Re: Cracked; rootkit - entrapment question?

[D.M.Pick () QMW AC UK (David Pick)]

> This may be a little off-topic at this point, but frankly, I'm not sure that
> providing the FBI with sufficient resources to investigate every instance of
> instrusion is a good idea.  I know that folks in the bureau would love to have
> the jurisdiction and the funds to handle it all themselves, and the big
> agencies in DC would find it more convenient going through the FBI than
> having to deal with locals all the time, but I'm not convinced that
> modern computer crime is amenable to monolithic, centralized response.
> These days we know that the best way to deal with advances in intrusion
> techniques is to have good communication between as many knowledgable
> people as possible, and while it would be comforting to know that there's
> some single agency which has everything under control, in the US or
> otherwise, it seems that neither history nor the current state of the art
> offer anything to suggest that such a solution will properly serve its
> avowed aims.  We'd all be better served by a plan to broaden the net, as it
> were, rather than concentrating it all in one place.
>
> But that's really a matter of policy more than technology.

Also a matter of international treaty. By treaty there has to be one agency
in each country which handles all Interpol requests for "mutual assistance".
For the USA that's the FBI. So any police activity that crosses the national
borders of the USA has to involve the FBI. CERT<->CERT activity, OTOH, is
not police activity and can go direct.

--
        David Pick