Slashdot Mirror
Aussie Bill Would Ban Hacking Tools, Virus Code
rtscts writes: "The Australian govt. is at it again: 'Under the bill, which proposes seven new computer offences carrying jail terms of up to 10 years, it is illegal to possess hacker toolkits, scanners and virus code.'" The bill is called the Cybercrime Bill 2001; according to this article, it "does allow the Defence Signals Directorate (DSD) and Australian Security Intelligence Organisation(ASIS) to hack legally. It also forces companies by law to reveal passwords, keys, codes, cryptographic and steganographic methods used to protect information."
I think you can define "hacking tools" anyway it suits them. The sky is the limit.
I'm not from Oz, but if such a law was passed in my own country...
Prosecutors would suddenly have more scary and realistic threats to wave at caught vandals in court. This is fine, if you make the (unfortunately dubious) assumption that the state is able to effectively distinguish between malicious vandals and the merely curious.
As a side effect, occasional sad legal misfirings might crop up as security and IT professionals run the risk of being mislabeled as criminals.
This comment addresses only the criminalization of hacking tools, not the law's other measures.
The offense is in section 478.3, and is entitled "Possession or control of data with intent to commit a computer offense":
478.3 Possession or control of data with intent to commit a computer offence
(1) A person is guilty of an offence if:
(a) the person has possession or control of data; and (b) the person has that possession or control with the intention that the data be used, by the person or another person, in:
(i) committing an offence against Division 477; or
(ii) facilitating the commission of such an offence.
10 Penalty: 3 years imprisonment.
I think the key here is "intent". To be convicted of this offence it would have to be proved that you intended to use them to commit a crime. A security specialist would have a legitimate reason to possess such tools. I have some myself.
Certainly it could be worrisome, but it's no worse than the existing law which makes it illegal to carry burglars tools -- a crowbar is not illegal, but if you are caught with one prowling the neighbourhood then you could expect to be in trouble!
"We do it for the Children" (tm)
Thank the US Supreme Court. They prevented a high-jacking of the Florida election! The Dems would have won Florida if their county rep hadn't been caught illegally possessing a Votamatic so early in the evening.
Well, the cops can just say posession itself proves intent. Like in California posession of 'burglar tools' in itself may constitute proof you were going to use them for burglary.
Many people would agree with this. Are the cops supposed to wait around until a guy with a crowbar actually prys open a door?
My answer is probably yes. The dangers of implied motive are subject to hysteria and abuse. The fire chief in my town was arrested for having bomb-making materials. The materials? A collection of plumbing pipes in his garage.
We love you too. That's why we bailed you guys out of two world wars. And we even forgave all your war debts too.. except for FINLAND, which has the DECENCY to pay us back.
We're serious about loving you guys though... after all alot of us came from Europe. Fleeing oppressive regimes and starvation, that is.
I suppose you're probably FOR having hacking tools though. How Ironic.
"What luck for rulers, that men do not think." --Adolf Hitler
"Politically popular speech has always been protected: even the Jews were free to say 'Heil Hitler'". .
-- Isaac Asimov
". . . the most brilliant propaganda technique will yield no success unless one fundamental principle is borne in mind constantly and with unflagging attention. It must confine itself to
a few points and repeat them over and over. Here, as so often in this world, persistence is the first and most important requirement for success.
". . . a slogan must be presented from different angles, but the end of all remarks must always and immutably be the slogan itself.
". . . At first the claims of the propaganda were so impudent that people thought it insane; later, it got on people's nerves; and in the end, it was believed."
-- Adolf Hitler, 'Enemy War Propaganda', MEIN KAMPF
Doesn't this sort of make Unix illegal? I mean, every unix I've heard of pretty much comes with a suit of network utilities, of which scanners are a usual componenet.
Isn't it interesting that at the same time the .au government is pushing to give its thugs, sorry, security forces, the right to attack systems, so are the governments of .uk and .nz. And the FBI is pushing for Carnivore.
Don't you love the governments of the "free world" conspiring to legalise attacks on the citizenry by covert organisations?
A search on Google for Tierney Gearon will reveal the fuss in the UK recently about some innocent holiday-type snaps of kids being (temporarily) deemed as indecent. Gearon is an artist, and these photos were included in an exhibition at the Saatchi gallery.
Although the charges were dropped, it did temporarily open the possibility of almost everyone having indecent photos in their possession.
The best part of it all, was The Guardian publishing the photo in question in full colour on the front page on the first day of the fuss, when this photo was still being called indecent by the authorities. I was impressed they were willing to so dramatically state their position and hold firm.
What would happen if press releases from big time professional and other groups were to just take off the gloves, and brazenly engage in terminology like 'inane', 'stoopid', 'brain-damaged', 'moronic', and 'retarded'?
Methinks that might bring the message home to the public much more effectively.
Screw diplomacy, people. This Is War!
Brak: What's THAT?
Thundercleese: A light switch.. of TOTAL DEVASTATION!
Child pornography is very different. The reason: the making of child pornography pretty much by definition involves one of the most hideous abuses of another human being possible: sexual exploitation of a child.
Now, before you say "why not just go after the makers?" consider this: child porn is not given out for nothing. Usually it involves paying money. Other times it's done in a trade. Even if no cost is involved, you're showing demand for the stuff. So by obtaining it, you've financed the operation, directly (by paying money) or indirectly (by providing more goods, which can later be sold, or by showing demand, which motivates further production). Under most legal definitions, that would make you an accomplice or accessory to the crime. That seems to be a fair enough reason to criminalize the stuff.
Now, things do get stickier in the case of hand-drawn or computer-generated child pornography, in which case it's quite possible (even probable, in the case of CG) that no living beings were ever used in the creation of the work. I don't know if this has been tested in a legal system or not. It would be interesting to see the results of such a case.
----------
"What do we have here? A scanner! You finally slipped up, junior. Take him away boys."
ENDUT! HOCH HECH!
Further yet, is it illegal for you in the US to make available hacking tools to Australians? (Legislation is pushing that way, yes?) If not now, might it be soon?
David E. Weekly
David E. Weekly
Code / Think / Teach / Learn
h4x0r for
That makes it sound as though instead of hauling away everything you own that has anything to do with computers (and eventually auctioning it off and pocketing the proceeds--that's why they seize the speakers and monitors and power cords and keyboards, they get more money selling compete systems), they could just copy everything you have on any and all storage media, and crack into it back at the station house, without leaving you unable to persue any legal and legitimate computer use. After all, you might be innocent, and this way they inconvenience you the least while still investigating.
Unfortunately this makes sense, respects individual rights, forgoes photo-ops of officers rendering the "danger to society hacker" impotent by taking away all that "sophisticated hardware" that was no doubt financed by selling drugs and dirty pictures to pre-schoolers, and creates less opportunity to augment department budgets with auction proceeds, so don't hold your breath.
I see even classic Slashdot is now pretty much unusable on dial up anymore.
There's also a Senate Legal and Constitutional Committee inquiry into the legislation, at:
2600 Australia will be making a submission to this committee. If you'd like to discuss this legislation prior to our submission (which must be lodged by the 20th of July), please join the 2600-law mailing list, by sending an empty email to 2600-law-subscribe@wiretapped.net. There are also public hearings in Sydney on 19th July and in Canberra on 9th August.
