The Register Columnists

Mark Rasch

Contact Mail Follow RSS feed
The Register breaking news

Should XP pirates get SP2?

If Microsoft denies Windows XP pirates access to its SP2 upgrade, the result would hurt the Internet to protect Microsoft's bottom line. Try this analogy: suppose a car thief drove to the dealership and insisted that they perform brake repairs required by a recall notice, for free, on the stolen car. Suppose further that the …
Mark Rasch, 25 May 2004
The Register breaking news

The Wi-Fi user as wireless felon

Before Wi-Fi can fully fulfil its promise, there is the small matter of a raft of outdated legislation to be dealt with - some of which threatens the innocent user with an appearance before a judge. A local Washington DC television news station wanted to do a Wi-Fi "hack". Its plan was to sit in a local coffee shop (named after …
Mark Rasch, 04 May 2004
The Register breaking news

NH judge throws out paedo chat-log evidence

When a New Hampshire judge threw out chat-log evidence against an accused pedophile, he illustrated just how jumbled and confused Internet privacy law can be, writes SecurityFocus columnist Mark Rasch. You are engaged in a chat session with some friends and colleagues, when one of them makes a witty remark or imparts a pithy …
Mark Rasch, 12 Apr 2004
The Register breaking news

Lock down gambling sites, go to jail

A new Justice Department policy threatens to jail security professionals who help lock down online gambling sites anywhere in the world. For example, you're a computer security expert who's hired by an offshore casino in the Cayman Islands to develop a security and authentication technology. Your client is a licensed Cayman …
Mark Rasch, 23 Mar 2004
The Register breaking news

Is password-lending a cybercrime?

A judge's wrongheaded interpretation of the federal Computer Fraud and Abuse Act illustrates the problems of allowing civil enforcement of a criminal law, writes SecurityFocus columnist Mark Rasch In a little-observed civil lawsuit involving tracking of magazine subscriptions, a federal court in Manhattan issued a ruling last …
Mark Rasch, 01 Mar 2004
The Register breaking news

The first fallout from Cybergate

Did Republican staffers commit a crime by clicking on the "My Network Places" icon to access Democratic memos, asks SecurityFocus columnist Mark Rasch. Politics is dirty business, and rarely so much as in the area of patronage: appointments to sought-after federal jobs in general, and to the federal bench in particular. So it …
Mark Rasch, 10 Feb 2004
The Register breaking news

The Giant Wooden Horse Did It!

Introducing a new legal defense to computer crime charges - one that's all the more frightening because it could be true, says SecurityFocus columnist Mark Rasch. According to Greek mythology, the seer Laocoon, a priest of Apollo, warned the residents of Troy against accepting into their city the giant wooden horse designed by …
Mark Rasch, 20 Jan 2004
The Register breaking news

Jane Doe ruling limits effect of RIAA legal defeat

On Friday, the DC federal appeals court ruled that the recording industry's efforts to subpoena the names and addresses of ISP Verizon's customers who were using P2P file-sharing networks to download and upload copyrighted music were unlawful. However, the decision rests on a narrow reading of the federal Digital Millennium …
Mark Rasch, 02 Jan 2004
The Register breaking news

The Wells Fargo example

Opinion Companies should protect consumer data better than Wells Fargo did, but in cleaning up its laptop data spill the bank blazed a trail worth following, says SecurityFocus columnist Mark Rasch. In July of this year, a new law took effect in California, SB 1386, that requires all companies that do business in the state to "promptly …
Mark Rasch, 02 Dec 2003
The Register breaking news

Proposed: a Bounty for Bugs

Instead of paying hard cash to punish computer criminals, vendors should reward grey hat hackers for responsibly finding and reporting the security holes that make cyber attacks possible, argues SecurityFocus columnist Mark Rasch. Microsoft recently announced a $500,000 bounty for the arrest and prosecution of those responsible …
Mark Rasch, 18 Nov 2003
The Register breaking news

US corporate security disclosure plan won't help

Analysis In an effort to shore up the security of the US' critical infrastructures, the secretary of the Department of Homeland Security recently proposed that all publicly-traded companies disclose in their filings with the Securities and Exchange Commission precisely what they are doing to protect the security, confidentiality, …
Mark Rasch, 20 Oct 2003
The Register breaking news

FBI bypasses First Amendment to nail a hacker

Citing a provision of the Patriot Act, the FBI is sending letters to journalists telling them to secretly prepare to turn over their notes, e-mails and sources to the bureau. Should we throw out the First Amendment to nail a hacker, writes SecurityFocus columnist Mark Rasch. Frequent readers of this space know that I am no …
Mark Rasch, 29 Sep 2003
The Register breaking news

Forgive me my trespasses

How a recent federal appeals court decision makes virtually everyone a computer criminal, writes SecurityFocus columnist Mark Rasch. Last month, a federal appeals court in California dramatically and unwarrantedly expanded the scope of the federal criminal law prohibiting "unauthorized access" to computers and electronic mail …
Mark Rasch, 08 Sep 2003
The Register breaking news

The sad tale of a security whistleblower

Opinon Previous articles in this space have discussed whether security professionals can go to jail for doing things like demonstrating the insecurity of a wireless network, or conducting a throughput test on a system without permission. Now, a new and unwarranted extension of the US computer crime law shows that you can go to jail for …
Mark Rasch, 18 Aug 2003
The Register breaking news

Copying is Theft – and other legal myths

Opinion As the war over P2P downloading heats up, and the record companies launch the novel marketing technique of suing their customers, I think it is an appropriate time to settle some of the pervasive myths about U.S. copyright law which fuel both sides of the debate, writes Mark Rasch, SecurityFocus columnist and former head of the …
Mark Rasch, 28 Jul 2003
The Register breaking news

FTC calls privacy claims to account

Most online businesses promise they'll protect customer data as if it were their own. Now the government is holding them to it, writes SecurityFocus columnist Mark Rasch. The last couple of weeks have been a busy time for information security law and privacy. First, the California law that requires disclosure of break-ins that …
Mark Rasch, 07 Jul 2003
The Register breaking news

Bad raps for non-hacks

A few odd cases show that you don't have be a digital desparado to be accused of a cybercrime... particularly if you embarrass the wrong bureaucrats. Some recent (and not so recent) cases illustrate how computer security professionals and well intentioned whistle-blowers face a genuine risk of running afoul of computer crime …
Mark Rasch, 16 Jun 2003
The Register breaking news

Cyber insurance between the lines

It's a security professional's nightmare. Not a new virus or worm. Not a hacker from outside trying to penetrate perimeter defenses. Not even an attempted denial of service attack. The nightmare scenario is the "Jayson Blair" syndrome -- the trusted insider gone bad. That can mean stealing information, destroying files, or …
Mark Rasch, 27 May 2003
The Register breaking news

Madonna's borderline MP3 tactics

The material girl's foul-mouthed revenge on music traders could be interpreted as a deceptive trade practice, or even outright fraud, says Mark Rasch, SecurityFocus columnist. Virginia's new anti-spam law makes it a criminal offense to send e-mail with inaccurate and deceptive source or header information. The new PROTECT Act …
Mark Rasch, 05 May 2003
The Register breaking news

Super-DMCA not so bad

Opinion The latest version of the controversial law could be a valuable weapon against thieves and pirates, writes SecurityFocus columnist Mark Rasch. As the litigation over the DMCA continues -- with a 20-something Virginian sentenced to five months in jail for operating a website that sold mod chips, and a Harvard student's efforts …
Mark Rasch, 15 Apr 2003
The Register breaking news

Why the Dogs of Cyberwar stay leashed

Opinion As the U.S. and U.K. campaign to "shock and awe" the Iraqi leadership and population continues, as "bunker buster" bombs hit the Iraqi Presidential palaces and coalition forces attempt to disrupt the command and control of the Iraqi military, one widely-reported offensive capability is nowhere in sight: the United States has not …
Mark Rasch, 24 Mar 2003
The Register breaking news

Why criminalizing Crypto is wrong

Opinion The Justice Department's plan to make routine encryption illegal in the hands of criminals will hurt law abiding citizens, and prove catastrophic for Internet security, writes Mark Rasch There is nothing like the fear of weapons of mass destruction to bring out weary old legislative proposals. Earlier this month, it leaked out …
Mark Rasch, 03 Mar 2003
The Register breaking news

The Briscoe Syndrome

SecurityFocus logo Fear of terrorism and a desire to cooperate with law enforcement has lead many corporate insiders to pony up sensitive information on their customers to anyone with a badge... with no court order required, Mark Rasch writes. Watching the TV drama Law & Order, Detective Briscoe confronts the manager of a …
Mark Rasch, 07 Jan 2003
The Register breaking news

Attack of the Mod Squads

On September 16, 2002, Microsoft, Sony and Nintendo filed a lawsuit against Hong Kong distributor Lik Sang International Ltd, in the High Court of Hong Kong, alleging that the company had infringed copyrights associated with their various gaming systems. In response, the company shut down, and when it came back up three weeks …
Mark Rasch, 30 Oct 2002
The Register breaking news

Closing spyware loopholes

I have this terrible recurring nightmare. One night, there is a knock on the door and Bill Gates and Steve Ballmer are there. When I ask why, they reply, "We are here for your kidney. Don't you remember the contract you clicked on when you downloaded the beta version of Internet Explorer? Don't you read those things?" …
Mark Rasch, 25 Oct 2002
The Register breaking news

Certifiably certified

A recent issue of SC Magazine, one of the information security industry’s cheerleading trade rags, featured a full-page advertisement with the following emblazoned across the top of the page: “How to increase your salary by 21.39% in 7 days or less.” At first glance, I thought it was from the same people sending “Get Your …
Mark Rasch, 25 Oct 2002
The Register breaking news

When Feds attack

In medieval times, attackers would use a bell-shaped metal grenade or "petard" to break enemy defenses. These unreliable devices frequently went off unexpectedly, destroying not only the enemy, but the attacker. As Shakespeare noted, "'tis the sport to have the enginer Hoist with his owne petar." That's what I thought of when …
Mark Rasch, 26 Aug 2002
The Register breaking news

US assumes global cyber-police authority

Much has been written about the new anti-terrorism legislation passed by Congress and signed by President Bush, particularly as it respects the ability of the government to conduct surveillance on email, voice-mail, and other electronic communications. However, too little attention has been paid to other provisions of the …
Mark Rasch, 27 Nov 2001