Computer Misuse Act 2000

The Computer Misuse Bill, 2000 was introduced in the Senate in October 2000 in the House of Representatives. It was passed in both the House of Representatives and the Senate in October 2000.

The main purpose of the Computer Misuse Bill 2000 is to prohibit the unauthorised access, use of or interference to any program or data held in a computer and to a computer itself.

The Bill therefore seeks to enhance computer security by giving protection to the integrity of computer systems and by providing stringent penalties for specified computer related offences.

The Computer Misuse Bill also provides enhanced penalties in case where the offence results in damage, which includes financial loss, injury, or harm.

Some of the points/issues raised by the TTCS :

  • How does one ensure that computer data presented as evidence in court was the same evidence that was originally collected? Computer logs are text files and can be easily modified.
  • Re: Clause 16, Police or authorised persons can contaiminate data while conducting their investigations. What is to prevent or protect against such problems?
  • It is possible for someone to easily frame another person for a computer crime.
  • The proposed Bill defines various computer-related offences as criminal acts. This means that the case will be tried before a jury. Would such a jury understand the technical aspects of the case?
  • What happens to minors (persons under 18) under this law?
  • Re: Clause 12,13, If a Trinbagoian runs a e-commerce site hosted in the U.S and a offence is committed against the site, causing momentary loss to the Trinbagoian. Under what jurisdiction is the crime prosecuted? Trinidad and Tobago The U.S?
  • Email viruses such as the Love Bug can be spread by unwitting users to other computers including protected computers as defined in clause 9. Would such a person be liable under clause 9?
  • Re: Access code in Clause 8, Computer hardware and software are sold with a default password that should be changed by the owners when they install it. If they don’t change the password, and an outside person notices this and notifies the owner of the hardware/software, would the someone be committing an offence under clause 8?
  • Re: Clause 17, Arrest by police officer (without warrant) is controversial. This clause was removed from the final act.

Internet Security v2.1

Internet Security v2.1 (October 24th, 2000)

The previous edition of the Online Security document, Version 1.2 (released June 2000) was concerned with informing the home and small business user about how to secure their Internet access against intrusion by such malicious software (aka “malware”) as trojan horses, viruses and hostile scripts. Research has shown that many Internet “technologies” are both a security and privacy threat to the home and small business user, as a result several additions have been made to the information contained in this document.

The present threat to Internet users is a combination of the old (e.g. trojans, viruses, hostile scripts) and the new (e.g. web bugs, confidential data being stored in plain-text cookies, unique identification numbers, ad-ware, spyware and unauthorised transmission of the user’s personal data). Most of the problems orginate in the methods by which online advertising companies track and store data about Net surfers in order to compile statistics for more “effective” advertising. They claim it is to make the World Wide Web a better place for everyone but so far they have only caused un-necessary worries for all Net users.

This document will seek to explain some of these problems and where possible, provide solutions. It is important to note that this document is about informing users about potential Internet threats. Everyone who uses the Internet is subject to their influence in one form or the other; the chances of being victimised by these “technologies” and “malware” are directly related to user awareness of their existance.

You can view the security.pdf (228K) or you can download security.zip  (205K) for offline use.

To view PDF files, you need Adobe’s free Acrobat reader

 

 

Digital Signatures Bill 1999

The Digital Signatures Bill seeks to regulate the use of digital signatures and the legal framework to make them work such as the regulation of certification authorities who issue certificates to persons.

The Bill was withdrawn from Parliament. Some possible complaints :

  • The bill is long, divided into 7 parts and has about 90 clauses in all which makes for very tough reading and understanding.
  • The bill focused in detail on only using asymmetric encryption (using public and private keys) for authenticating signatures. What if other technologies could be used (e.g biometric recognition)?
  • Clause 79 “Search and seizure (of police) without warrant” is controversial.

Year 2000 problem

This article is an attempt to explain what the Year 2000 problem, also known as the Y2K bug or (less  accurately) the millennium bug is and what you can (and should!) do about it. I’ve tried to be as accurate as possible while still trying to explain the problem in clear terms. Having said that, I should offer a standard disclaimer that any Year 2000 webpage will have : If use of the information leads to damage of equipment, the TTCS is not liable for any expenses that may be incurred.

(Written by : Dev Anand Teelucksingh, Paul Worswick, circa October 1998)

What is the Year 2000 problem?

The Year 2000 problem is a general description of the problem caused by computer hardware and software or anything else for that matter that is unable to deal correctly with the change from the year 1999 to 2000. It is not confined to personal computers but also anything which uses microprocessors (embedded technology) such as central heating systems, telephones PBXes, and industrial controllers.

The Y2K problem has been called the “millennium bug” but this is inaccurate as the occurance of the millennium itself has nothing to do with the problem. If we were living in 1899 instead of 1999, we would still have a problem when the year changed from 1899 to 1900.

Essentially, most computer hardware and software track only the last two digits of the year. So the year “1999” is treated as “99”. When the year 2000 occurs, these hardware and software will see the year as “00”, causing malfunctions as some will treat the year as “1900” and give incorrect results.

Continue reading Year 2000 problem