Archive

Archive for the ‘Laws’ Category

An interesting logging regulation that doesn’t apply to Windows event logs…

May 27th, 2011 No comments

I was browsing around looking for logging regulations and stumbled across this.  It’s the United State’s federal regulation on EDRs – Event Data Recorders – installed in automobiles.

EDRs are little log engines, like the “black box” flight data recorders on commercial airliners.  They are typically part of the airbag system on an automobile. They record specific data about the operation of the vehicle including speed, etc., and they record incident data like airbag sensor activation or airbag deployment.

Anyway, if you want to see an example of a really different kind of logging, the PDF document of NHTSA rule 2006-25666 describes what data must be logged, and how often (sampling rate), and retention policy.

Sample logs are available here.

Categories: Laws Tags:

An interesting logging regulation that doesn’t apply to Windows event logs…

May 27th, 2011 No comments

I was browsing around looking for logging regulations and stumbled across this.  It’s the United State’s federal regulation on EDRs – Event Data Recorders – installed in automobiles.

EDRs are little log engines, like the “black box” flight data recorders on commercial airliners.  They are typically part of the airbag system on an automobile. They record specific data about the operation of the vehicle including speed, etc., and they record incident data like airbag sensor activation or airbag deployment.

Anyway, if you want to see an example of a really different kind of logging, the PDF document of NHTSA rule 2006-25666 describes what data must be logged, and how often (sampling rate), and retention policy.

Sample logs are available here.

Categories: Laws Tags:

An interesting logging regulation that doesn’t apply to Windows event logs…

May 27th, 2011 No comments

I was browsing around looking for logging regulations and stumbled across this.  It’s the United State’s federal regulation on EDRs – Event Data Recorders – installed in automobiles.

EDRs are little log engines, like the “black box” flight data recorders on commercial airliners.  They are typically part of the airbag system on an automobile. They record specific data about the operation of the vehicle including speed, etc., and they record incident data like airbag sensor activation or airbag deployment.

Anyway, if you want to see an example of a really different kind of logging, the PDF document of NHTSA rule 2006-25666 describes what data must be logged, and how often (sampling rate), and retention policy.

Sample logs are available here.

Categories: Laws Tags:

An interesting logging regulation that doesn’t apply to Windows event logs…

May 27th, 2011 No comments

I was browsing around looking for logging regulations and stumbled across this.  It’s the United State’s federal regulation on EDRs – Event Data Recorders – installed in automobiles.

EDRs are little log engines, like the “black box” flight data recorders on commercial airliners.  They are typically part of the airbag system on an automobile. They record specific data about the operation of the vehicle including speed, etc., and they record incident data like airbag sensor activation or airbag deployment.

Anyway, if you want to see an example of a really different kind of logging, the PDF document of NHTSA rule 2006-25666 describes what data must be logged, and how often (sampling rate), and retention policy.

Sample logs are available here.

Categories: Laws Tags:

If you’re gonna herd bots, do it from New Zealand!

July 16th, 2008 No comments

A judge in New Zealand declined to convict the admitted (guilty plea) botherder of a million-bot botnet, citing the negative consequences a conviction would have on the young man’s future prospects.  See the story here.


Well duh.  The whole theory of crime and punishment is that if you do something bad, you get punished, and punishment is something that is unpleasant, so you try to avoid it, hopefully by not doing the crime.  See?  One would hope that a judge would understand this concept.


I could understand if the judge said “this is just a stupid kid, he doesn’t deserve to do 20 years”, and gave the kid probation, community service and a big fine.  I don’t know if New Zealand has such options, or if the judge has latitude in sentencing.  There is probably more to the story than is being told.  But you don’t take over a million computers that don’t belong to you, personally making tens of thousands of dollars, and not realize that you’re doing something wrong.  Unless you’re a sociopath.  And in either case, you either need punishment (for doing something you know is wrong) or separation from society for the protection of society while you get treatment (if you are a sociopath).  So whatever the case, the judge got it wrong, and as a result is practically encouraging future behavior of the same sort.

Categories: Laws, Rants Tags:

If you’re gonna herd bots, do it from New Zealand!

July 16th, 2008 Comments off

A judge in New Zealand declined to convict the admitted (guilty plea) botherder of a million-bot botnet, citing the negative consequences a conviction would have on the young man’s future prospects.  See the story here.


Well duh.  The whole theory of crime and punishment is that if you do something bad, you get punished, and punishment is something that is unpleasant, so you try to avoid it, hopefully by not doing the crime.  See?  One would hope that a judge would understand this concept.


