Slashdot Mirror
Aussie Bill Would Ban Hacking Tools, Virus Code
rtscts writes: "The Australian govt. is at it again: 'Under the bill, which proposes seven new computer offences carrying jail terms of up to 10 years, it is illegal to possess hacker toolkits, scanners and virus code.'" The bill is called the Cybercrime Bill 2001; according to this article, it "does allow the Defence Signals Directorate (DSD) and Australian Security Intelligence Organisation(ASIS) to hack legally. It also forces companies by law to reveal passwords, keys, codes, cryptographic and steganographic methods used to protect information."
Doesn't this sort of make Unix illegal? I mean, every unix I've heard of pretty much comes with a suit of network utilities, of which scanners are a usual componenet.
A search on Google for Tierney Gearon will reveal the fuss in the UK recently about some innocent holiday-type snaps of kids being (temporarily) deemed as indecent. Gearon is an artist, and these photos were included in an exhibition at the Saatchi gallery.
Although the charges were dropped, it did temporarily open the possibility of almost everyone having indecent photos in their possession.
The best part of it all, was The Guardian publishing the photo in question in full colour on the front page on the first day of the fuss, when this photo was still being called indecent by the authorities. I was impressed they were willing to so dramatically state their position and hold firm.
Child pornography is very different. The reason: the making of child pornography pretty much by definition involves one of the most hideous abuses of another human being possible: sexual exploitation of a child.
Now, before you say "why not just go after the makers?" consider this: child porn is not given out for nothing. Usually it involves paying money. Other times it's done in a trade. Even if no cost is involved, you're showing demand for the stuff. So by obtaining it, you've financed the operation, directly (by paying money) or indirectly (by providing more goods, which can later be sold, or by showing demand, which motivates further production). Under most legal definitions, that would make you an accomplice or accessory to the crime. That seems to be a fair enough reason to criminalize the stuff.
Now, things do get stickier in the case of hand-drawn or computer-generated child pornography, in which case it's quite possible (even probable, in the case of CG) that no living beings were ever used in the creation of the work. I don't know if this has been tested in a legal system or not. It would be interesting to see the results of such a case.
----------
"What do we have here? A scanner! You finally slipped up, junior. Take him away boys."
ENDUT! HOCH HECH!
Further yet, is it illegal for you in the US to make available hacking tools to Australians? (Legislation is pushing that way, yes?) If not now, might it be soon?
David E. Weekly
David E. Weekly
Code / Think / Teach / Learn
h4x0r for
That makes it sound as though instead of hauling away everything you own that has anything to do with computers (and eventually auctioning it off and pocketing the proceeds--that's why they seize the speakers and monitors and power cords and keyboards, they get more money selling compete systems), they could just copy everything you have on any and all storage media, and crack into it back at the station house, without leaving you unable to persue any legal and legitimate computer use. After all, you might be innocent, and this way they inconvenience you the least while still investigating.
Unfortunately this makes sense, respects individual rights, forgoes photo-ops of officers rendering the "danger to society hacker" impotent by taking away all that "sophisticated hardware" that was no doubt financed by selling drugs and dirty pictures to pre-schoolers, and creates less opportunity to augment department budgets with auction proceeds, so don't hold your breath.
I see even classic Slashdot is now pretty much unusable on dial up anymore.
...at least, it's a DDoS client in two lines if you don't have the latest patches for it.
Seriously, I take exception to the gummint banning the tools which I must have for making sure that the boxes I administer are secure from overseas crackers (after all, since we're every man jack of us law abiding citizens here, no other Aussies could possibly crack my machines, although it seems that some legislators are actually smoking it - crack, that is).
Got time? Spend some of it coding or testing
As a fellow computer professional, would it make more sense to you to "hack in to get my own email" as the prosecutor offered, or to believe me when I say that I was doing this to show that my former sysadmin group was failing to maintain proper security? Yeah, I thought so.
To this day, the prosecutor still claims that he doesn't understand the case. And yet, he managed to share that confusion with the jury in such a way that I'm still a felon, awaiting yet another round of appeals to support a greater common good.
