Es muss daher vordringliche Aufgabe freidemokratischer Politik sein, einen liberalen Wertekodex der vom Verfall bedrohten bürgerlichen Tugenden – Anstand, Sittlichkeit, Ehrlichkeit, Pflichtgefühl, Großzügigkeit, Disziplin, Fleiß – aufrechtzuhalten, um den Vormarsch der Sünden – Wollust, Gewalt, Betrug, Lüge, Laster, Selbstsucht (das 11. Gebot „du sollst dich nicht erwischen lassen“) Einhalt zu gebieten.

(Gefunden von einem eifrigen VroniPlager)

★

They discovered some unlawful feature bloat, potentially turning the legal eavesdropping malware into an extra-legal full-blown surveillance tool:

The government malware can, unchecked by a judge, load extensions by remote control, to use the trojan for other functions, including but not limited to eavesdropping. (…) [I]t is possible to watch screenshots of the web browser on the infected PC – including private notices, emails or texts in web based cloud services.

As so often with malware out there, communication between the malware and the command layer is poorly designed and leaves opportunities for third parties to take over the malware.

The analysis also revealed serious security holes that the trojan is tearing into infected systems. The screenshots and audio files it sends out are encrypted in an incompetent way, the commands from the control software to the trojan are even completely unencrypted. Neither the commands to the trojan nor its replies are authenticated or have their integrity protected.

CCC’s 20-pages analysis concludes (translated, orig. German):

“We are highly delighted that no apt expert could be won over for this morally questionable operation…”

Merkel might want to ask Putin next time.

–

FAZ, “Der deutsche Staatstrojaner wurde geknackt”

CCC, “Analyse einer Regierungs-Malware”

Frank Rieger, FAZ, “Anatomie eines digitalen Ungeziefers“

★

If it fails, the blame will be on Germany. … All eyes are on Berlin. There is a strong, if silent, expectation in European capitals — as in Washington — that Germany will not forget its historic obligation to those who helped it rise out of the ashes of World War II and reunite.

… and pulls a Schmitt (Carl, that is):

First and foremost, Merkel and Sarkozy can and should declare that the euro zone is in a “state of emergency.” This would allow them (…) Although this would require revising the Lisbon Treaty, a state of emergency would make it possible to take action immediately.

…and asks to give the Germans some boots that are not made for walking:

Germany will only agree to the introduction of eurobonds to spread the responsibility for government debt across the euro zone if sinning countries can be punished.

★

1. the show-off doctorate with little scientific value and
2. the real scientific doctorate based on dissertations that actually contribute to scientific knowledge.

The show-off doctorate is the product of the high social value of a doctorate in Germany, incompetence, co-optation or naiveté (in dubio pro latter) of supervisors and university bodies conferring doctorates, combined with some trickery of eager climbers. Resigned Defence Minister Guttenberg’s thesis figures as the poster boy’s example of such an doctorate:

Instances of plagiarism by page in Guttenberg’s dissertation (white: none; black: instances found; black: instances from several source found; blue: ToC, bibliography, etc.)

These two types of doctorates are at times hard to distinguish for an outsider, cannot be easily told apart, and you can’t easily judge whether its holder had opted for track a or track b unless you’ve dived a bit into his/her writing. A glance into his/her CV might give further clues: a high profile career while pursuing the scientific project is somewhat indicative of track unless the holder is amongst the few blessed with an über-IQ or steely determination and iron discipline.

The scientific doctorate is a prerequisite for the scientific path. It usually requires the usual set of articles, presence at conferences, a decent dissertation (occasionally a set of articles in respected journals). If you want to apply for an academic position in the future, these deliverables usually are sine-qua-nons. Yet, there is obviously a no-idea-how-tiny number of holders and aspirants of a doctoral degree who are not driven by intellectual curiosity, the joy of playing with thoughts and ideas, the challenge of hiking your personal scientific Himalayas.

A doctorate, either show-off style or based on a scientifically valuable dissertation, appears to significantly ease your rise through corporate and bureaucratic hierarchies and are almost as much a prerequisit

Some disciplines have acquired doctoral standards which are amazingly ridiculous regarding their requirements compared to most disciplines. Most prominent examples among these are the medical studies. The current German Minister of Economic Affairs and Technology, Vice Chancellor and head of the pro-business/small-state party FDP, Philipp Rösler, was awarded with a doctorate in medical studies (Dr. med.) for his dissertation on cardiac fibrillation. It’s a brief paper with just 40 pages of self-produced text – common procedure in medical science. Friends of mine had written the dissertations for their medical doctorate even before they graduated, just like Rösler.

