Of Hackers and Scammers
A good friend of mine’s bank account was recently raided and cleaned out by hackers. As soon as he found out, within minutes, my friend who, himself is a network engineer, reported the theft to the bank. The money was transferred out of his account and saved in another bank, and from there, sent out of the country. The fraud department staff noted down all the information, and from that point on, fearing possible lawsuit, and based on the legal department’s recommendation maintained total silence.
In the end, did the bank compensate any of the money my friend had lost? None, zero, zilch, nothing, not even a penny.
“You feel so left out, as if my family and friends and the rest of the world had all abandoned me. The first couple of weeks, I would wake up and find myself crying. I had lost a good chunk of my savings, and there was NOBODY that I could turn to.”
“I started looking for an attorney to help me recover, at least part of the money from the bank, but even if I found one, what were our chances of beating the full team of lawyers working for the bank?”
One attorney said his office would not accept cases dealing with dollar amounts less than $100,000.
To further mislead and disappoint the victim, the hackers had even set up internet links to fake lawyers’ offices in Canada and Mexico.
SO WHAT CAN BE DONE? I should say here that the following statements do not apply to all financial institutions. Some have already implemented features, such as those recommended by experts (in diverse ways), but a large number worry more about their transaction volume and the bottom line. In addition, the bank’s attitude towards client losses, and its responsibility towards the customer is, pretty much the same everywhere, and it derives from the banks’ attitude profits before people.
If you are willing to go back to the days of “manual banking”, the solution is very simple. Just call up the bank and disable or remove online banking, but you will have to visit the bank for the smallest of things.
Here is one interim solution before a definitive one is worked on.
A large percent of thefts are done through online banking. The money is lost when an online transfer (wire transfer, of some sort, Zelle, etc.) is initiated. The function is triggered when a request is received to do transfer online. This service should fail at this point if the destination of the transfer is a financial institution outside the bank’s network and the request is through online banking. The bank should then ask the client to visit a branch and show ID.
Nice and simple as it is, many banks refuse to implement this additional feature because it eats into their profits, as transaction volume is slowed and reduced, but the heck with the customer who might lose her/his life’s savings. After all, even though the banks are too big to fail, bank customers are not.
Business as usual in a neo-liberal world: profits before people when it should be people before profits.
The Paranoia of Officialdom: Age Verification and Using the Internet in Australia
Australia, in keeping with its penal history, has a long record of paranoid officialdom and paternalistic wowsers. Be it perceived threats to morality, the tendency of the populace to be corrupted, and a general, gnawing fear about what knowledge might do, Australia’s governing authorities have prized censorship.
This recent trend is most conspicuous in an ongoing regulatory war being waged against the Internet and the corporate citizens that inhabit it. Terrified that Australia’s tender children will suffer ruination at the hands of online platforms, the entire population of the country will be subjected to age verification checks. Preparations are already underway in the country to impose a social media ban for users under the age of 16, ostensibly to protect the mental health and wellbeing of children. The Online Safety Amendment (Social Media Minimum Age) Bill 2024 was passed in November last year to amend the Online Safety Act 2021, requiring “age-restricted social media platforms” to observe a “minimum age obligation” to prevent Australians under the age of 16 from having accounts. It also vests that ghastly office of the eSafety Commissioner and the Information Commissioner with powers to seek information regarding relevant compliance by the platforms, along with the power to issue and publish notices of non-compliance.
While the press were falling over to note the significance of such changes, little debate has accompanied the last month’s registration of a new industry code by the eSafety Commissioner, Julie Inman Grant. In fact, Inman Grant is proving most busy, having already registered three such codes, with a further six to be registered by the end of this year. All serve to target the behaviour of internet service companies in Australia. Not all have been subject to parliamentary debate, let alone broader public consultation.
Inman Grant has been less than forthcoming about the implications of these codes, most notably on the issue of mandatory age-assurance limits. That said, some crumbs have been left for those paying attention to her innate obsession with hiving off the Internet from Australian users. In her address to the National Press Club in Canberra on June 24, she did give some clue about where the country is heading: “Today, I am […] announcing that through the Online Safety Act’s codes and standards framework, we will be moving to register three industry-prepared codes designed to limit children’s access to high impact, harmful material like pornography, violent content, themes of suicide, self-harm and disordered eating.” (Is there no limit to this commissar’s fears?) Under such codes, companies would “agree to apply safety measures up and down the technology stack – including age assurance protections.”
With messianic fervour, Inman Grant explained that the codes would “serve as a bulwark and operate in concern with the new social media age limits, distributing more responsibility and accountability across eight sectors of the tech industry.” These would also not be limited in scope, applicable to enterprise hosting services, internet carriage services, and various “access providers and search engines. I have concluded that each of these codes provides appropriate community safeguards.”
From December 27, such technology giants as Google and Microsoft will have to use age-assurance technology for account holders when they sign in and “apply tools and/or settings, like ‘safe search’ functionality, at the highest safety setting by default for an account holders its age verification systems indicate is likely to be an Australian child, designed to protect and prevent Australian children from accessing or being exposed to online pornography and high impact violence material in search results.” This is pursuant to Schedule 3 – Internet Search Engine Services Online Safety Code (Class 1C and Class 2 Material).
How this will be undertaken has not, as yet, been clarified by Google or Microsoft. The companies have, however, been in the business of trialling a number of technologies. These include Zero-Knowledge Proof (ZKP) cryptography, which permits people to prove that an aspect of themselves is true without surrendering any other data; using large language models (LLMs) to discern an account holder’s age based on browsing history; or the use of selfie verification and government ID tools.
Specialists in the field of information technology have been left baffled and worried. “I have not seen anything like this anywhere else in the world,” remarks IT researcher Lisa Given. This had “kind of popped out, seemingly out of the blue.” Digital Rights Watch chair, Lizzie O’Shea, is of the view that “the public deserves more of a say in how to balance these important human rights issues” while Justin Warren, founder of the tech analysis company PivotNine, sees it as “a massive overreaction after years of police inaction to curtail the power of a handful of large foreign technology companies.”
Then comes the issue of efficacy. Using the safety of children as a reason for censoring content and restricting technology is a government favourite. Whether the regulations actually protect children is quite another matter. John Pane, chair of Electronic Frontiers Australia (EFA), was less than impressed by the results from a recent age-assurance technology trial conducted to examine the effect of the teen social media ban. And all of this cannot ignore the innovative guile of young users, ever ready to circumvent any imposed restrictions.
Inman Grant, in her attempts to limit the use of the Internet and infantilise the population, sees these age-restricting measures as “building a culture of online safety, using multiple interventions – just as we have done so successfully on our beaches.” This nonsensical analogy excludes the central theme of her policies, common to all censors in history: The people are not to be trusted, and paternalistic governors and regulators know better.
No comments:
Post a Comment