Yes, my methods may have been lousy, and I certainly didn't get prior approval for what I thought would be a no-brainer, but my intent was to help the people that had paid my bills for five years, not harm them.
The AU Government, wishing to serve the people in it's full capacity and competence, and seeking to employ the most technically sound and logically considered data attainable, has assembled a task force of experts charged with the duty of identifying clearly and without doubt, those "tools" which are the most serious and effective aids to the operation and infiltration of computer networks by criminals.
"Our data, as set forward in our considered report, "Keep your mits on", has conclusively shown that in a vast majority, and we are making no exageration here, for we found said "tools" to be in the "hands" of 99% of not only hackers, but also criminals in general, of cases, the "fingers" were the single most pervasive means with which criminals were able to persue their illegal activities."
Citizens are free to study the newly published report, wherein they will find details of scientifically conducted tests where criminal hackers were left totally unsupervised, alone in a room, with a computer terminal, having had his or her fingers removed. The data found is so strong, that any even half-educated sheep farmer could plainly see that the chances of the hacker being able to purse a horrible and dangerous criminal activity online was rendered almost completely impossible without the aforementioned tools, the "fingers".
However, the authors of the study wish to deepen their understanding of the "hacker", and recommend a further study into some discrepacies in the data. Partiularly in one case, one criminal individual was found to have, it appears, by means of a pencil held in his teeth, to have actually operated the computer, as evidenced by the words "help me" clearly visible on the screen in an e-mail program. As already stated, for reasons of national security, we recommend further studies into the potential criminal activities of hackers armed with pencils but no fingers.
By owning a DVD you can theoretically go to jail, because you can be ordered to reveal the key that encrypts the data...
That puts most people between a rock and a hard place, because then they would have to use hacking tools (DeCSS) to get the key...
The secret of success is honesty and fair dealing. If you can fake those, you've got it made. (Marx)
Newsflash for all you gun nuts:
The government doesn't need to take your guns away to have complete and absolute power over you. Look at the insanity of the drug war:
If the government really wants to arrest you, does it matter how many guns you have?
However many you have, they will *always* have more. Having those guns just makes it more likely that you will end up dead. The only way guns protect you from an oppressive government (which the USA already has, BTW) is if the people have more firepower than the feds, something which would never happen in the USA.
Reality has a liberal bias
You can read the Full Text and an Explanatory Memo from the Australian Parliament Legislation page.
Like Britain....
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
.. someone read the article and realized that they are already acknowledging that system admins and other professionals need "hacker tools" and before the bill is accepted, there would be adjustments to the bill because of this very reason.
Also, if you encrypt your hard drive, then get somehow arrested for say.. distributing child porn, the police would tell you to give them the key to open the encryption. If you just say "nope.. I won't do it", I'm pretty sure you get into a lot of trouble in ANY country - not just Australia. You SHOULD be in a lot of trouble too!
So what is it that is so bad about this bill? And YES I've read 1984 and NO, this is nothing like that.
Our mission against black hat hacking is problematic enough. The single best tool we have ever developed to keep hackers out is the openness with which techniques of hacking are discussed, and the sharing and free distribution of those tools.
Aside from the obvious difficulties in the application of the law, which invites unbalanced and unreasonable application by clueless authorities, the primary harm of this law is the obvious chilling effect that it will have on promoting the progress of anti-hacking technique.
It is only our prodding and poking at our own systems that keeps us as many steps as we are in front of (or behind) the hackers as we may be. Only by "standing on ye shoulders of giants," can we hope to adequately understand and to secure our present systems. If our giants are hidden or made contraband -- then we are left to the mercy of those who live in more (or less) enlightened societies.
In short, hackers have never had so good a friend as the Australian government. A nation disarmed for the picking by those who are not blinded by their own ignorance.
If we outlaw hacker tools, then only hackers shall have rootkits.
Dude, take some valium and pull your head out of your ass. . . . Leave the law to the lawyers, because if you, timothy and taco got together and worked real hard on it, you'd be able to understand enough of it to get yourselves laughed out of court.