Next to some serious doctoral research, economics and judicial sciences have a reputation for accepting rather “practice-oriented” theses for awarding doctorates. Larger consultancies and law firms offer special career tracks, allowing their employees to reduce their workload for a couple of years or take a year or so off if they agree to stay with the consultancy for a couple of years after that. Whether these students are beneficial for Universities’ external funding is beyond my knowledge, but one wouldn’t be surprised. It’s not that these works are necessarily bad readings, they are just pretty similar to what you can expect in good master theses. But

The fallen star of German politics, former Defence Minister Karl-Theodor zu Guttenberg, might have been supported not only by social networks during his PhD project. The faculty of the University of Bayreuth (right, that’s the Frankonian Wagner town), which was to later award him with a summa cum laude doctorate, was donated roughly $1m by that very hospital holding in which his family back then held a share of a few hundreds of million Euros.

Academic-based social prestige in the US is a function of the position of your university in national rankings. With the rather flat status-hierarchies between universities in Germany, additional cake-icing social prestige comes with a doctorate.

Ever dared to register with the German website of Mercedes-Benz? I have yet to see anything more hilarious and telling about the non-monetary dimension of social prestige. Many positions in businesses informally require a PhD. The percentage of PhD holders in higher positions in politics and corporate boards are substantial. Hence, there has been a strong incentive to pursue a PhD project if you are heading for upper, let alone top positions in politics, business or justice. At the same time and unless you’re not lacking intrinsic interest in the topic you are covering, the incentive is to save as much work as possible to get the thing done.

The strategy of the current German Minister for Family Affairs, Seniors, Woman and Youth, Kristina Schröder, – as a PhD student she was MoP in the Bundestag and member of the Hessian state board of her conservative CDU party – , was to use the support of the staff of her doctoral father, a prominent TV talking head. As far as we know, her professor’s staff conducted much of the empirical research which consisted of sending out interview forms to her conservative MoP colleagues, entering data into SPSS and presumably conducting some statistical analysis. Outtasking these activities was, according to the President of the University Mainz, in compliance with the University’s doctorate regulations.

So, it has always been pretty easy to earn a easy doctorate in Germany. There three recommendable ways:

1. You go for medical science.
2. You enjoy the dedicated support by a professor and his staff (which probably requires special emotional, monetary, career or network value of the PhD student for the professor).
3. You make use of the fact that de-facto only your two supervisors decide about whether your dissertation is accepted or not, e.g. by choosing an internet-averse professor with little knowledge about current plagiarism techniques.

Despite these facts allowing an aspirant to go after a cheapish PhD dissertations and much to my surprise, we are currently observing a wave of what is ironically called “dissertation domino” (cf. logo of doktorarbeitendomino.de besides). Some stunning cases of plagiarism in PhD theses have emerged since February this year:

• Defence minister Guttenberg as the most prominent and incredible case. (63.8% of all lines of his dissertation were apparently plagiarised)
• Silvana Koch-Mehrin, Vice president of European Parliament, member of Board of pro-business FDP, has just stepped down from all her political offices but her membership with the EP. Case under investigation by her university.
• Veronika Sass, daughter of former conservative Bavarian Prime Minister and Chancellor nominee, Edmund Stoiber (beaten by chancellor Gerhard Schröder in the latter’s famous 2002 anti-Iraq-war election campaign), was deprived of her doctorate.
• Georgios Chatzimarkakis, Member of European Parliament, FDP. Case most likely to be investigated by his university.
• Matthias Pröfrock, Member of Parliament of Federal State Baden-Wuerttemberg for conservative CDU party, former personal assistant to then Minister President (equivalent to Governor in the U.S.) Günther Öttinger (now European Commissioner for Energy). Case under investigation by his university.

The plagiarism in theses dissertation have not been discovered by the faculties granting the doctorate degrees or their supervisors, but by a buttom-up, self-organized internet community, using IRCs, wikis and several plagiarism detection tools to conduct and coordinate their work. Given the high profile of their inquirées, the results of the GuttenPlag and VroniPlag plagiation detection communities (named after the aforementioned minister Guttenberg and Veronika Sass) have been covered in national and international media. While most of the participants in these communities act anonymously, they have nevertheless talked about their motivations for supporting plagiarism detection communities with a number of media outlets: to deter future plagiarism and cheap-riding; counter the devaluation a PhD as a scientific degree; reestablish a system of granting doctorates solely based on meritocracy. Some aim destructing an alleged corruptive proximity between non-scientific elites in politics, business, jurisdiction on the one hand and science on the other. [1]