...at least, it's a DDoS client in two lines if you don't have the latest patches for it.
Seriously, I take exception to the gummint banning the tools which I must have for making sure that the boxes I administer are secure from overseas crackers (after all, since we're every man jack of us law abiding citizens here, no other Aussies could possibly crack my machines, although it seems that some legislators are actually smoking it - crack, that is).
Got time? Spend some of it coding or testing
Just move to the best and most free country
in the world, the USA.
As a fellow computer professional, would it make more sense to you to "hack in to get my own email" as the prosecutor offered, or to believe me when I say that I was doing this to show that my former sysadmin group was failing to maintain proper security? Yeah, I thought so.
To this day, the prosecutor still claims that he doesn't understand the case. And yet, he managed to share that confusion with the jury in such a way that I'm still a felon, awaiting yet another round of appeals to support a greater common good.
Yes, my methods may have been lousy, and I certainly didn't get prior approval for what I thought would be a no-brainer, but my intent was to help the people that had paid my bills for five years, not harm them.
Are you on drugs? Please explain to me what illegal purposes people use child pornography for. Why...NONE!
Possession of it is illegal because making it is illegal. It has nothing to do with what people use it for.
And I'm glad the CSC actually looked at the laws with some sense, and said 'If the sex wasn't illegal in the first place, the result isn't automatically illegal'. I've always thought it stupid people under 18 could logically be arrested for carrying nude pictures of themselves or people they have legally had sex with.
However, this has very little bearing, as most child pornography is illegal to make, involving either child molestation or statutory rape, not to mention child labor laws and getting consent of the parents.
Regardless of that, child pornography is NOTHING like 'a tool that can be used to commit a crime', it's 'the result of a crime that has probably been commited'. It's not selling guns, a tool that can be used for evil, it's selling decapitated heads. Which is also illegal.
-David T. C.
If corporations are people, aren't stockholders guilty of slavery?
I cannot believe this dumbass pleaded guilty to this.
-David T. C.
If corporations are people, aren't stockholders guilty of slavery?
Of course, if you don't, they'll bust down the door and go in anyway, so it's easier just to open it.
-David T. C.
If corporations are people, aren't stockholders guilty of slavery?
The police cannot force us to reveal any information at all if we're a suspect, and cannot threaten us with punishment if we don't help them.
Note 'not helping' is not the same as 'actively subverting'. It would be illegal for us to, say, tamper with the contents of a safe simply because they're off looking for a way to blow it. Unless, of course, they haven't found the safe yet, and thus it's not evidence yet.
-David T. C.
If corporations are people, aren't stockholders guilty of slavery?
Um...how does the Australian government violate an American right?
-David T. C.
If corporations are people, aren't stockholders guilty of slavery?
I don't think not opening the door would open you up to those charges, but shutting and locking the door in their face might.
-David T. C.
If corporations are people, aren't stockholders guilty of slavery?
Plus all the others. However, the further implication could be it would be illegal to use anti-virus software (esp. of the adaptive kind), since they have virus signatures and whatnot...
In fact, I quite enjoy living here, thank you.
The AU Government, wishing to serve the people in it's full capacity and competence, and seeking to employ the most technically sound and logically considered data attainable, has assembled a task force of experts charged with the duty of identifying clearly and without doubt, those "tools" which are the most serious and effective aids to the operation and infiltration of computer networks by criminals.
"Our data, as set forward in our considered report, "Keep your mits on", has conclusively shown that in a vast majority, and we are making no exageration here, for we found said "tools" to be in the "hands" of 99% of not only hackers, but also criminals in general, of cases, the "fingers" were the single most pervasive means with which criminals were able to persue their illegal activities."
Citizens are free to study the newly published report, wherein they will find details of scientifically conducted tests where criminal hackers were left totally unsupervised, alone in a room, with a computer terminal, having had his or her fingers removed. The data found is so strong, that any even half-educated sheep farmer could plainly see that the chances of the hacker being able to purse a horrible and dangerous criminal activity online was rendered almost completely impossible without the aforementioned tools, the "fingers".
However, the authors of the study wish to deepen their understanding of the "hacker", and recommend a further study into some discrepacies in the data. Partiularly in one case, one criminal individual was found to have, it appears, by means of a pencil held in his teeth, to have actually operated the computer, as evidenced by the words "help me" clearly visible on the screen in an e-mail program. As already stated, for reasons of national security, we recommend further studies into the potential criminal activities of hackers armed with pencils but no fingers.
By owning a DVD you can theoretically go to jail, because you can be ordered to reveal the key that encrypts the data...
That puts most people between a rock and a hard place, because then they would have to use hacking tools (DeCSS) to get the key...
The secret of success is honesty and fair dealing. If you can fake those, you've got it made. (Marx)
ssuckss dood
Newsflash for all you gun nuts:
The government doesn't need to take your guns away to have complete and absolute power over you. Look at the insanity of the drug war:
If the government really wants to arrest you, does it matter how many guns you have?
However many you have, they will *always* have more. Having those guns just makes it more likely that you will end up dead. The only way guns protect you from an oppressive government (which the USA already has, BTW) is if the people have more firepower than the feds, something which would never happen in the USA.
Reality has a liberal bias
Auctally, no. Simon Travaglia (aka BoFH) is from New Zealand.
He used to work (Or currently does, im not sure) at the Waikato Univerisity.
The register has the latest BoFH installments.
Oh, and be careful about saying he's from Australia, your keyboard might curiously become electrified.
My email addy? should be easy enough.
You can read the Full Text and an Explanatory Memo from the Australian Parliament Legislation page.
Like Britain....
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
Their just doin' this to piss of the US until Bart Simpsons comes over and apologizes.
Can you really claim that Australia is that much worse off than we are?
--
--
Do I look like I speak for my employer?
For those who are interested, the full text of the bill can be found here. (Junkbuster users: it requires cookies to be enabled in your browser.)
She seems to be considerably better informed than the current minister for telecommunications and IT, Richard Alston. I hesitate to use such strong language, but the best way to describe Alston is to call him a menace. (To be fair, I expect that term can be used for most people with a cabinet position, but I'm not sufficiently qualified in their areas to describe them as such.) Anyone with the ability to sound authoritative about something he knows virtually nothing about is a dangerous person indeed. Doubly so when that person has authority in that area.
I read recently that the Labour party was considering coming out in favour of open source. However, the statement I read seemed to be entirely content-free, or at least entirely non-commital, certainly not a sufficient reason to vote for Labour.
It certainly is a discouraging situation, all the more so because I haven't a clue what can realistically be done about it.
--
You're a suburbanite.
A question to the australian slashdotters:- ----------
Do you like living in a fascist country?
---------------------------------------
-------------------------------------------------
Programming is good for health
Amazing. Beyond having their privacy trampled by these "cyberterrorists," Australians will lose privacy to their self-proclaimed benevolent government, and time in jail for anyone who dares keep a suspicious shell script on their private hard drive -- hell, the hard drive really isn't your property anymore if they can demand all the information off of it.