I may indeed have my head up my ass, but I also have the law degree and techno-litigation experience you seem to require. If you have an argument on the merits, feel free to show where you think I was mistaken, and we shall see who is making the frivolous argument. But until you do, why not leave the name-calling to yourself?
Right in theory, but you overestimate a jury's capacity to see possession of a "hacker tool" as a salutary and ordinary thing, such as holding a kitchen knife.
Again, the issue is whether possession of the contraband will be deemed by an average juror to evidence an intent to use it. (It will, 99-100% of the time.) Then, whether the juror will understand *and* buy the testimony from experts suggesting that one doesn't use hacker tools only to hack evil, or buy or be confused by the clueless prosecutor who represents the state.
Then, weigh whether you are willing to risk your freedom and liberty to discover the answer, or accept a plea and do whatever the state requests.
So I guess we're in more trouble than I originally thought. :(
That's all I'm saying. If we make possession of hacker tools illegal, only criminals will have rootkits.
Most crimes have both a factual component (actus reus) and a state of mind component (mens rea). The Mens Rea for a crime may be intent, knowledge, recklessness, negligence and at times (such as for statutory rape) strict liability.
In theory, a state of mind must be proved just as the factual elements, beyond a reasonable doubt. In practice, a jury is instructed by the judge that they may infer intent from any of the circumstances in which the crime was committed. Unless the defendant takes the stand in her own defense and convinces the jury to the contrary, and thereby submitting herself to a blistering cross-examination, the prosecutor will simply ask the jury to ask themselves any number of rhetorical questions.
Mens rea is a non-issue. With enough stuff on your disk, intent can be "proved" by twisting circumstantial evidence to the satisfaction of the jury. To a jury -- the mere fact of the trial is taking place evidences (which would not otherwise be admissible) the proposition that the government thinks the defendant is guilty.
"with intent" is better than strict liability. But in practice, its grievously dangerous. Anyone possessing tools is ultimately at the mercy of the whim of the authorities. The cost of a criminal defense (which no intelligent person, however good an advocate, should attempt to do by themselves) will never be compensable and can itself be more ruinous than any fine.
In short, this law an authoritarian nightmare -- it serves no good purpose, will actually chill productive anti-hacking technology.
welcome to the information super outback!
shoddy journalism at its best here folks.
How we know is more important than what we know.
just ship them half way around the world to build your railroads, tend your farms and be discrimated against after you finally figure out that slavery is wrong.
How we know is more important than what we know.
Dont you think for just one moment that this bill provides a provision that says "excluding registered computer virus researchers", like every other computer related law on the books in Australia? Anyone who knows anything about the antivirus industry knows full well that it is a cartel. Symantec and the other members of CARO would like nothing better than everyone else to be excluded from antivirus research. It helps them maintain their power. As for the bill itself, have you even read it? If so, I would really like a copy cause yet again an online "journalist" has failed to provide basic references. Please dont tell me you're forming your opinion on the three lines printed in the article or the poor attempt at a sentence provided in the summary on Slashdot.
How we know is more important than what we know.
>If they are single purpose cracking tools they can IMHO be banned.
A few years back, I was the manager for Data Security for KPMG's electronic commerce group, and I can attest that there is indeed a legitimate use for any cracking tool you can name, even the DOS hacks.
I routinely use cracking tools to probe my own systems, since I have exactly ZERO confidence that script kiddies will leave me alone just because there's a law against what they're doing.
One obvious legit use of a DOS hack is to test your firewall, and make sure it doesn't just crash when it gets way more traffic than it can handle.
When governments think they can prevent behaviour just by passing a law against it, I simply refer them to all of the drug wars we've ever had.