I could understand if the judge said “this is just a stupid kid, he doesn’t deserve to do 20 years”, and gave the kid probation, community service and a big fine.  I don’t know if New Zealand has such options, or if the judge has latitude in sentencing.  There is probably more to the story than is being told.  But you don’t take over a million computers that don’t belong to you, personally making tens of thousands of dollars, and not realize that you’re doing something wrong.  Unless you’re a sociopath.  And in either case, you either need punishment (for doing something you know is wrong) or separation from society for the protection of society while you get treatment (if you are a sociopath).  So whatever the case, the judge got it wrong, and as a result is practically encouraging future behavior of the same sort.

Categories: Laws, Rants Tags:

If you’re gonna herd bots, do it from New Zealand!

July 16th, 2008 No comments

A judge in New Zealand declined to convict the admitted (guilty plea) botherder of a million-bot botnet, citing the negative consequences a conviction would have on the young man’s future prospects.  See the story here.


Well duh.  The whole theory of crime and punishment is that if you do something bad, you get punished, and punishment is something that is unpleasant, so you try to avoid it, hopefully by not doing the crime.  See?  One would hope that a judge would understand this concept.


I could understand if the judge said “this is just a stupid kid, he doesn’t deserve to do 20 years”, and gave the kid probation, community service and a big fine.  I don’t know if New Zealand has such options, or if the judge has latitude in sentencing.  There is probably more to the story than is being told.  But you don’t take over a million computers that don’t belong to you, personally making tens of thousands of dollars, and not realize that you’re doing something wrong.  Unless you’re a sociopath.  And in either case, you either need punishment (for doing something you know is wrong) or separation from society for the protection of society while you get treatment (if you are a sociopath).  So whatever the case, the judge got it wrong, and as a result is practically encouraging future behavior of the same sort.

Categories: Laws, Rants Tags:

German court bans retention of logged IP addresses

October 3rd, 2007 Comments off

A German court has ruled that a government web site may not retain IP addresses and other personally identifiable information (PII) in their logs for any longer than the user is actually using the site.


The judges pointed out that in many cases it was simple to map an IP address to an identity with the help of 3rd parties, and declared that logging IP addresses was a “violation of the right to informational self-determination.”


OK whatever.


Germany does not seem to be of one mind regarding logging.  On the one hand their draconian privacy laws (how’s that for an oxymoron?) are pretty much in opposition to any meaningful user activity logging.  On the other hand, their law enforcement folks at least seem to know the value of logs, even if they are a little draconian in the other direction.  Finally the article above notes that even the Bundestag, the lower house of the German Parliament, doesn’t comply with with the privacy laws that body created- the web site logs and retains PII.


Attention Germany: the privacy horse has left the barn.  Technology has far outpaced the capability of an individual to control where his or her information flows.  Expecting to both receive service from an online provider, and to remain “private” (whatever that means) from the provider, is unreasonable- and in fact denying the provider the right to log prevents the provider from systematically improving service to you.  Logging is a best practice for administrative activity, including maintenance-related activities, marketing & service planning, and security-related activities such as forensics.  Everything generates logs nowadays.  It would probably be better to write laws restricting what can be done with logs rather than to outlaw logging.  In this manner you could mitigate abuses such as those by the ambulance chasers but still provide organizations of all sorts, including the government itself, the information they need to do their jobs.


 

Categories: Laws, News, privacy, Rants Tags:

German court bans retention of logged IP addresses

October 3rd, 2007 No comments

A German court has ruled that a government web site may not retain IP addresses and other personally identifiable information (PII) in their logs for any longer than the user is actually using the site.


The judges pointed out that in many cases it was simple to map an IP address to an identity with the help of 3rd parties, and declared that logging IP addresses was a “violation of the right to informational self-determination.”


OK whatever.


Germany does not seem to be of one mind regarding logging.  On the one hand their draconian privacy laws (how’s that for an oxymoron?) are pretty much in opposition to any meaningful user activity logging.  On the other hand, their law enforcement folks at least seem to know the value of logs, even if they are a little draconian in the other direction.  Finally the article above notes that even the Bundestag, the lower house of the German Parliament, doesn’t comply with with the privacy laws that body created- the web site logs and retains PII.


Attention Germany: the privacy horse has left the barn.  Technology has far outpaced the capability of an individual to control where his or her information flows.  Expecting to both receive service from an online provider, and to remain “private” (whatever that means) from the provider, is unreasonable- and in fact denying the provider the right to log prevents the provider from systematically improving service to you.  Logging is a best practice for administrative activity, including maintenance-related activities, marketing & service planning, and security-related activities such as forensics.  Everything generates logs nowadays.  It would probably be better to write laws restricting what can be done with logs rather than to outlaw logging.  In this manner you could mitigate abuses such as those by the ambulance chasers but still provide organizations of all sorts, including the government itself, the information they need to do their jobs.