Wake up, Australia, these swings at your liberties do not deliver their promised safety. Don't let them live your life, or deny you your basic human dignities.
Learn english, dumbass.
.. someone read the article and realized that they are already acknowledging that system admins and other professionals need "hacker tools" and before the bill is accepted, there would be adjustments to the bill because of this very reason.
Also, if you encrypt your hard drive, then get somehow arrested for say.. distributing child porn, the police would tell you to give them the key to open the encryption. If you just say "nope.. I won't do it", I'm pretty sure you get into a lot of trouble in ANY country - not just Australia. You SHOULD be in a lot of trouble too!
So what is it that is so bad about this bill? And YES I've read 1984 and NO, this is nothing like that.
Our mission against black hat hacking is problematic enough. The single best tool we have ever developed to keep hackers out is the openness with which techniques of hacking are discussed, and the sharing and free distribution of those tools.
Aside from the obvious difficulties in the application of the law, which invites unbalanced and unreasonable application by clueless authorities, the primary harm of this law is the obvious chilling effect that it will have on promoting the progress of anti-hacking technique.
It is only our prodding and poking at our own systems that keeps us as many steps as we are in front of (or behind) the hackers as we may be. Only by "standing on ye shoulders of giants," can we hope to adequately understand and to secure our present systems. If our giants are hidden or made contraband -- then we are left to the mercy of those who live in more (or less) enlightened societies.
In short, hackers have never had so good a friend as the Australian government. A nation disarmed for the picking by those who are not blinded by their own ignorance.
If we outlaw hacker tools, then only hackers shall have rootkits.
Dude, take some valium and pull your head out of your ass. . . . Leave the law to the lawyers, because if you, timothy and taco got together and worked real hard on it, you'd be able to understand enough of it to get yourselves laughed out of court.
I may indeed have my head up my ass, but I also have the law degree and techno-litigation experience you seem to require. If you have an argument on the merits, feel free to show where you think I was mistaken, and we shall see who is making the frivolous argument. But until you do, why not leave the name-calling to yourself?
Right in theory, but you overestimate a jury's capacity to see possession of a "hacker tool" as a salutary and ordinary thing, such as holding a kitchen knife.
Again, the issue is whether possession of the contraband will be deemed by an average juror to evidence an intent to use it. (It will, 99-100% of the time.) Then, whether the juror will understand *and* buy the testimony from experts suggesting that one doesn't use hacker tools only to hack evil, or buy or be confused by the clueless prosecutor who represents the state.
Then, weigh whether you are willing to risk your freedom and liberty to discover the answer, or accept a plea and do whatever the state requests.
So I guess we're in more trouble than I originally thought. :(
That's all I'm saying. If we make possession of hacker tools illegal, only criminals will have rootkits.
Most crimes have both a factual component (actus reus) and a state of mind component (mens rea). The Mens Rea for a crime may be intent, knowledge, recklessness, negligence and at times (such as for statutory rape) strict liability.
In theory, a state of mind must be proved just as the factual elements, beyond a reasonable doubt. In practice, a jury is instructed by the judge that they may infer intent from any of the circumstances in which the crime was committed. Unless the defendant takes the stand in her own defense and convinces the jury to the contrary, and thereby submitting herself to a blistering cross-examination, the prosecutor will simply ask the jury to ask themselves any number of rhetorical questions.
Mens rea is a non-issue. With enough stuff on your disk, intent can be "proved" by twisting circumstantial evidence to the satisfaction of the jury. To a jury -- the mere fact of the trial is taking place evidences (which would not otherwise be admissible) the proposition that the government thinks the defendant is guilty.
"with intent" is better than strict liability. But in practice, its grievously dangerous. Anyone possessing tools is ultimately at the mercy of the whim of the authorities. The cost of a criminal defense (which no intelligent person, however good an advocate, should attempt to do by themselves) will never be compensable and can itself be more ruinous than any fine.
In short, this law an authoritarian nightmare -- it serves no good purpose, will actually chill productive anti-hacking technology.
welcome to the information super outback!
ban keyboards?
That would dramatically cut down on computer misuse.
-
The EFA hasn't updated its web page since the last time slashdot beat it to the punch. I know someone who is actively involved in the EFA. He calls it his "hobby" and hasn't done shit in a long time.
How we know is more important than what we know.
other people have done such a better job than me. Read my post again, it is my brain and I will recall what I want to recall. Until my local police head back in time and reinstate the inquisition they wont be getting my pass phrases, or anything else in my head that I chose not to give up -- and even then, they'll get a fight. What dont you understand here? It's the ultimate violation.
How we know is more important than what we know.
shoddy journalism at its best here folks.
How we know is more important than what we know.
just ship them half way around the world to build your railroads, tend your farms and be discrimated against after you finally figure out that slavery is wrong.
How we know is more important than what we know.
Dont you think for just one moment that this bill provides a provision that says "excluding registered computer virus researchers", like every other computer related law on the books in Australia? Anyone who knows anything about the antivirus industry knows full well that it is a cartel. Symantec and the other members of CARO would like nothing better than everyone else to be excluded from antivirus research. It helps them maintain their power. As for the bill itself, have you even read it? If so, I would really like a copy cause yet again an online "journalist" has failed to provide basic references. Please dont tell me you're forming your opinion on the three lines printed in the article or the poor attempt at a sentence provided in the summary on Slashdot.
How we know is more important than what we know.
Actually, the article doesn't say anything to this effect.
"The price of freedom is eternal vigilance." - Thomas Jefferson
When the Aussies bent over and allowed their government to disarm them, they should have expected one measure after another to deprive them of their liberty.
The only thing left to do is emigrate, mate!
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
>If they are single purpose cracking tools they can IMHO be banned.
A few years back, I was the manager for Data Security for KPMG's electronic commerce group, and I can attest that there is indeed a legitimate use for any cracking tool you can name, even the DOS hacks.
I routinely use cracking tools to probe my own systems, since I have exactly ZERO confidence that script kiddies will leave me alone just because there's a law against what they're doing.
One obvious legit use of a DOS hack is to test your firewall, and make sure it doesn't just crash when it gets way more traffic than it can handle.
When governments think they can prevent behaviour just by passing a law against it, I simply refer them to all of the drug wars we've ever had.
If we want secure systems, then what we need to do is tell all of our governments to FUCK OFF and quit trying to legislate an engineering problem.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Australians are descended from the finest minds of the British Empire.
Sacred cows make the best burgers.
Australia doesn't have a mainstream party which is more socially conservative than the US Republicans. It just sometimes seems that way. :-)
The Australian Liberal Party is actually much closer to a European "conservative" party: close to the US Democrats, but a little more conservative. The closest thing we have to the Republican party in Australia is the National Party, whose support is mostly from rural areas. The problem is that when the Liberal Party is in power, it's almost always in coalition with the National Party, so coalition governments often pass National Party-esque laws such as this one.
sub f{($f)=@_;print"$f(q{$f});";}f(q{sub f{($f)=@_;print"$f(q{$f});";}f});
We all have to stop and admire how paranoid governments are getting which is clearly demonstrated through all their so called tough new laws. Paranoid I say because they never seem to get it right, and oppression of that nature (of information) is likely to lead to higher incidences of anarchy. e.g. Mischievious teens with too much time on their hands are now sentenced to ten years for learning about computer security... Guess that profession will be out of the question there.