If we want secure systems, then what we need to do is tell all of our governments to FUCK OFF and quit trying to legislate an engineering problem.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Australia doesn't have a mainstream party which is more socially conservative than the US Republicans. It just sometimes seems that way. :-)
The Australian Liberal Party is actually much closer to a European "conservative" party: close to the US Democrats, but a little more conservative. The closest thing we have to the Republican party in Australia is the National Party, whose support is mostly from rural areas. The problem is that when the Liberal Party is in power, it's almost always in coalition with the National Party, so coalition governments often pass National Party-esque laws such as this one.
sub f{($f)=@_;print"$f(q{$f});";}f(q{sub f{($f)=@_;print"$f(q{$f});";}f});
We all have to stop and admire how paranoid governments are getting which is clearly demonstrated through all their so called tough new laws. Paranoid I say because they never seem to get it right, and oppression of that nature (of information) is likely to lead to higher incidences of anarchy. e.g. Mischievious teens with too much time on their hands are now sentenced to ten years for learning about computer security... Guess that profession will be out of the question there.
I wonder what would/can the AU government do to say someone who has a shell in another country and performs `scans` and runs a security based website with Virii as content? AU laws definitely don't apply here so I don't see what they intend to do when instances like these arise. Wouldn't it be sort of similar to someone leaving AU and moving to another country? So what do they intend to do, shaft someone in hopes no one notices. (trust me it happens)
Aside from that who cares if a provider tells encryption methods. Create a PGP key on your machine, in fact create 2 signing keys, your provider can surely know you're using PGP, now should any message you send be decrypted by anyone other than the recipient, the entire security world would be turned upside down, and cypherpunks would be hitting the keys to create the next best thing.
Want Root?
with hacker tools such as the hex editor and the scientific calculator banned, how would you teach comp sci at uni?
seriously tho, the bill would probably not be passed in its present form, given the many obvious problems with it.
the main problem is that the it ministers on both our major parties have no clue. in fact, i'm not sure there's a single politician here who has a clue about IT. at least none that has spoken out in public
---
The aussie 2600 site http://www.2600.org.au/ has more on this issue including a mirrored copy of the bill, as well as explanatory memoranda. It also has a response to some of the issues brought up in the bill such as the fact that many of the proposed new crimes are already covered in part by existing laws in the Crimes Act.
The new offenses that are proposed by the bill are:
477.1 Unauthorised access, modification or impairment with intent to commit a serious offence
477.2 Unauthorised modification of data to cause impairment
477.3 Unauthorised impairment of electronic communication
478.1 Unauthorised access to, or modification of, restricted data
478.2 Unauthorised impairment of data held on a computer disk etc.
478.3 Possession or control of data with intent to commit a computer offence
478.4 Producing, supplying or obtaining data with intent to commit a computer offence
They are further defined in the actual bill; the url of which is posted earlier.
I do not believe in my mind that port scanning directly offends against any of the 477 crimes, the only one it could possibly apply to is 478.4, and then there is probably not enough evidence to prove intent.
The problem with that is that the arresting constable must have a reasonable suspicion in order to make a legal arrest. The quality and quantity of cops that actually know anything about what they are doing in relation to computers is extremely negligible. A reasonable defence would be to say that the cop did not understand the software and thus was unable to form a resonable suspicion as to your intentions.
that link doesnt work, it's a search that has expired. Try this instead: http://search.aph.gov.au/search/ParlInfo.ASP?actio n=browse&Path=Legislation/Current+Bills+by+Title/C ybercrime+Bill+2001&Start=4&8cD#top
also there is some more stuff on http://www.2600.org.au/
Does this mean the posession of Linux will be a federal offense? If the codebase is GPL'd and the GPL is a virus...
Banning all products that allow people to do naughty stuff computers isn't cool. Many people like Outlook Express.
And force all citizens to get a frontal lobotomy. After all, the human brain is the device from which all Evil springs.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
This is more than just comic stupidity. This appears to be the Aussie Liberals doing their darndest to get right smack into the same disputes that the EU and the US are having over data and privacy rights. Think about the implications this has for corporations that have connected Aussie offices to the corporate WAN. If having an Aussie office means you have to give up all hope of corporate security to the Aussie cyber cops, you're faced two options. Option 1: bet your company's IT strategy on the dubious notion that the Aussie cyber cops are smarter and/or more reliable than the morons who wrote this bit of lunacy; or disconnect the Aussie office from the WAN.
And funny thing! If that's what happens, doesn't that all of a sudden cripple the Aussie office, and give the local competition a big edge?
