not bother telling them what sort of machines I run. I pay good money for their bandwidth, but they don't need to know how I use it.

Yeah, I know they can check their logs, and that isn't really a problem for me. If it was, there are always VPNs offshore that I can use.

Re:

[Barny]

When I first got my DSL (about 9 years back now) I was having issues with the crappy USB modem they gave me with the deal, I called them, they asked "what OS" when I said my router was running freeBSD they happily told me where to get a driver for the modem, stepped me through any conf files related to its setup and got me up and running.

Maybe American ISPs just suck for support?

Re:

[BrokenHalo]

Maybe American ISPs just suck for support?

I have no first hand knowledge of them - I live in Australia.

Re:

[Barny]

Same, but from what I hear, re verizon-math, etc, I can't help but paint a terrible picture of them in my mind.

Re:

[deniable]

"No, I just have an Xbox and an iPad. Where do I get AV software?" OK, who's for trolling some support lines?

Devil in the Details

[static416]

The problem is not the idea of everyone having anti-virus, it's that you want the ISPs to distribute and enforce it.

I don't know about you, but I would never install any software given to me by an ISP. In Canada, Rogers actually have a history of opening more security holes than they close with their Firewall/AV software. To the point that some large corporations IT departments won't let you VPN in from home if you have the software installed.

In my experience ISP software is typically one of the worst forms

Re:

[Monkeedude1212]

This is true. I've tried both Telus and Shaw. And both their Antivirus and their Firewalls are pretty much next to useless, causing more problems then they are worth.

If the ISP's are going to force me to contractually install a firewall and antivirus on my PC supplied by them - I should be able to sue them for every infection that makes its way onto my PC that the antivirus can't remove within 24 hours.

If you are going to hold ME accountable, I'm going to hold YOU accountable.

Re:

[Reziac]

Agreed. Given that -- and the huge can of worms inherent in "which OS? which AV??" -- the only practical solution is for each internet connection to go through a security appliance supplied by the ISP, to which you can connect whatever you wish.

Oh wait, we already have those... I think they're called "routers" by the rest of the world. But if this happens -- I think it's reasonable to assume that it will actually be a Big Brother device, capable of snooping on and reporting everything you do online directly

Re:

[uninformedLuddite]

I can already see my computer saying "what are you doing, Dave"? if I mistakenly visit a non-Conroy approved site. To all the people saying that Australia is turning towards totalitarianism you need to pay more attention as it is the whole Western world that is turning! Not just us.

Re:

[Reziac]

That's true, and contrary to your sig, it's the New Left fascists who are doing the most damage, in the name of "liberalism". Here in California you almost can't breathe without their permission, nor without paying for the air. What they can't control with legislation, they control with regulation. They wouldn't restrict internet use for those affected by cybercrime; instead they'd take your kids and call you an unfit parent for exposing your children to such smut.

Re:

[uninformedLuddite]

I am of that fringe whacko group who think that hey are all bastards and that the term 'right' describes the left and the right.

Re:

[HungryHobo]

don't worry.
You'll be obliged by law to buy their antivirus but they'll make sure the only contract available stipulates that you cannot hold them accountable for anything whatsoever.

Re:

[jc42]

... they'll make sure the only contract available stipulates that you cannot hold them accountable for anything whatsoever.

Hmmm ... Most countries have laws that at least make such terms illegal for the primary advertised purpose of what you've bought. Here in the US, it's commonly called "consumer fraud". You might check to see if your laws cover the case of a purchased product failing at what it was labelled and/or advertised for.

It's expected that makers of such things as anti-virus software would discl

How would they enforce such a requirement?

[Julie188]

I think it's reasonable to say to people, hey, your ISP isn't responsible for data on your computer particularly if you don't even have basic protection on it. But it's another thing altogether to say, "you can't use the the Internet if you don't use anti-malware." That gets into all sorts of enforcement issues, what constitutes appropriate anti-malware, what happens if you don't comply ... can the ISP still bill you that month? What if you completely rolled your own, and there's no appropriate anti-virus s

I am beginning to think...

[kayoshiii]

That Conroy et al are not so much interested in controlling what we do as much as they are shills for internet security software.

Actually remembering the last time I was involved with a government technology program and who was involved that wouldn't surprise me in the least.