I wonder what would/can the AU government do to say someone who has a shell in another country and performs `scans` and runs a security based website with Virii as content? AU laws definitely don't apply here so I don't see what they intend to do when instances like these arise. Wouldn't it be sort of similar to someone leaving AU and moving to another country? So what do they intend to do, shaft someone in hopes no one notices. (trust me it happens)
Aside from that who cares if a provider tells encryption methods. Create a PGP key on your machine, in fact create 2 signing keys, your provider can surely know you're using PGP, now should any message you send be decrypted by anyone other than the recipient, the entire security world would be turned upside down, and cypherpunks would be hitting the keys to create the next best thing.
Want Root?
The Australians and British are now defenseless against their governments. The governments took their guns and can now legislate anything the legislature wishes without fear of reprisal from the people. There are those in the US, that dream of being able to rule with such power. It is the guns in the hands of law-abiding citizens that these people fear, and they are relentless in their crusade to disarm the American people. To turn us into subjects, serfs, or even slaves.
If you allow these people, like Sarah Brady, to steal your unalienable right to keep and bear arms, then how will you defend your unalienable right to freedom of speech or religion? Your unalienable right to be secure in your home? Wake up America. Vigorously defend ALL of our rights now, or lose them one by one.
with hacker tools such as the hex editor and the scientific calculator banned, how would you teach comp sci at uni?
seriously tho, the bill would probably not be passed in its present form, given the many obvious problems with it.
the main problem is that the it ministers on both our major parties have no clue. in fact, i'm not sure there's a single politician here who has a clue about IT. at least none that has spoken out in public
---
Hey I remember a time when there were actually liberals in the Liberal Party. Now they think more of ideology than people. I think the litmus test for me was when I realised that over the decades the Liberal's cure for unemployment was always the same, cut the payments, even though the reasons always changed ... doesn't take much knowledge about logic to realise how stuffed that is.
... must get a special bottle of red out to celebrate!
Anyway, come the next election is pay back to time to this bunch of losers. Roll on election day yippeee
Peter
Bitter and proud of it.
The only people that the passwords are revealed to are the proper authorities, and to get them revealed they need a court order, which you have the right to respond to if you please. Even then I do not think that the way the actual law is phrased is enough to cover the giving all passwords. It basically says you have to give enough information when ordered to do so by the courts to allow the information stored on your storage device to be converted to documentary form, which afaik is not defined. I would legimatly expect that I would be able to argue that the encrypted data is in fact still in documentary form, and is still information for the purposes as defined by the bill.
However the promises of Kim Beazley for affordable broadband for all australians in the next few years sounds pretty good to me, hence that's where my vote is going.
Not likely considering the attention that the DVD zone system is getting from the ACCC over it's anticompetitive practice of defining markets of sale.
tis only through a court order that passwords etc can be gained, and only when it has been established that there is a resonable suspicion that the encrypted data contains malicious ... which can only be reached by acting with a warrant in the first place.
gotta love people who check acronyms: Australian Security Intelligence Organisation(ASIS).
AFAIK ASIS stands for Australian Security Intelligence Service. ASIO stands for Australian Security Intelligence Organisation. I am not sure how the two are related. Someone please enlighten me.
The very fact that credit card companies in Australia now legally do not have to pay any bills that an online gambling company sends them should pretty much make it safe to bet that online gambling sites will self regulate themselves on this matter. So the government does not need to regulate the overseas gambling, as they have realized a way of ensuring that the companies will do it themselves.
I believe your query is in reference to this part of the law which clearly states that there is an intent element to the offence. Encryption is not illegal and is not really anything to do with this bill, except for the surrendering of keys part (with a court order though)
478.3 Possession or control of data with intent to commit a computer 3
offence 4
(1) A person is guilty of an offence if: 5
(a) the person has possession or control of data; and 6
(b) the person has that possession or control with the intention 7
that the data be used, by the person or another person, in: 8
(i) committing an offence against Division 477; or 9
(ii) facilitating the commission of such an offence. 10
Penalty: 3 years imprisonment. 11
(2) A person may be found guilty of an offence against this section 12
even if committing the offence against Division 477 is impossible. 13
No offence of attempt 14
(3) It is not an offence to attempt to commit an offence against this 15
section. 16
Meaning of possession or control of data 17
(4) In this section, a reference to a person having possession or control 18
of data includes a reference to the person: 19
(a) having possession of a computer or data storage device that 20
holds or contains the data; or 21
(b) having possession of a document in which the data is 22
recorded; or 23
(c) having control of data held in a computer that is in the 24
possession of another person (whether inside or outside 25
Australia). 26
IAJALS (Just A Law Student), but no we do not have a bill of rights in australia, about the only right that we do have that is written into the constitution is the right to receive fair compensation if the government wishes to appropriate our land. We have an implied right of free speech, but no actual written document detailing our rights AFAIK. Australia however does adhere to the international idea of Legimate expectations, in that we can expect certain things such as a fair prompt trial, can expect that a contract will have effect...
Interesting fact I just learnt from the senate's website is that senator As\lston does not sit on the blah blah blah and Information Technology committee, in fact he does not sit on any committees at all. Go figure.
The only thing you have here is that you cannot be charged with assault if the person you attack does not percieve the attack before it happens, but you would still be charged with (at least in australia) one or more of unlawful wounding, gbh, batterey, unlawful killing, or murder. So you still have a bit of a problem.
The aussie 2600 site http://www.2600.org.au/ has more on this issue including a mirrored copy of the bill, as well as explanatory memoranda. It also has a response to some of the issues brought up in the bill such as the fact that many of the proposed new crimes are already covered in part by existing laws in the Crimes Act.
The new offenses that are proposed by the bill are:
477.1 Unauthorised access, modification or impairment with intent to commit a serious offence
477.2 Unauthorised modification of data to cause impairment
477.3 Unauthorised impairment of electronic communication
478.1 Unauthorised access to, or modification of, restricted data
478.2 Unauthorised impairment of data held on a computer disk etc.
478.3 Possession or control of data with intent to commit a computer offence
478.4 Producing, supplying or obtaining data with intent to commit a computer offence
They are further defined in the actual bill; the url of which is posted earlier.
I do not believe in my mind that port scanning directly offends against any of the 477 crimes, the only one it could possibly apply to is 478.4, and then there is probably not enough evidence to prove intent.
The problem with that is that the arresting constable must have a reasonable suspicion in order to make a legal arrest. The quality and quantity of cops that actually know anything about what they are doing in relation to computers is extremely negligible. A reasonable defence would be to say that the cop did not understand the software and thus was unable to form a resonable suspicion as to your intentions.
that link doesnt work, it's a search that has expired. Try this instead: http://search.aph.gov.au/search/ParlInfo.ASP?actio n=browse&Path=Legislation/Current+Bills+by+Title/C ybercrime+Bill+2001&Start=4&8cD#top
also there is some more stuff on http://www.2600.org.au/
Does this mean the posession of Linux will be a federal offense? If the codebase is GPL'd and the GPL is a virus...