If the Aussies say that they're entitled to hack into the network, wherever the network takes them, they're fomenting a trade war. If they say that they're only interested in data stored in Australia, they're just going to clobber IT jobs in Australia, because every multinational will move data and jobs offshore.
When will governments learn? One of the reasons we buy door locks is to protect ourselves from the police.
This is going to sound odd, but... how is this different from the laws (which exist around the world) banning possession of child pornography?
In neither case does the mere fact of possession cause harm to anyone, in both cases there are very real reasons why people might want to possess them, and yet in both cases they are considered "paraphernalia" associated with criminal activity (abuse).
If we're going to complain about cracking tools being made illegal when they are obviously useful for non-cracking activities, why aren't we all complaining about child pornography being illegal when it is in many cases of worthy artistic value?
Tarsnap: Online backups for the truly paranoid
Possession of child pornography on the other hand is illegal because making it is illegal.
The creation of child pornography is not necessarily illegal simply by virtue of the acts being recorded. A recent case at the Canadian Supreme Court demonstrated this clearly in striking down certain portions of Canada's criminal code provisions against child pornography.
The Canadian Supreme Court restricted the law so that (paraphrased) "creation and possession of child pornography shall not be illegal if the material depicts legal acts between consenting persons, the material is intended for personal use only, and the material is not distributed". Even with this ruling in place, the law clearly states that the depiction of *perfectly legal acts* (for example, two 17 year olds having sex) may not legally be possessed by any other person.
If the laws only existed to criminalize possession of depictions of illegal acts, that would be reasonable. Similarly I don't think there would be very major objections raised to criminalizing the possession of "cracking logs" journaling the defacing of web sites (although that would be a rather bizzare law). When material is criminalized solely based on the purposes it could be used to accomplish (the most common reason given for criminalizing child pornography), child pornography is in exactly the same boat as "cracking tools" are.
Tarsnap: Online backups for the truly paranoid
The problem here is, there are very few if any cracking tools which have only one reasonable use. I'm going to take your example, DOS tools. Joe Random Sysadmin is going to be launching a site, and expecting, say, 50k pageviews/day, and wants to test whether his webserver will be able to handle the load. So he takes 50 machines around the office, and signals each of them to load the main page 1000 times. Of course, he doesn't do this by hand, he finds a tool to do it, and controls it from his terminal. What exactly is this tool doing? That's right, it's taking a bunch of machines and signalling them to flood a server with traffic, just like a DOS tool would.
What makes the difference is a matter of intent, which is extremely difficult to prove. If the user used the tool for a legit purpose, or just checked the box on a package list when installing his distro, then the tool is legitimate. If the user intended to or did use the tool for a destructive purpose, then it is not legit.
------------------
A picture is worth 500 DWORDS.
For what it's worth, even Microsoft realise they are hopeless. Hopefully they'll be voted out at the next election (probably later this year?), and this insanity will end.
The bill doesn't make any of the things listed in this article illegal on their own - you have to be using them for, or intending to use them for, committing another federal crime. There is no requirement to divulge passwords, just to assist law enforcement in effecting the execution of a warrant. Without this they'll just seize the equipment anyway, so it's actually in the interests of the person owning the equipment to provide this assistance as it allows them to take just the relevant data.
Of course it does sound a lot more interesting to say it bans the posession of tools that are being used for legal purposes, but the bill explicitly mentions that there must be a use for, or an intent to use for, an otherwise illegal activity.
You laugh, but you'll laugh even harder with this article basicly saying email is the no1 threat for australian companies.
This shows how rigid they are in their thinking. I mean, if people used propper policies and security protection, there was no need for the digital witch-hunt they are now proclaiming.
Now I don't agree with the way things are now, for instance I don't think security firms SHOULD exist, but this kind of artisanal malpractice where the trade itself corrupts and starts to sustain itself, is present in all sorts of professions. You see it in law, you can see it in the medical department of hospitals, you can see it in university research labs looking for ever more funding, and you have it in the IT world. I think this is where the real issue is.