What’s the future for cheap-riding doctorates in Germany? As a reaction to the plagiarisms, calls for a departure from the current supervision system emerged, e.g. graduate schools like in the US, enlarged supervisory bodies like in the Netherlands, external revision of dissertations marked with *cum laude. A doctorate still serves a social prestige-enhancer and will probably continue to do so in the future, even if the doctoral domino goes on for while and bury the careers of a few more black sheep. Furthermore, a PhD way more accessible for German upper-mid-to-upper classes than for lower-to-lower-mid classes. The cheap-riding track has served those extremely well who knew how to ride the wave: functional elites in politics, business and jurisdiction. It hasn’t served well the national and international reputation of German academia, hence the harsh reaction of universities against their former PhD students (while leaving their plagiarism-ignorant supervisors untouched) and the almost unified outcry of the scientific community after Chancellor Merkel’s reasoning for not firing Guttenberg at the beginning of the emerging issue: “I didn’t hire him as a research assistant.”

The immediate effect of the ongoing uncovering of plagiarism for cheap-riding doctoral aspirants is that the ghostwriting path is closed. It might change again when a trustworthy and independent quality control segment emerges to discover potential plagiarism by your ghostwriter emerges. (Irony tags on: Players in the ghostwriting market and their customers should have a look into the sophistication of the cybercrime business.) The highly increased costs of bad ghostwriting (due to higher risk of detection by plagiarism detection communities) substantially increase the direct costs of ghostwriting. (Many assume that Guttenberg and Sass had hired Ghostwriters given their ridiculously large number of continuous, uncited quotes.) Hence, after GuttenPlag & Co., cheap-riding your dissertation will become a bit more expensive.

The least expensive cheap-track possible will most likely be the one chosen by Minister Schröder (cf. way #2 mentioned above). It is especially recommendable if you manage to develop a research framework that allows the outtasking a large chunk of your empirical research to third persons. As many will know, developing a research framework is one of the hardest part while conducting a genuine research project. Luckily, some doctoral fathers and mothers will suggest a nice research design or allow you to go trotted paths and reuse existing research frameworks, maybe in a slightly altered fashion and apply it to different empirical topics, while tedious empirical data collection and analysis is conducted by some cheap staff. So after all, it’ll be not that bad for the cheap-riders and their networking supervisors.

The existing cheap-riding tracks will not be closed entirely. It will exclude simplistic plagiarism, sure. It will probably not exclude master-thesis level doctoral dissertations that otherwise strictly adhere to scientific standards. And it will not deter networks from supporting their protégées during the latters’ scientific interlude.

———

[1]: “Die Wissenschaft ist unser höchstes Gut”, Deutsche Welle; Unterwegs mit einem Plagiatsjäger: Suchen, finden, stürzen, Taz; Jagd auf Plagiatoren: Die Scanner, Faz  

It has a staff of mere 10 members, 6 of which from BSI, 2 from the domestic intelligence agency (Bundesamt für Verfassungschutz), 2 from the Federal Office of Civil Protection and Disaster Assistance. The most senior position appears to be the ‘Speaker’, held by the BSI president, which might imply that the Centre is just a department of the BSI or a trans-organisational task-force rather than a distinct organisation. The Centre’s task is to share information about incidents, vulnerabilities, forms of attacks, categorise incidents, detect vulnerabilities and propose activities.

In addition, Berlin plans to set up a National Cyber-Security Council under the auspices of Merkel’s ICT advisor. No details reported here, but is sounds like a discussion group bringing together government, industry, security bureaucracy, telcos and the like.

The main function of Centre and Council likely is to gather information and data related to internet security and to provide decision makers in politics with timely recommendations how to proceed in this new field of internet security governance. Kind of a national über-CERT. But we have no details here, alas.

Noteworthy for students of internet security governance is the institutionalisation of collaboration between technical IT security experts and intelligence. Previous large-scale dDos attacks have shown that technical side can get the upper hand over attackers if intelligence manages to provide information about them.

But the main issues are not dDos attacks or similar obstructive attacks. Espionage, especially for economic purposes not only between China and the West, but also among Western states, has alarmed policy makers and media alike. Early February, Germany’s leading conservative newspaper FAZ wrote in an article caption “A Worldwar“: “As Western allies spy Germany day in, day out, one or another cyberattack could be attributed to them.” Stuxnet was allegedly developed by the US and Israel.

The mentioned article has an example of another trend in internet security governance: A call to arms for internet security experts. We’ve heard that before. In Tom Friedman’s 1998 “Techno-Nothings” column. And more recently in the Estonian Cyber Army concept or in Richard Clarke’s book “World Wide War.” Looks like politics is approaching those communities indispensable for internet security. Only the modes of approaching differ: sometimes careful, sometimes clumsy, and sometimes coercing.

