Why Extradition of Hackers Is Important

Each day we hear about different forms of fraud and theft on the Internet.  Someone in America gets phished from a computer in the UK that is controlled by another computer in Switzerland, that is controlled by an individual in Italy, and their bank account emptied to a mule in America, and the money ends up with some gang in Russia.

Even if you found the individual in Italy you have to answer this question: where was the crime committed?  The Convention on Cybercrime of the Council of Europe addresses this very question, and fosters cooperation amongst  cooperating societies.  Extradition is so rare that it is worth pointing out when it happens.  On the 30th of July a UK Court refused to block extradition to someone who is accused of having caused many hundreds of thousands of dollars to US government systems.  While in this case the government was a victim, something that happens all too often, far more often it’s individuals who are harmed.  In this case the person sounds a bit disturbed. Let’s hope that next time they extradite people who do this sort of thing to make money, and demonstrate to them that it is not worth the risk.

Because the risk of getting caught is so small, this is an instant where the penalties should be very high when intent on theft, fraud, or disruption of services is clearly evident.

Doha Dead

World trade talks collapsed this week in Doha over food subsidies.  I had previously discussed the potential impact on Switzerland.  However, the collapse of these talks, the inability to reduce barriers, particularly subsidies in the U.S., has harmed countries where agriculture is still the dominant export, or would be if such tarrifs didn’t exist.  The question remains: what protections are appropriate, even absent tarrifs?  What sort of quality standards must be observed?  If they are observed, then does the cost of living and production overcome the cost of transportation?  And is the impact of transport on health and environment understood and accounted for?  Many millions of lives and lifestyles depend on the answers.  Food has to be affordable to all and safe to produce and eat.

Ignore This Day!

Ever wonder how talk show hosts come up with topics?  I’ve been doing this blogging thing now for a month, and I am beginning to gain some appreciation for topic selection.  I’ve often been told that it is better to say nothing at all than to say something meaningless.  Not that I’ve listened, but that’s what I’ve been told.  There are an infinite number of things going on in this world, and a nearly infinite amount of things that I have no opinion on.  So that leaves open a question: if I want to blog regularly, what to talk about?

Today I could complain yet again about the Bush Administration and their perversion of justice by hiring cronies.  I could complain about the fact that they blew the budget by $482 billion, much of which was spent on a war that was mismanaged from the beginning.  I could add to the sympathetic sighs that singer Amy Winehouse continues to go through her travails, or that Kelsey Grammar goes through his.

Instead, this space is reserved for something positive to say about the world.  Not so much today, eh?

Off to Dublin (well sort of)!

Today, the Internet Engineering Task Force begins its 72nd in person meeting.  The IETF as it is known is a standards organization that primarily focuses on, well, the Internet.  The work done in this body has included Multimedia Internet Mail Extensions, Internet Calendaring, Voice over IP, and many others.  Not all work done by the IETF has worked out.  An effort I worked on some time ago weeded out the stuff that either was never used or is no longer used.  One of the key areas that any standards organization struggles with is how much potentially useful stuff to let through versus sure bets.  Sure bets are those things where a necessary improvement or change is obvious to a casual observer.  The people who make those changes are not the ones with imagination.

It’s the people who use their imaginations who make the bucks.  Always has been.  The problem is that there are a lot of people who may have good imaginations, but are unable to convert a good idea into something that can be broadly adopted.  This is a problem for a standards organization because each standard takes time and effort to develop, and each failed standard diminishes confidence in the organization’s overall ability to produce good stuff.

On the whole the IETF has done demonstrably well, as demonstrated by the vast amount of money organizations have poured into personal attendance at the in person conferences, even though no attendance is required to participate.

This summer’s conference is being held in Dublin City West at a golf resort, a bit away from the major attractions.  There are two benefit of this: first the cost isn’t absolutely outrageous.  Second, if people know they the attractions are a bit far off, then fewer tourists will come.  I actually don’t mind the idea of an IETF in Buffalo in the winter, but I may be taking things a bit too far.

Among the many discussions that will take place at this conference include one about what to do about email whose domain cannot be ascertained to have authorized its release.  The standard in question that identifies email is called Domain Keys Identified Mail (DKIM), and is relatively new.  What to do, however, when DKIM is not employed or if the signature sent is broken in some way?  This is the province of a work called Author Domain Sender Policies (ADSP).  The specification provides a means for sending domains to communicate their intentions.  After a year of arguments we hope to have a standard.  Whether it proves useful or not will only be shown by the test of time.

Another Downturn Another BuyOut

Bureau of Economics

Americans love capitalism.  We love to tell the government to stay out of the business of business.  “That which governs least governs best” and all that hoo ha.  This holds true until something goes wrong.  The World Trade Center and Pentagon are attacked: let’s change our way of life.  The mortage industry fails to properly regulate itself, and now it appears that the government will come to the rescue of Fanny Mae and Freddy Mac.

Given the circumstances I don’t see any recourse but to bail out these two pseudo-corporations, but wuoldn’t it have been more cost effective to employ some amount of regulation to avert the need for the U.S. tax payer to step in – again?  Let’s recall the last fiasco in the 1980s where the savings and loan industry all but collapsed and the Resolution Trust Corporation was formed to recover the mess.

Instead of paying through the nose at the end, perhaps a little LESS liquidity would have done nicely.  For instance, debt was sold from one bank to another like candy without any notion of the risk.  What if the bank that issued the note had to hold it?  At that point the risk is the bank’s and the bank’s alone.  Perhaps this is also an argument for a higher reserve ratio for subprime mortages.  Another approach would similarly require a ration of prime to subprime loans so that there is a maximum risk portfolio.

One of the reasons this isn’t done is that people say that the market should sort itself out.  And that works up until a certain point, after which Americans who are not delinquent foot the bill.