The abuse in the profession leads to a perverse effect of self sustainability, which is ofcourse exploited without any regulatory force, usually because the knowledge in the field is a barrier on itself, preventing people to get in, unless they comply to the practices of the trade, after which they are absorbed in the system, which will take good care of them.
That's a little abstract, but to give an example, if there weren't any people hacking and cracking, there would not be a need for security. But companies are about money, and are ths subject to hacking/cracking/virus/worms etc, giving existance to security companies. And who works for these companies ? Presto, there's your self-sustainability.
And no I'm not an anticapitalist or communist, or in security or cracking or hacking or law or medicine myself, these issues have been roaming my overly concerned mind for quite some time. Considering my signal to noise ratio, this post probalby won't mean much either way..
ah well..
With great power comes great electricity bills.
Okay, from my reading of the Bill (PDF), it seems that the new offence is possession with intent (Schedule 1 lists the relevant amendments to the Criminal Code, you're looking for Part 10.7, Division 478.3). Means they have to prove you were going to commit a crime with the tool. It's a bit hard to prove that a sys admin who uses a particular tool for legit purposes was going to commit a crime.
As a matter of fact, given the legitimate usefulness of most 'cracker' tools, it seems that it would be quite difficult to prove that anyone was going to commit a crime unless you had a smoking-gun e-mail or other clear evidence of intent.
ASIS stands for the Australian Secret Intelligence Service, essentially the Australian foreign spies. I'm not sure but I believe they have no jurisdiction to operate within Australia, but I might have that wrong. They are not, BTW, held accountable in any public forum, even Parliament (?!)
ASIO is the Australian Security and Intelligence Organisation. They are *only* allowed to operate withing Australia and I believe the article refers to them.
DSD is the Defence Signals Directorate, essentially a (much smaller) analogue of the NSA.
Dave
There are many non-malicious reasons for wanting to possess cracking tools, not the least of which is the ability to examine them and see how they work, as well as testing your own system. It's not necessarily malicious to make cracking tools, and it's not necessarily malicious to possess them.
Possession of child pornography on the other hand is illegal because making it is illegal. Possessing it encourages making it, and making it victimises children. (Although some argue that it doesn't.)
Depending on what you consider artistic, I'm not sure if it always qualifies as child porn, except for in the eyes of some more conservative groups. Showing naked children isn't necessarily the same as distributing photos of 5 year old girls being raped by grown men, or young boys being made to touch each others' private parts for example.
From what I've seen, that's mainly what is targeted by child pornography legislation. It doesn't mean they raid houses of naturist families for taking and showing people family photos.
To me this seems more like an absolute ban on firearms, except (IMHO) a lot sillier. Similar arguments would apply, though.
===
Australian officals have been puzzled by the sudden mass migration of technical personnel off the island continent. When asked to comment, Professor Lambert of Syndey U. stated "Usually we only see this sort of behaviour in rodents; and then only when there is some kind of immediate danger, such as a sinking ship..."
He who joyfully marches in rank and file has already earned my contempt. - "Big Al" Einstein
bearing arms is not a human right
as to that being an American right, even that is a stretch. The American Constitution clearly states in the Second Amendment - "A well-regulated militia, being necessary to the security of a free State, the right of the people to keep and bear arms, shall not be infringed"
You might wish it meant otherwise, but that seems pretty clearly aimed at the state armed forces, not civilians. Specifically a well-regulated armed force.
They certainly decompile the virus and re-create the source code as part of analysis.
"Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
If American sites are liable in Austrailian courts what can be done about a site more informative than this one? Would my link of this site where one can chose to download KOH for their MSDOS 3.1 machine or one of the other less friendly viruses be a no no? Who gets the 10 years, me or CmdTaco? Is hyperbole the primary cause of a receeding hair line?
But enough about viruses. What about trojans? Back Orifice has features similar to carbon copy and pcAnywhere. The primary difference being that the creators gave both the source and program away for free. Not to mention that it uses less resources, and can typically do more (for good or ill). Is it illegal because it doesn't cost $50 dollars and come in a non-returnable shrinkwrapped box? To say nothing of spyware.