Quantitative analysis of computer security incidents is a terrifically meticulous job. It’s so laborious that useful, reliable, scientifically secured information and knowledge hardly comes from studies done by some small security consultancies unless these studies are a spin-off of larger academic research endeavours. (Which is, of course, a not scientifically-based assumption, too. But anyhow.) If you want to have a look at a prime example of quantitative botnet analysis, download Hadi Asghari’s masterful Master thesis on “Botnet Mitigation and the Role of ISPs” finalised earlier this year. You need to go great length to secure your empirical findings, and the model of measuring botnet and spam activity of ISPs used in the thesis is currently top class. Another good example is a paper that my Delftian colleagues presented at a workshop at Harvard University in June: Van Eeten, M., Bauer, J., Asghari, H., Tabatabaie, S., & Rand, D. (2010). The role of internet service providers in botnet mitigation an empirical analysis based on spam data. (pdf)

When a researcher runs into a figure as peculiar as those eleven percent of global C&C servers allegedly being hosted by a single German ISP, you should start thinking seriously about your data sources, conceptual model and about interfering factors that might render your findings useless – or support it. Empirical findings need to be embedded in qualitative discourses – and vice versa – to be societally useful and help us understanding societal and technological complexities.

I asked Hadi whether he had some figures in his raw data set that could show how 1&1 actually performs botnet-wise compared to some other German ISPs. His data set isn’t quite designed for the task of building the numbers to answer which national ISP is best at anti-botnetting. But anyhow. I used the data to calculate a ratio of the number of unique spam sources over a year and the number of subscribers to the services of the network operator. Sounds like a reasonable approach to allow us comparing different ISPs, doesn’t it?

So, how is 1&1 doing in this playful number-crunching? Have a look at this chart, showing the ratio of unique sources of spam to subscriptions.

Doesn’t this, a day after you could read the headline that 1&1 was the top global botnet C&C server hoster, scream for another headline: “1&1 among the most botnet resilient ISPs worldwide”? That impression might, however, just as well be caused be a little error in organising or dealing with the data – or by using it for purposes it was not intended and originally used for. Hence, before you start blaming individual ISPs for allegedly being among the best or worst, consider the methodological complexities involved in building and interpreting statistical data. The literature mentioned above serves as a good showcase how this is done right.

—

Update: 30.10., 9:50: There were some misunderstandings on how to interpret the data listed above before. Hint: Certainly not as scientific, rigorously peer-reviewed findings suited to judge botnet-resilience on the level of ISPs. I used it to build the chart, which i used to build the main argument: be careful what you read into statistics and graphs.

However, the German national ICT security agency (Bundesamt für Sicherheit in der Informationstechnik, BSI) and the association of the German internet business, eco (Verband der deutschen Internetwirtschaft), have cooperated on botnet issues at least since October 2008.

A workshop on botnets in early February 2009 addressed topics such as data-exchange between ISP regarding information from systems such as honeypots, abuse systems, spam traps (email analysis), DNS analysis, IDS/IAS (anomalie detection) or harmful websites. This information provided by ISPs could then be complemented with external data sources. Given the lack of published data, it is not clear which techniques ISPs actually use to exchange data today.

Another workshop on botnets, obviously organized by eco, took place in early February 2009. One of the speakers was Frank Ackermann, senior legal counsel to eco, who talked about judicial aspects of botnet fighting. According to Ackermann, “ISPs are interested in moderate filtering” of spam. Thus, politics should be discouraged from strict anti-spam regulation.

The programme of another joint eco-BSI workshop, the 7th German Anti Spam Summit mid-September 2009 on conficker, has sessions like “Status Quo central botnet disinfection call center DE” and “Legal Guide on Technical Approaches against Botnets” listed. According to the programme, Dr. Lothar Eßer, Head of Division Internet Security of BSI, also attended this session.

In late November 2009, eco mentioned in a summary of their IGF09 activities that it is going to build a “Botnet Disinfection Center” in a joint effort with BIS and several providers.

So, Germany will get it’s public-private anti-botnet center. According to eco’s press release, eco and BSI will establish a user-support center. ISPs will forward customers with infected machines to a website which provides tools and descriptions for removing malicious software from their machines. In addition, users with infected computers can call a special hotline with experts assisting users in removing harmful software.

—-

Upd. 9.12.; 16.12: changed headline, added the paragraph with eco’s press release; corrected typos