Anti-Virus and Firewall software.. UGH

[mlts]

Firewall software? Maybe because it was because I am a UNIX guy and the kernel of these operating systems had control of the IP stack without needing third party programs. Or because a true firewall is a hardened hardware router that can withstand attacks not just coming from the outside in, but prevents items from coming from the inside out (such as E-mail from any box other than the designated mail servers.) A software firewall that is not built into the OS proper is pointless [1], as the OS should protect against incoming attacks, and if a malicious application is installed, the game is over anyway, so protecting against outbound stuff is pointless.

As for anti-virus, maybe on Windows, but I have yet to see malware on a serious UNIX system unless it is a Trojan (and no A/V system can protect against that.) However, I just find it almost laughable when I have to install McAfee on a pSeries box with some script to show it is running for audit reasons.

Instead, maybe the law should be worded as "proper security measures shall be taken to protect against malicious software and remote attacks." This way, an OS that has a decent IPS built in doesn't need to have third party stuff tacked onto it to make it compliant.

[1]: An exception is the DroidWall app on rooted Android phones. It provides good security because a lot of apps ask for network communication privs which shouldn't have it, and a user otherwise wouldn't have control of what can and what can't communicate out.

Re:

[Mouldy]

"proper security measures shall be taken to protect against malicious software and remote attacks."

Define 'proper' in this context. Windows has come with built in firewall software for years, since XP SP2 IIRC. Is that 'proper' enough? What about the most up-to-date patched Windows 7 system? Where do you draw the line?

UNIX firewalls might be the best in the world today, but tomorrow someone might discover a critical flaw that opens up every Linux box to all kinds of nasties. Similarly, saying "Install

Re:

[imanners]

Governments and joe public only understand two things or options. So if there is a choice you can only give then two, ie, yes or no, Windows of Mac, Internet Exploder or Firefox, give it or I take it anyway.

In the mean time they will simply supply monitoring software that probably only works on Windows, because it will support all operating systems [Windows XP, Windows Vista, and Windows 7]. It will be up to you to decide on were you get the software for AntiVirus/Malware/Firewall from, after all, the Gover

Better Idea

[SnugglesTheBear]

I say Australia should have the ISPs refuse service to anybody running a windows box. This would remove at least 70% of the malware and would improve customer satisfaction!

Re:

[Dogbertius]

70%? Shouldn't it be 99%? I didn't realize that Macs and Linux boxes were capable of running malware. Blast you WINE users!

Follow the funding

[AHuxley]

So we have a "Office of Online Security be established within the Department of Prime Minster and Cabinet"
Then we see a cut to "The Online Child Sexual Exploitation Team", a unit of the Australian Federal Police of $2.8 million.
http://www.smh.com.au/opinion/politics/fight-to-filter-out-evil-leaves-bad-guys-to-do-their-worst-20100514-v4cq.html [smh.com.au]
We also have some fun news via http://www.zdnet.com.au/inside-australia-s-data-retention-proposal-339303862.htm [zdnet.com.au]
Beyond the "want the source and the destination IP addresses for internet sessions" they are dreaming of linking
""They want allied personal information with that account, including, [the department] said, passport numbers.""
with "automate the process of requesting and obtaining access to telecommunications data."
One day your ip could be linked to your isp and photo id while you surf on a filtered internet with Windows anti-virus and firewall software running.
Some great projects and funding for someone :)

Hahaha, sure.

[bmo]

The installation of a virus scanner does nothing to stop new malware. Such beasties are only as good as their databases, which always lag behind the current malware. And having it installed doesn't mean it's kept up to date or it's actually used. How many "trial" versions of NAV have I seen over the years that are massively out of date? Hundreds.

What I also want to know is what kind of anti-virus software is there for Solaris machines? If you run a real operating system, do you have to take it off the 'n

I run Linux...

[IchBinEinPenguin]

Can I just scan for the evil bit [faqs.org] instead?

Some ideas are great. Some are just crap.

[thegarbz]

Ignoring the rest of the Australian governments internet policy, some of the stuff coming out of them is good. Some is incredibly bad. This one just happens to be a bit mixed and misdirected.

One of the best proposals they released is asking ISPs to monitor your traffic for obvious signs of infection. As a geek with a reasonably hardened setup at home I was dumbfounded when I got one of the emails detailing Confiker.C was all over my network. We have 2 fully patched Windows 7 computers, and a fully patche