Franklin Paxson Savage

An Inquiry into the Nature and cause of the Wealth of Internet Miscreants
--------------------------
Observed an IRC channel.  Took a look at number of credit cards arriving, tried to quantify global users, tried to formulate an estimate of cost.

Proposed countermeasures: sybil attack to create lemon market and slander attack to discredit honest users.

Doubts about how practical these are, who is going to carry out this vigilanteism.

Doubts about pricing on page 12.  Give no explanation of pricing (done by random sampling + manual extraction).  Where do variations come from, why was Feb so low?


Questions:
----------

Suppose we are law enforcement agents.  Can't affect demand but can increase supply which will reduce price.  Create honeynet as a compromised set of hosts...

Could've looked closer at repetition of credit card numbers, is it same user in different channels/same channel? or is it multiple users/multiple channels (trying to free-ride)

price decreases quickly with time (cards used up/flagged, resold).  Do top hackers make majority of money and others are just "business people" who are reselling data?  
Can we identify the real attackers who are supplying this data to the "business people"?

When reputation matters, should prevent sybil attack?

Can we model user behaviors in this market using economic incentive models?