If I write a script that just says: "rm -rf ~ && rm -rf /" and I call it "runme.sh" and email it to somebody, is that a virus?
Is telnet a scanner? I can use it to check if certain ports are listening or not. Does a program only count as a scanner if it checks multiple ports at once? What if I only check one port at a time, I can still check all of them eventually. Is it only a scanner if it does stealth scans? If not, then I guess we'll have to make it illegal to check the return value of a connect function, because that will tell you whether or not the port was listening.
The people who write these laws are totally oblivious to their implications.
How would something like this be enforced? If there was a way to enforce it, I'm sure it would involve lots of invasion into the privacy of individuals and businesses.
SG
Banning all products that allow people to do naughty stuff computers isn't cool. Many people like Outlook Express.
And force all citizens to get a frontal lobotomy. After all, the human brain is the device from which all Evil springs.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Well it worked so well for them when they banned guns. Now only violent criminals carry and use guns. Banning hacking tools and virii code will make only the criminals have them. This is there secret plan, Power to the Criminals! Well come one! I don't have to explain their history to you do I?
Faith: Belief in Truth. Superstition: Belief in Falsehood.
The best part of it all, was The Guardian publishing the photo in question in full colour on the front page on the first day of the fuss, when this photo was still being called indecent by the authorities. I was impressed they were willing to so dramatically state their position and hold firm.
I think it's great there's still some people that got their balls left. Especially when nobody can really decide anything for themselves without actually seeing the photos. Something which is now illegal in Australia! Since when did the government get the power to neuter us?
- Steeltoe
http://www.debunkingskeptics.com/
Lawyers are interested in the same thing now they were hundreds of years ago. No, its not control and no its not fame, glory, etc. Its MONEY, aka Moolah (etc). Lawyers are proffesional whores and it is their job to beleive what you pay them to beleive. Granted they have fancy terms for that fact, but flat fact is flat fact.
The ultimate network admin tool needs HELP!
This is more than just comic stupidity. This appears to be the Aussie Liberals doing their darndest to get right smack into the same disputes that the EU and the US are having over data and privacy rights. Think about the implications this has for corporations that have connected Aussie offices to the corporate WAN. If having an Aussie office means you have to give up all hope of corporate security to the Aussie cyber cops, you're faced two options. Option 1: bet your company's IT strategy on the dubious notion that the Aussie cyber cops are smarter and/or more reliable than the morons who wrote this bit of lunacy; or disconnect the Aussie office from the WAN.
And funny thing! If that's what happens, doesn't that all of a sudden cripple the Aussie office, and give the local competition a big edge?
If the Aussies say that they're entitled to hack into the network, wherever the network takes them, they're fomenting a trade war. If they say that they're only interested in data stored in Australia, they're just going to clobber IT jobs in Australia, because every multinational will move data and jobs offshore.
When will governments learn? One of the reasons we buy door locks is to protect ourselves from the police.
Outlaw the hackers (and most especially their tools), so only approved security experts can secure systems.
Australia's going to do this next door to the Chinese info-war (internal, if you presume Taiwan is still part of China)?
This'll give bored Chinese a protected domain to crack open like an egg, at their leisure.
Wouldn't they be better off encouraging their script kiddies to keep their sysadmins on the ball?
One way or the other, it's evolution in action.
Ed Craig "Who cares what you think?" George W. Bush, 4th of July 2001
This is going to sound odd, but... how is this different from the laws (which exist around the world) banning possession of child pornography?
In neither case does the mere fact of possession cause harm to anyone, in both cases there are very real reasons why people might want to possess them, and yet in both cases they are considered "paraphernalia" associated with criminal activity (abuse).
If we're going to complain about cracking tools being made illegal when they are obviously useful for non-cracking activities, why aren't we all complaining about child pornography being illegal when it is in many cases of worthy artistic value?
Tarsnap: Online backups for the truly paranoid
Possession of child pornography on the other hand is illegal because making it is illegal.
The creation of child pornography is not necessarily illegal simply by virtue of the acts being recorded. A recent case at the Canadian Supreme Court demonstrated this clearly in striking down certain portions of Canada's criminal code provisions against child pornography.
The Canadian Supreme Court restricted the law so that (paraphrased) "creation and possession of child pornography shall not be illegal if the material depicts legal acts between consenting persons, the material is intended for personal use only, and the material is not distributed". Even with this ruling in place, the law clearly states that the depiction of *perfectly legal acts* (for example, two 17 year olds having sex) may not legally be possessed by any other person.
If the laws only existed to criminalize possession of depictions of illegal acts, that would be reasonable. Similarly I don't think there would be very major objections raised to criminalizing the possession of "cracking logs" journaling the defacing of web sites (although that would be a rather bizzare law). When material is criminalized solely based on the purposes it could be used to accomplish (the most common reason given for criminalizing child pornography), child pornography is in exactly the same boat as "cracking tools" are.
Tarsnap: Online backups for the truly paranoid
I don't know if /. just posts more stories about austalian laws than other countries or if australia is just made up of some of the dumbest legislators on earth. I just never would have expected australia to be the legislative freaks they are turning out to be. for once it looks like the best place to be doing computer work (fun or profit) is still the U.S. or maybe India (but at least the U.S. has food) Its articles like this one that make me feel better about living in a country with a first ammendment. isn't there anything similar to that in Oz? I used to want to live in Oz (kangaroos and koalas are cool. kooks aren't) I'll stay here in the U.S. thank you very much.
-
don't like posting to myself but i thought of something else. Isn't Australia just hurting themselves? what company (IT type)in their right mind would want to set up shop in Australia never knowing if the next law would ban their business. Australia may end up with no new technology companies and an even more troubled economy if they keep this up.
-
This just in...
Australia's government just arrested all workers in the IT field for hacking. The only official comment from the head of ASIS was, "Uhh, oops."
In other news, crackers defaced the government's Web site with some form of an encrypted message reading "j00 g07 0wn3d".
Yeah, actually, some American states were orignially penal colonies too, though I can't remember offhand which ones...
The only "intuitive" interface is the nipple. After that, it's all learned.
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
Yes, but realistically speaking, if your house is raided for comitting offenses relating to the use of these tools, they'll be very to find a few extra 'intent to commit' crimes to throw into the prosecution.
Among the crap technology laws they've introduced in Aus recently, this doesn't really rate, this has some good applications.
I've been posting on the net since 1994 and I still haven't come up with a good sig!
Well, the cops can just say posession itself proves intent.
Possession of a tool indicates possible intent to use that tool for one or more of the purposes for which it is designed, not necessarily for the most destructive purpose. For instance, a crowbar can be used for changing a tire, a well-written portscanner can help index the Internet by finding hosts that run a given service, and the Back Orifice package is designed to administer Windows machines remotely. Other factors must be considered.
Will I retire or break 10K?
Yes it's retarded but you get used to it.