Personally, I think the world could use a few more good viruses. I think a nice macro virus that effectivly muted spam could be a wonderful gift to all those outlook express users.
--Jimmy has fancy plans; and pants to match.
I'm from Australia. There's a federal election coming up and the incumbents (the "Liberals"; similar to the US Republicans but more socially conservative) are worried they might lose due to a botched introduction of a goods and services tax. They've been clutching at straws and more Internet legislation looks like just the ticket to distract the population and also make the Liberals look forward thinking and progressive.
I wish. I'm going to take great pleasure in putting Senator Alston last on my ballot paper.
They might need to start a penal colony, maybe on a large island or something, to put all the offenders.
Lockpicking tools? OK, let's put locksmiths (professional and hobbyist) out of business. While we're at it, when I locked myself out of my house, I was both relieved and horrified to discover that I could open the lock on my back door with a screwdriver and a pin (plus plenty of time and incentive). So, we should ban screwdrivers and pins, right?
Similarly, I can "scan" networks using ping/telnet and a shell script. Hell, I can even do it using standard DOS tools. Better ban those too!
"The legislation will enable police powers to copy computer data and examine computer equipment and disks off-site and enable them to obtain assistance from computer owners."
The article isn't entirely clear, but recent Ozzie precedent is to give the police (not courts) the power to do whatever the hell they want when dealing with the feared and accursed computers. This doesn't look to be any different.
The counter to all this paranoia is the argument that these powers probably won't be used that much, so don't get so het up.
Fine. So why grant them?
If you were blocking sigs, you wouldn't have to read this.
I recommend fdisk. ;)
Oooh, wait, a thought occurs. Why is Microsoft pushing GPL as "viral"?
New crime: Installing GNU/Linux with intent. "I swear, it's for personal use only! I wasn't dealing, man!" ;)
If you were blocking sigs, you wouldn't have to read this.
--
P.S.: I wasnt's so sure of the spelling of "possession", so I used Google. Results : "possession" 30000 results, "possesion" 39100 results, "posession" 33400 results, "posesion" 45300 results. Fortunately I also have a dictionary :o)
--
Rome taught me patience and assiduous application to detail. Virtues which temper the boldness of great, general views.
Help! I've just caught this Love Bug virus on my Windoze machine. How do I stop getting thrown into jail for having this "virus code" on my machine?!
Glorat
Of course, the people who would have the best expertise at "correcting" this policy are those right here at /.!
to move to China ?
China is the land of the free except when you get executed so they can sell your organs.
Well here's a bill that's likely to have some unintended consequences. In outlawing so much of the software which they feel is a threat to "the national information infrastructure", they've also made it difficult for computer professionals to use the tools they need to test and evaluate the security of that same infrastructure. Computer security experts, it seems, will have to work for the government -- either that or have to consult lawyers on a daily basis to avoid inadvertently breaking the law in the course of their duties. As a result Australia will end up with some of the most insecure networks in the world.
It also forces companies by law to reveal passwords, keys, codes, cryptographic and steganographic methods used to protect information.
If they have to reveal all passwords and whatnot, hacker tools aren't needed. Just go to the part of their site where it will say somthing like "By law we are required to post the root passwords to all of our boxes here..." and you will have all the info you need.
Geekizoid: The Small Shiny Things Network ©
Gobble a dick!
Who defines what is a hacker toolkit or virus code? Many legitimate applications and utilities can be used for evil. Would this affect people/organizations that mirror linux distros that include these programs? And what about virus code? If they ignorantly mean source code, then they will have a problem because all of the popular (mainstream popular of course) viruses are written in VBS or a similar interpreted language. So anyone infected could be guilty of a crime. The potential for abuse by vindictive law enforcement agents is obvious. If your neighbor Officer Jack decides he dislikes you, he could release a VBS worm on his own machine which would email everyone in the outlook address book (assuming you are on the list here). Then he could come and arrest you and do whatever he can to ensure that you recieve a severe penalty as a dangerous hacker.
Geekizoid: The Small Shiny Things Network ©
Gobble a dick!