US entertainment industry: rootkits, spyware, ransomware and trojans to attack "pirates"
"Legalize the use of malware in order to punish people believed to be copying illegally" - Rootkits, spyware, ransomware and trojans to attack pirates
The hilariously named "Commission on the Theft of American Intellectual Property" has finally released its report, an 84-page tome that's pretty bonkers. A proposal to legalize the use of malware in order to punish people believed to be copying illegally. The report proposes that software would be loaded on computers that would somehow figure out if you were a pirate, and if you were, it would lock your computer up and take all your files hostage until you call the police and confess your crime. This is the mechanism that crooks use when they deploy ransomware.
Now they've demanded that Congress legalize an extortion tool invented by organized criminals.
Additionally, software can be written that will allow only authorized users to open files containing valuable information. If an unauthorized person accesses the information, a range of actions might then occur. For example, the file could be rendered inaccessible and the unauthorized user’s computer could be locked down, with instructions on how to contact law enforcement to get the password needed to unlock the account. Such measures do not violate existing laws on the use of the Internet, yet they serve to blunt attacks and stabilize a cyber incident to provide both time and evidence for law enforcement to become involved.
It gets better:
While not currently permitted under U.S. law, there are increasing callsfor creating a more permissive environment for active network defense that allows companies notonly to stabilize a situation but to take further steps, including actively retrieving stolen information,altering it within the intruder’s networks, or even destroying the information within an unauthorizednetwork. Additional measures go further, including photographing the hacker using his own system’scamera, implanting malware in the hacker’s network, or even physically disabling or destroying thehacker’s own computer or network.