Paul Murphy over at CIO Today put together an interesting piece on the ubiquity of authentication, the jurisdictional and timing issues involved with nabbing phishers, and some of the underlying reasons why the powers that be don’t just stop the problem in its tracks. But hope is on the horizon, from an unlikely source.
Authentication of email sources is off-the-shelf technology, the problem is nobody uses it. If identification was made of an email’s source at the point it entered the network, it would be easy to shut that source down. Murphy contends, if the process becomes unprofitable, it will simply stop. Unfortunately, that means billions less in sales to companies like Cisco, Microsft, and Symantec, all of which have much to gain from ongoing problems.
As for catching the crooks, well that story has pounded so hard at Spamroll that my fingers are blue. Mr. Murphy says “the thieves are long gone before the authorities can jump through the hoops needed to get enforceable cooperation by those concerned.” Best wishes to the 100,000 names on that missing Berkelely laptop (see Data Stolen from Berkeley, again).
What unlikely candidate could put the kabosh on the problem, and reap the rewards in between? One time heavy-hitters Lucent and Avaya, that’s who. Lucent and its child build much of the equipment used to carry VOIP traffic. And caller ID, now taken for granted on traditional communications lines, is easy to spoof on VOIP networks. But if folks like Lucent light up authentication on their equipment by default, others carrying internet bandwidth will be forced to do the same (or get a lot of fingers pointed at them in blame).
Again, this is all Paul’s thoughts. One thing that is for certain – his theory on spamming the spammers is sure to garner some attention (and misinterpretation). Don’t think so, well then catch the latest on IBM’s FairUCE, or catch Spamroll’s view of it here: IBM hopping on the spam vigilante bandwagon? I don’t think so.
It will be interesting to see how authentication shapes up, along with legislation designed around catching crooks more swiftly. Meanwhile, catch Paul’s entire article on the matter over at NewsFactor Network: Phishing, VoIP and the Market Response.