 

Categories: Laws, News, privacy, Rants Tags:

German court bans retention of logged IP addresses

October 3rd, 2007 No comments

A German court has ruled that a government web site may not retain IP addresses and other personally identifiable information (PII) in their logs for any longer than the user is actually using the site.


The judges pointed out that in many cases it was simple to map an IP address to an identity with the help of 3rd parties, and declared that logging IP addresses was a “violation of the right to informational self-determination.”


OK whatever.


Germany does not seem to be of one mind regarding logging.  On the one hand their draconian privacy laws (how’s that for an oxymoron?) are pretty much in opposition to any meaningful user activity logging.  On the other hand, their law enforcement folks at least seem to know the value of logs, even if they are a little draconian in the other direction.  Finally the article above notes that even the Bundestag, the lower house of the German Parliament, doesn’t comply with with the privacy laws that body created- the web site logs and retains PII.


Attention Germany: the privacy horse has left the barn.  Technology has far outpaced the capability of an individual to control where his or her information flows.  Expecting to both receive service from an online provider, and to remain “private” (whatever that means) from the provider, is unreasonable- and in fact denying the provider the right to log prevents the provider from systematically improving service to you.  Logging is a best practice for administrative activity, including maintenance-related activities, marketing & service planning, and security-related activities such as forensics.  Everything generates logs nowadays.  It would probably be better to write laws restricting what can be done with logs rather than to outlaw logging.  In this manner you could mitigate abuses such as those by the ambulance chasers but still provide organizations of all sorts, including the government itself, the information they need to do their jobs.


 

Categories: Laws, News, privacy, Rants Tags:

Ensuring that there’s no useful data in your logs…

September 1st, 2007 No comments

As I wrote about earlier, TorrentSpy, a file-sharing search engine, was ordered by a U.S. magistrate to enable logging on its servers and to subsequently make those logs available to the MPAA, the plaintiff in an illegal file-sharing lawsuit against TorrentSpy.  They have lost their appeals and as a result have decided to block US IP addresses from their web servers (which will effectively ensure that no information interesting to the MPAA will reach their logs).  This ruling also puts copyright law squarely at odds with privacy rights, as pointed out by the Electronic Frontier Foundation.  The whole case seems to hinge on the fact that the judge interpreted the fact that information such as IP addresses temporarily reside in a computer’s RAM as meaning that information is “stored” by the computer and therefore discoverable; many computer experts reject that argument.  More analysis of the implications of the ruling are found here.

Categories: Laws, News, privacy Tags:

Ensuring that there’s no useful data in your logs…

September 1st, 2007 Comments off

As I wrote about earlier, TorrentSpy, a file-sharing search engine, was ordered by a U.S. magistrate to enable logging on its servers and to subsequently make those logs available to the MPAA, the plaintiff in an illegal file-sharing lawsuit against TorrentSpy.  They have lost their appeals and as a result have decided to block US IP addresses from their web servers (which will effectively ensure that no information interesting to the MPAA will reach their logs).  This ruling also puts copyright law squarely at odds with privacy rights, as pointed out by the Electronic Frontier Foundation.  The whole case seems to hinge on the fact that the judge interpreted the fact that information such as IP addresses temporarily reside in a computer’s RAM as meaning that information is “stored” by the computer and therefore discoverable; many computer experts reject that argument.  More analysis of the implications of the ruling are found here.

Categories: Laws, News, privacy Tags:

Ensuring that there’s no useful data in your logs…

September 1st, 2007 No comments

As I wrote about earlier, TorrentSpy, a file-sharing search engine, was ordered by a U.S. magistrate to enable logging on its servers and to subsequently make those logs available to the MPAA, the plaintiff in an illegal file-sharing lawsuit against TorrentSpy.  They have lost their appeals and as a result have decided to block US IP addresses from their web servers (which will effectively ensure that no information interesting to the MPAA will reach their logs).  This ruling also puts copyright law squarely at odds with privacy rights, as pointed out by the Electronic Frontier Foundation.  The whole case seems to hinge on the fact that the judge interpreted the fact that information such as IP addresses temporarily reside in a computer’s RAM as meaning that information is “stored” by the computer and therefore discoverable; many computer experts reject that argument.  More analysis of the implications of the ruling are found here.

Categories: Laws, News, privacy Tags: