The Philippines’ first and only industry magazine that deals with safety and security matters pervading the environment today.

Where Should We Draw the Line in Cyber Security?

Many have raised their eyebrows upon the enactment of the Cyber Crime Prevention Law, while others felt vindicated, particularly those who have fallen prey to Internet fraud. Whether or not cyber activities should be regulated, it is important to draw the line between freedom and responsibility in the cyber-world.

Amidst the controversial Internet regulation, let’s hear what the brains behind the invention of the World Wide Web have to say.

British inventor of the World Wide Web, Tim Berners-Lee, expressed his sentiment on the restriction of internet use. During the London launch of the league table, he asserted that government efforts to block the internet shall not be possible due to dispersed internet structure.

According to The Raw Story Report, he said, “The way the Internet is designed is very much as a decentralised system. At the moment, because countries connect to each other in lots of different ways, there is no one off switch, there is no central place where you can turn it off. In order to be able to turn the whole thing off or really block, suppress one particular idea then the countries and governments would have to get together and agree and co-ordinate and turn it from a decentralised system to being a centralised system. And if that does happen it is really important that everybody fights against that sort of direction.”

Fair enough, there’s the clamor that regulating cyber activities would be contradictory to the ultimate ends of Internet use—that is to generate boundless networks of digital information. What’s more interesting is that there shall always be ample of room for everyone to access and share more multimedia files online.

But such an influx of digital information, more often than not, is unsecured. Fact is, the World Wide Web is oriented toward free and unlimited access to information, hence its vulnerability to abuse. So don’t get surprised by privacy breach encountered by members of the online community from time to time.

Microsoft’s Photosynth, for instance, which has promising value in forensic science, falls short when it comes to security. While law enforcement authorities can use this technology to instantly create a 3D version of the crime scene out of random pictures taken, the investigation might be compromised when an outsider happens to stumble upon the file readily accessible online.

Most, if not all, applications and even websites reveal limitations other than features and functions. Google, as a matter of fact, encourages web administrators to post a disclaimer informing readers of certain risks. End-users, in turn, should take time to look into these limitations to observe necessary caution. This way, they won’t get caught off guard.

There’s no other way to keep governments from centralizing the structure of the cyber world, but to keep the World Wide Web orderly. Most probably the government is only likely to intervene when rights—protected by the State–are violated. That is why developers and Internet users should share the responsibility to come up with safe cyber activities.

Meanwhile, the World Wide Web Foundation launched the global league table topped by Sweden being hailed as the best country in using Internet technology. United States, United Kingdom, and France came in second, third, and fourteenth respectively. Rankings are based on “economic, political, and social impact of the web, connectivity, and use,” according to Guardian news and Media.

Cyber security in the local setting

Along with the enactment of cybercrime prevention law, comes the alarming issue of lawful tapping of personal conversations.

Inquirer News quoted the director of the Philippine Computer Society, Al Vitangcol, speaking in the Fernandina Forum in San Juan City, “There’s a complaint against you, and a court warrant was secured. Then NBI [National Bureau of Investigation] and PNP [Philippine National Police] authorities can tap your online access…Your email (exchanges) they can monitor, your conversations…They are allowed to do that (under this law).”

The Philippines might just be following the footsteps of the United States, which came second on the list of the global league table, in legitimizing wire-tapping in and out of the cyber world by virtue of the US Patriot Act. Such law has even authorized warrantless wire-tapping that might leave lawful intrusion of private conversations at the whim of authorities.

Although the Philippine Cybercrime Prevention Law recognizes the wisdom of the courts to decide whether or not authorities should conduct cyber-spying, it does not qualify crimes eligible for online surveillance, unlike in the US where lawful wire-tapping is exclusive for the prevention and management of terrorism-related crimes.

Here’s the catch. Philippine law enforcement agencies might not be able to guarantee 0% percentage of error along the process of detecting the target web account(s). The prestigious US Federal Bureau of Investigation (FBI) even admitted at one point that they have intercepted wrong numbers back in 2005, according to the MSNBC News. Now, can the NBI guarantee low percentage of error, if not 0%?

Good if the NBI encountered potential criminals upon spying on the wrong web account, but trust me they’ll have a hard time prosecuting these people when the admissibility of evidence becomes questionable. Shall it be admissible under the good faith principle? Evidence gathered by authorities acting in good faith may be admissible regardless of technical defects.

Law enforcement authorities, however, cannot rely on finding “criminals by chance” out of wrongful cyber-spying. Otherwise, the government would seem to pay little regard to unlawful breach of privacy. When that happens, the cyber-world might simply run amok such as the rise of cyber-hacking groups organized to fight against oppressive web controls imposed by the government.

Sooner or later, the Philippines might have its counterpart of the AntiSec, a hacker’s group, which has recently divulged a database of “one million identification numbers for Apple devices” purportedly hacked from an FBI agent’s laptop, although the latter denied such an allegation.

Are you protected from security breach?

As much as the many forms of malware that can hamper cyber activities, you’ll also find some intrusion security solutions around. Malware, or malicious software, may either interrupt computer operation or gather private information. To block any sort of malware, you better come equipped with tough intrusion security solutions.

According to Sophos, “2012 Buyer’s Guide To Web Protection,” an ideal intrusion security solution should facilitate reduced network complexity less the “backhauling, latency, and a single point failure” wrapped in a cost-saving package made possible by doing away with traditional web security appliances that are commonly expensive

Hewlett-Packard Business White Paper also pointed out eight attributes of effective intrusion security solutions:

(1) In-band security that can detect and stop network attacks;

(2) Maximum network and application availability support to keep the network up and running;

(3) High-performance and in-depth traffic inspection without sacrificing speed;

(4) Network core and perimeter protection without rendering the network latent;

(5) Broad and deep security coverage to prevent frequent security breach;

(6) Accurate attack coverage allowing good traffic but restricting bad traffic;

(7) Timely and updated attack protection to keep the computer active and protected at all times; and

(8) Effective security in real-world environment.

But computer owners should not only look for effective intrusion security solutions, but also take into consideration user-friendly and cost-effective ones.

 

One response to “Where Should We Draw the Line in Cyber Security?”

  1. Fernando Z. Francisco via Facebook Avatar
    Fernando Z. Francisco via Facebook