Australian? Join EFA
The problem here is, there are very few if any cracking tools which have only one reasonable use. I'm going to take your example, DOS tools. Joe Random Sysadmin is going to be launching a site, and expecting, say, 50k pageviews/day, and wants to test whether his webserver will be able to handle the load. So he takes 50 machines around the office, and signals each of them to load the main page 1000 times. Of course, he doesn't do this by hand, he finds a tool to do it, and controls it from his terminal. What exactly is this tool doing? That's right, it's taking a bunch of machines and signalling them to flood a server with traffic, just like a DOS tool would.
What makes the difference is a matter of intent, which is extremely difficult to prove. If the user used the tool for a legit purpose, or just checked the box on a package list when installing his distro, then the tool is legitimate. If the user intended to or did use the tool for a destructive purpose, then it is not legit.
------------------
A picture is worth 500 DWORDS.
-- flossie
http telnet
flossie
Write now. Defend liberty
For what it's worth, even Microsoft realise they are hopeless. Hopefully they'll be voted out at the next election (probably later this year?), and this insanity will end.
Lock picking tools aren't illegal. I have a few myself. I also have a full set of Slim Jims left over from a brief stint working on a car lot.
Not only that, but look at netcat for an example. It is used in about a thousand ways that have nothing to do with security. However, it is also a very popular cracking tool. (same with gcc, if you take it to extremes)
Yes, but this bill means you can be sentenced for both that crime and the crime in this bill, basically doubling the sentence. In practice this means little since if a court was going to reduce the one sentence to 3 years they'll just reduce each to 1.5 years. Also this bill theoretically allows them to get somebody before they actually commit the primary offence, but in practice, since they have no way of knowing you have the software (let alone have it for illegal purposes) until you commit the offence, that doesn't change much either.
The bill doesn't make any of the things listed in this article illegal on their own - you have to be using them for, or intending to use them for, committing another federal crime. There is no requirement to divulge passwords, just to assist law enforcement in effecting the execution of a warrant. Without this they'll just seize the equipment anyway, so it's actually in the interests of the person owning the equipment to provide this assistance as it allows them to take just the relevant data.
Of course it does sound a lot more interesting to say it bans the posession of tools that are being used for legal purposes, but the bill explicitly mentions that there must be a use for, or an intent to use for, an otherwise illegal activity.
Is port scanning someone else's host illegal? Would it be enough prove "intent" to crack it?
Scanning of other hosts is perfectly reasonable for research IMO.
This bill still sux - one is a criminal after one breaks into someone else's property, not before.
It is illegal to carry knives about in public here.
What if a company wants/needs a security evaluation done by an outside firm? Are white hat consultants going to need a permit for their misc tools? ...Or are the Ausies just going to promote firms located outside of Austrailia?
You laugh, but you'll laugh even harder with this article basicly saying email is the no1 threat for australian companies.
This shows how rigid they are in their thinking. I mean, if people used propper policies and security protection, there was no need for the digital witch-hunt they are now proclaiming.
Now I don't agree with the way things are now, for instance I don't think security firms SHOULD exist, but this kind of artisanal malpractice where the trade itself corrupts and starts to sustain itself, is present in all sorts of professions. You see it in law, you can see it in the medical department of hospitals, you can see it in university research labs looking for ever more funding, and you have it in the IT world. I think this is where the real issue is.
The abuse in the profession leads to a perverse effect of self sustainability, which is ofcourse exploited without any regulatory force, usually because the knowledge in the field is a barrier on itself, preventing people to get in, unless they comply to the practices of the trade, after which they are absorbed in the system, which will take good care of them.
That's a little abstract, but to give an example, if there weren't any people hacking and cracking, there would not be a need for security. But companies are about money, and are ths subject to hacking/cracking/virus/worms etc, giving existance to security companies. And who works for these companies ? Presto, there's your self-sustainability.
And no I'm not an anticapitalist or communist, or in security or cracking or hacking or law or medicine myself, these issues have been roaming my overly concerned mind for quite some time. Considering my signal to noise ratio, this post probalby won't mean much either way..
ah well..
With great power comes great electricity bills.
Yes, we elect our upper house (Senate) We have a proportional system, with preferences, so you can put your least favourite candidate last! Voting is compulsory. All this makes Australia the world's most democratic nation. see www.aec.gov.au
The Australian Govt has been outsourcing IT in government departments.
It has been a complete failure. It has not saved any money.
What's more, it has handed our Govt It infrastructure to foreign companies. It has failed to build our local IT industry.
Even worse, the tax data collected by the govt from every Australian taxpayer is managed by EDS, the giant subsidiary of General Motors. A US multinational has our tax data!
Alex
It's like the EFF, but instead of a second F, there's an A
http://www.efa.org.au/JoinEFA/
Thanks for that. Moderators: please mod up parent.
Okay, from my reading of the Bill (PDF), it seems that the new offence is possession with intent (Schedule 1 lists the relevant amendments to the Criminal Code, you're looking for Part 10.7, Division 478.3). Means they have to prove you were going to commit a crime with the tool. It's a bit hard to prove that a sys admin who uses a particular tool for legit purposes was going to commit a crime.
As a matter of fact, given the legitimate usefulness of most 'cracker' tools, it seems that it would be quite difficult to prove that anyone was going to commit a crime unless you had a smoking-gun e-mail or other clear evidence of intent.
Skimed through the text of the link and I can't help but wonder when, if ever, legislatures are going to realize they don't have the technical expertiese to understand, predict, nor control issues such as these?
These issues exist in all modern contries, AU just happens to of reached the extreme first. I soon forsee a world 10 years from now when AU is the land of the Amish, as all advanced technology has been baned since the lawmakers didn't understand what it was.
Are we doomed to tighter legislation on computers and computing until 'Generation X' finally passes a few of it's members into office? Can somone teach the congress about these issues? Frankly, how to we stop this in AU and prevent this from happening elsewhere?
--Demonspawn
There are many non-malicious reasons for wanting to possess cracking tools, not the least of which is the ability to examine them and see how they work, as well as testing your own system. It's not necessarily malicious to make cracking tools, and it's not necessarily malicious to possess them.
Possession of child pornography on the other hand is illegal because making it is illegal. Possessing it encourages making it, and making it victimises children. (Although some argue that it doesn't.)
Depending on what you consider artistic, I'm not sure if it always qualifies as child porn, except for in the eyes of some more conservative groups. Showing naked children isn't necessarily the same as distributing photos of 5 year old girls being raped by grown men, or young boys being made to touch each others' private parts for example.
From what I've seen, that's mainly what is targeted by child pornography legislation. It doesn't mean they raid houses of naturist families for taking and showing people family photos.
To me this seems more like an absolute ban on firearms, except (IMHO) a lot sillier. Similar arguments would apply, though.
===
Australian officals have been puzzled by the sudden mass migration of technical personnel off the island continent. When asked to comment, Professor Lambert of Syndey U. stated "Usually we only see this sort of behaviour in rodents; and then only when there is some kind of immediate danger, such as a sinking ship..."
