Author Archives: cormac

About cormac

Very, very occasional thoughts on security from Cormac Herley

Sex, Lies and Cyber-crime Surveys

We often hear extravagantly large numbers tossed around for cyber-crime losses. Mostly, we find in a new paper, these numbers are completely unreliable. They’re based on self-reported numbers, where a single lie or  exaggeration, from a single respondent is all it takes … Continue reading

Posted in Uncategorized | Leave a comment

Mules lose money, phishing victims do not lose money

US consumer protections against fraud ensure that irreversible untraceable transactions are hard, and hence mules are necessary. Mules essentially receive bad transfers and initiate good ones. A surprising consequence is that in the series of transfers between victim, mule and … Continue reading

Posted in Uncategorized | Leave a comment

Questions on an Internet kill switch

  Is such a switch possible?  Possible, though not easy. The Internet was designed to be robust and has done a pretty good job. To really stop access for a majority of people would really require going after DNS servers … Continue reading

Posted in Uncategorized | Leave a comment