The CSS Blog Network

Bitcoin: Cryptography and the Crowd

Direct democracy from a geek’s perspective. Image: TraderTim/flickr

Bitcoin is the world’s first decentralized, digital currency. Its extraordinary performance over the last half year has caused quite some stir, not only among ‘cyber geeks’. Users and supporters see Bitcoin as a technological breakthrough and expect its spending possibilities to increase as exponentially as its price. Meanwhile, critics point to many of these same characteristics as flaws. They are waiting for the bubble to burst, calling it a structurally flawed experiment.

How it works: This video – made possible with donations from the Bitcoin community– explains the basic idea behind the new currency:

To acquire Bitcoins, users can buy them on a trading platform or become ‘miners.’ The latter requires hardware and electricity – both usually purchased with conventional money. » More

Top Security Threats: All Transnational

Boundary stone at the Swiss border: deters neither mafiosi, nor human traffickers nor cyber criminals. Photo: Thomas Bresson/flickr

Money laundering by mafiosi, human trafficking and cyber crime: these are the top three security threats identified by the Swiss federal police in their 2010 annual report (German).

What is striking about this list is that each menace is transnational in nature. What does this mean?

For one: as this assessment by the Swiss authorities indicates, police work is no longer the strictly domestic affair it once was. As a result,  international cooperation has become a first-order concern for national law-enforcement organizations.  And this can be very difficult in practice. Take, for example, the fight against the mafia in Italy and Switzerland —  two countries which,  though neighbors, have different legal regimes and requirements for due process.

It is clear that more efforts are needed to  properly track  criminal activity across borders. In this day and age, the police’s concerns cannot remain theirs alone. Everyone dealing with or talking about security should take heed of this annual report and perhaps even adjust their own priorities.

Hacktivism Goes Global

Hacktivist, courtesy of José Goualo/flickr

Since the beginning of renewed unrest and protests in Tunisia, the ‘hacktivist’ group Anonymous has joined in support of the actions of Tunisians hacktivists by blocking some Tunisian websites.

As they say on one of their websites, Anonymous has entered the fight in Tunisia because “The arrests of several free speech activists and bloggers in recent days was deplorable.  The punishing of people for simply expressing themselves politically was vile.” They also claim to be a “legion” that “cannot be stopped with the arrests of a few.” Or as one of the member of the group put it: “Tunisians can fight on the streets and Anonymous can’t. Anonymous can fight online but Tunisians can’t.”

This global “cyber-solidarity” with Tunisia is not surprising. The internet is a global good that is being used the world over. Moreover, it is not dangerous or particularly risky for people outside Tunisia to block government’s website there via Denial of Services (DDoS) attacks. It also makes sense for the “legion” of Anonymous hackers to be active in Tunisia as a way to promote free speech, free information and citizen-journalism. It is a globally visible, potentially effective and cheap way for this new breed of cyberactivists to make their mark on an issue that matters.

Some say that DDoS attacks like these are simply the cyber-version of doing a sit-in in front of a bank or a governmental building to make sure no one enters it. Although I disagree with this metaphor because doing a sit-in requires more political and organizational will than just clicking on a button on your computer, the mass of foreign hacktivist involved in Tunisia through groups such as Anonymous do believe they are showing solidarity with the Tunisian people and acting in accordance.

I had the chance to quickly chat with some of the Anonymous hacktivists on their channel, and many said that they believed that they have won a victory by forcing the Tunisian government to restrict the access to their website to Tunisians only. Anonymous are now moving to disrupt the e-mail accounts of government employee in an attempt to reduce their internal communication. » More

As Cyberparanoia Spreads

All Rights Reserved? Courtesy of Paul Gallo/flickr

A new fear is engulfing Switzerland and this time its about cyberspace.

True, the threat of ‘cyberwar’ and cyber-attacks is real and sometimes very difficult to prepare for. Recent events, like the hacking of political parties’ websites or the recent distributed denial-of-service attack (DDoS) on Postfinance, the bank hosting Julian Assange’s account, point to a future where sometimes crippling cyber-attacks are an all-too common occurrence.

The Swiss parliament recently passed a motion asking the government to develop the legal framework for responding to and defending against cyber-attacks. The government, however, is not really convinced that a legal basis to fight ‘cyberwars’ should be the priority and I agree with them.

A solid legal framework is certainly needed for cybercrime. But when it comes to cyber-attacks, having a legal framework is of no help. What legal measures could you take if someone launches a cyber-attack on your country, key industries or public figures?  This also links up to the equally tricky debate about attribution in the case of such attacks. Who attacked and from where? Who is behind the attack and who should be held resonsible? Moreover, we still lack a clear definition of what a cyber-attack even is. Experts still disagree on this and I don’t think that the Swiss government will be able to break this definitional deadlock.

The legalization of cyberspace is generally speaking a dangerous trend. So far, no international treaties exist on the subject, and attempts to “nationalize” part of it by promulgating a national legal framework for hostile acts on the internet is creating borders and limits on a ‘global good’. The internet cannot be structured on the basis of national borders and it should remain so: common, shared, unlimited and open. Indeed, legalizing cyberspace from a national standpoint is not only inefficient; it also sets a dangerous trend for the fragmentation of cyberspace. » More

“Cyberguerillas” on the March

Cyberwar? © Chappatte/Globecarton

Cyberwar? © Chappatte/Globecartoon (permission to reproduce granted by creator, 10.12.2010)

Fans of WikiLeaks have launched numerous, high-profile Denial-of-service attacks (DDoS) on sites that turned against WikiLeaks recently. Targets as varied as Sarah Palin, Mastercard, the Swedish government, and the Swiss bank Postfinance have come under attack for either criticizing WikiLeaks or for refusing some services to Julian Assange.

I don’t know the details of all the services that have been refused to Assange, but in the Swiss case, Postfinance closed down the Swiss bank account of Julian Assange because Assange had provided a fake postal address in Geneva. The bank simply followed normal procedures vis-a-vis account holders that provide false information. The client may have been high profile, but the procedure was normal.

In revenge for a variety of acts designed to curtail WikiLeaks’ space for maneuver by the above-mentioned institutions, a group, calling themselves „Anonymous,“ has been waving a kind of cyberbattle in the name of free speech and in support of WikiLeaks. These attacks by “Anonymous” are problematic for several reasons: » More

Page 9 of 11