He who joyfully marches in rank and file has already earned my contempt. - "Big Al" Einstein
I was just wondering... would this make Excel illegal or ay/all of all MS Orifice illegal? You laugh? Wasn't it debated here not too long ago that it could be possible to pass a law that could hold people accountable for not locking down their systems (criminal negligence?). If a country passes laws that outlaws firearms based on appearance (ie US ban on assault weapons), then passing something like this is entirely plausible. The scariest part is this (passing of laws that lay people support because they think hackers are synonomous with crackers and 1337 script kiddiez) would happen in the US in a heartbeat. The AOLamers would support it and they have quite a following. I guess what we open sourcers, *nix aficianados, and all sorts of other computer geeks need is a huge lobby with lots of money..... Yeah like that is going happen....
"Be polite, be professional, but have a plan to kill everybody you meet." General James Mattis
...or is Austrailia turning into the Alabama of the world. No offense to the people from Alabama.
Jaysyn
There is a war going on for your mind.
bearing arms is not a human right
as to that being an American right, even that is a stretch. The American Constitution clearly states in the Second Amendment - "A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms, shall not be infringed"
You might wish it meant otherwise, but that seems pretty clearly aimed at the state armed forces, not civilians. Specifically a well-regulated armed force.
If the material is resident on machines outside of Australian jurisdiction but controlled (not necessarily owned) by you, are you in "posession" of it? If you simply used telnet to edit, compile, and run it remotely in, say, Nigeria, with the code never touching your local machine have you violated this law?
"If I have seen further than other men, it is by stepping on their glasses." - Michael Swaine
How long till we see viruses that copy their code onto the infected computer, then notifys the relevent authorities :)
-----
"Almost isn't good enough - but it's almost good enough."
-----
"Almost isn't good enough - but it's almost good enough."
-Me
Top story: The Austrialian government has submitted a number of bills, which if pass will outlaw rain in January, hot days and humidity over 60%.
"If we are successful", said one legislator, "we'll stop time for an extra 2 hours every day so we can have longer lunch breaks".
(sigh)
Would I have to give them the code for that? Would I have to tell them where I buried important documents in the backyard or to whom I have given items for safe keeping?
Help Brendan pay off his student loans
If the intent is important, what about the viruses with innocous payloads. Often a virus payload will amount to low level graffiti. What of the more helpful case of a spam busting virus that kills or moves all emails with suspicious headers? Why one could even have a boot virus that protects from other boot viruses. Dubiously useful, transmundane? Sure. But they would afford a certain usefulness? I think so. Why I could probably come up with five or so useful tasks a virus could do. One might consider the remote management feature of XP a trojan horse. It certainly has similar functionality. Again, this is largely hyperbole. Democracies are capable of all manner of stupid things. But when the going gets ridiculous the invisible hand usually flips the proverbial bird to the visible idiots.
The only entity who's really given a stick in this law (or so it would seem from my ignorant perspective) is the government with reguard to encryption. One would think, should it be that important, that encryptions tools to combat this formality will switly arrive. That said, if your government has: sufficent motivation, time, and enough money for an electron microscope and the professionals to run it, then nothing, save shooting your prefered data storage device into space, will save your infromation from their prying eyes. All you can do at that point is endevour to not be worth the effort.
In any event, I would imagine that it will die a lingering death. In the event it does become the law of that land down under, I would bet it won't be as damaging as the DCMA and other errant peices of legislation in my homeland. But even here eventually thing like this will fly or die based not on what some congressmen pander to, but what view the people take. While 300 million people might be wrong, they'll still get what they want, it just might not be in the most efficient manner.
--Jimmy has fancy plans; and pants to match.
If American sites are liable in Austrailian courts what can be done about a site more informative than this one? Would my link of this site where one can chose to download KOH for their MSDOS 3.1 machine or one of the other less friendly viruses be a no no? Who gets the 10 years, me or CmdTaco? Is hyperbole the primary cause of a receeding hair line?
But enough about viruses. What about trojans? Back Orifice has features similar to carbon copy and pcAnywhere. The primary difference being that the creators gave both the source and program away for free. Not to mention that it uses less resources, and can typically do more (for good or ill). Is it illegal because it doesn't cost $50 dollars and come in a non-returnable shrinkwrapped box? To say nothing of spyware.
Personally, I think the world could use a few more good viruses. I think a nice macro virus that effectivly muted spam could be a wonderful gift to all those outlook express users.
--Jimmy has fancy plans; and pants to match.
I'm from Australia. There's a federal election coming up and the incumbents (the "Liberals"; similar to the US Republicans but more socially conservative) are worried they might lose due to a botched introduction of a goods and services tax. They've been clutching at straws and more Internet legislation looks like just the ticket to distract the population and also make the Liberals look forward thinking and progressive.
I wish. I'm going to take great pleasure in putting Senator Alston last on my ballot paper.
...I wanted to audit my network? Wanted to check my firewall, and use something like SATAN or Nessus? Would that be illegal? And I suppose I cannot do it remotely? That is stupid, since most sysadmins have to fix problems remotely, and sometimes we have to be in the shoes of the cracker.
"...Fear the people who fear your computer"
They might need to start a penal colony, maybe on a large island or something, to put all the offenders.
cat /dev/random to your favorite e-mail program, format it like a PGP message, and send it. Do this several times a day. See how suspicious they get. Remember, you're not sending any data, just random garbage.
Think about what they'll get when they try to brute-force it :-)
"Make it ten--I am only a poor corrupt official."
--Captain Louis Renault (Claude Rains), Casablanca
Lockpicking tools? OK, let's put locksmiths (professional and hobbyist) out of business. While we're at it, when I locked myself out of my house, I was both relieved and horrified to discover that I could open the lock on my back door with a screwdriver and a pin (plus plenty of time and incentive). So, we should ban screwdrivers and pins, right?
Similarly, I can "scan" networks using ping/telnet and a shell script. Hell, I can even do it using standard DOS tools. Better ban those too!
"The legislation will enable police powers to copy computer data and examine computer equipment and disks off-site and enable them to obtain assistance from computer owners."
The article isn't entirely clear, but recent Ozzie precedent is to give the police (not courts) the power to do whatever the hell they want when dealing with the feared and accursed computers. This doesn't look to be any different.
The counter to all this paranoia is the argument that these powers probably won't be used that much, so don't get so het up.
Fine. So why grant them?
If you were blocking sigs, you wouldn't have to read this.
I recommend fdisk. ;)
Oooh, wait, a thought occurs. Why is Microsoft pushing GPL as "viral"?
New crime: Installing GNU/Linux with intent. "I swear, it's for personal use only! I wasn't dealing, man!" ;)
If you were blocking sigs, you wouldn't have to read this.
just to make sure his own networks are safe.
imho running nmap and sniffers etc on your own network is good,
they might reveal some mistake you made.
"I'll open this port for testing for just a few minutes, I'll change it right back..."
Btw, that BOFH guy is an Aussie, right? Maybe folks down under are really getting desperate :)
karma capped
I'm a security consultant and I do read a bugtraq. I also study exploits to know "how doest it work", "how to protect" and "how to test vulnerability".
...
...)
:(
If I were in Australia - can I read bugtraq more? Can I study vulnerabilities and show anyone how the vulnerability could be exploited? Can I post to bugtraq? Can I post there step-by-step crack-howto? Can I post there step-by-step howto with shell commands? Can I post there shell script? etc
(reminds me of banning DeCSS-like software
People making the Laws have no clue
(no news here)
--
P.S.: I wasnt's so sure of the spelling of "possession", so I used Google. Results : "possession" 30000 results, "possesion" 39100 results, "posession" 33400 results, "posesion" 45300 results. Fortunately I also have a dictionary :o)
--
Rome taught me patience and assiduous application to detail. Virtues which temper the boldness of great, general views.
I like Australia, I really do. Nice place. But...
All these "hacker" laws seem to give me the impression that the people in office there are suffering from some sort of psychological disorder. Paranoid schizophrenia(sp?) perhaps?
Dont get me wrong, I'm not sure the U.S. is much better. But goddamn!
Perhaps some Aussie "hackers" should offer some free workshops for thier government reps, so as to dispell some of this mania that seems to have gripped thier legal system.
Perhaps some U.S. "hackers" might wanna consider doing the same thing.
A free workshop, think about it. Schedule it well ahead of time, and invite all the movers in the legal system. Then present the material in the legalese that lawyers and government officials are so familiar with.
At least this way, we can find out if these laws are based on simple ignorance, or if there really is some sort of psychological "cognitive dissonance" going on.
Any takers? I'd do it myself, if I wasnt a broke as hell, poor old schoolboy.
McDoobie
..."It's like a funnel, only the dumbest of the dumb fit through."
What happens to remote administration tools? I use netbus to administer computers on my home network in windows, am I going to have to move completly over to Linux (which, in itself, is probably illegal because of its networking tools)?
How do you define virus? Netbus shows up as a virus with some virus scanners, but not with others. What happens when Quake III becomes a 'virus' because it supposedly 'infects' children with violence. Games seem to have a way of spreading like viruses, when will our government tell me that I can't frag?
Help! I've just caught this Love Bug virus on my Windoze machine. How do I stop getting thrown into jail for having this "virus code" on my machine?!
Glorat
Of course, the people who would have the best expertise at "correcting" this policy are those right here at /.!
If the cops come and demand that i decrypt my DVDs, I will direct them to circuit city, which sells DVD players. Geez...
Reboot macht Frei.
While these limitations would never be accepted in the US (the anti-virus and security industries are too big there), I'm getting scared about how much technically clueless politicians (if they had a clue they would be working somewhere) are affecting my ability to do my work. The existence of a European Community directive that states about the same than DMCA effectively prevents system's integration has its been done until now (reverse-engineering and binary modification to create entry points to proprietary software, reverse engineering of database schemas, libs reencapsultion and a lot other tricks that are usually considered to be used only by those black hats guys).
to move to China ?
China is the land of the free except when you get executed so they can sell your organs.
"I'm having far too much fun to stop panicking and shouting just yet. This is the greatest injustice in the history of Australia! Fight the Power!"
Dude, take some valium and pull your head out of your ass. Looking back over the history of slashdot, every legal story they've posted has turned out to have zero effect on the lives of their readership, with about 4 exceptions, all of which were widely reported before they were posted here. Leave the law to the lawyers, because if you, timothy and taco got together and worked real hard on it, you'd be able to understand enough of it to get yourselves laughed out of court.
Denial isn't just a river in Italy
The word 'speech' as used by the U.S. Constitution, has been viewed as really meaning 'expression'. Code is expression, just like flag-burning and protest signs and religious ceremonies. Yes, hacking tools are used by criminals - but they're also used legitimately. This is the same situation as gun-control - the good folks are losing their rights because of the bad ones. Sickening, if you ask me. That the good be punished under the same umbrella as the bad... *sigh*
think for yourself, you won't like the results if others do it for you.
There is alsoi the small matter of the many crackers outside Australia.
Can this really be enforced?
Well, yeah. Make sure you don't make mistake mentioning this fact somewhere in the public for you will be sorry for the rest of your life.
...and you can't blame meteors for everything.
"and if an Australian thinks the law is bogus it wont be followed up on if the person who has to enforce it thinks it is bogus too. "
...
Well, that is one way to solve the problem but quite wasteful one. Why bother with laws, the government all this extremely expensive stuff when people don't really care for it?.
I would even say this borders on anarchy -> laws are followed when it suits people etc
Strange country.
...and you can't blame meteors for everything.
Ha! Like one could suggest that Australian courts dispense justice! This, in a country that still uses bootings to punish people who make prank phone calls!
"I don't know that atheists should be considered citizens, nor should they be considered patriots." - George Bush
What gives? I've seen the Australians do some dumb things, but this has to be absolutely ridiculous. Don't they have a constitution? a bill of rights? or can their government just step all over them? This is quite possibly the dumbest thing to happen in Australia since the American's losing the America's Cup in 86.
Well here's a bill that's likely to have some unintended consequences. In outlawing so much of the software which they feel is a threat to "the national information infrastructure", they've also made it difficult for computer professionals to use the tools they need to test and evaluate the security of that same infrastructure. Computer security experts, it seems, will have to work for the government -- either that or have to consult lawyers on a daily basis to avoid inadvertently breaking the law in the course of their duties. As a result Australia will end up with some of the most insecure networks in the world.
Yip, we are all corrupt wee buggers. This however is putting a lot of power in the hands of a small group of corrupt wee buggers.
Imagine the possibilities of financial gain by selling a companies encryption keys and the like to one of its competitors.
Looks like the the way to make money is no longer I.T. Think I'll sod off and join the Australian Security Service
Would be nice if they did. Not to be an anti-Australian or anything, but I'm sick of their IRC servers splitting up our networks. They should cut all of their fibers and go back to hunting kangaroos.
Seriously though, you are right about the government dudes. They are all corrupt to a degree. But thats really just humanity. Try and find someone who isn't greedy or enjoys causing people to suffer.
Geekizoid: The Small Shiny Things Network ©
Gobble a dick!
It also forces companies by law to reveal passwords, keys, codes, cryptographic and steganographic methods used to protect information.
If they have to reveal all passwords and whatnot, hacker tools aren't needed. Just go to the part of their site where it will say somthing like "By law we are required to post the root passwords to all of our boxes here..." and you will have all the info you need.
Geekizoid: The Small Shiny Things Network ©
Gobble a dick!
Who defines what is a hacker toolkit or virus code? Many legitimate applications and utilities can be used for evil. Would this affect people/organizations that mirror linux distros that include these programs? And what about virus code? If they ignorantly mean source code, then they will have a problem because all of the popular (mainstream popular of course) viruses are written in VBS or a similar interpreted language. So anyone infected could be guilty of a crime. The potential for abuse by vindictive law enforcement agents is obvious. If your neighbor Officer Jack decides he dislikes you, he could release a VBS worm on his own machine which would email everyone in the outlook address book (assuming you are on the list here). Then he could come and arrest you and do whatever he can to ensure that you recieve a severe penalty as a dangerous hacker.
Geekizoid: The Small Shiny Things Network ©
Gobble a dick!
And your computer!
My Journal - 1,337 fans and countin