Slashdot Mirror
Hackers are 'Terrorists' Under Ashcroft's New Act
Carlos writes "Most computer crimes are considered acts of terrorism under John Ashcroft's proposed 'Anti-Terrorism Act,' according to this story on SecurityFocus. The Act would abolish the statute of limitations for computer crime, retroactively, force convicted hackers to give the government DNA samples for a special federal database, and increase the maximum sentence for computer intrusion to life in prison. Harboring or providing advice to a hacker would be terrorism as well. This is on top of the expanded surveillance powers already reported on. The bill could be passed as early as this week. I feel safer already."
Hackers aren't criminals. Crackers are. Seriously-- why _shouldn't_ computer crime be crime?
-- Is "Sig" copyrighted by www.sig.com?
There are just way too many of us out here.
Put us all in prison, and prisons will be freer than out here.
The true hacker is absolutely, completely, devoted to freedom.
-wp
information is immaterial
Damn, we /.'ed the securityfocus server... that's a DOS attack, isn't it?
Quick, smash your DSL modems, clear your logs, and run for the hills before the Feds arrive!
Finally, script kiddies will get what they deserve... life imprisonment!
Wait, this wouldn't be targeting "real" hackers, now would it? Uh oh...
-NeoTomba
Providing advice to a Hacker == criminal offense? Doesn't legal counsel count as advice? Isn't that protected under the 5th ammendment?
I am !amused.
What do you expect from a guy who annoints himself in Crisco and gets telepathic advice from some big guy who lives in the sky that nobody's ever seen?
I don't have an anger problem, I have an idiot problem
I just read that to a couple of coworkers here, and they all said they should stop talking to me. :)
- This isn't the sig you're looking for. Move along, move along..
Soon any country harboring hackers will be considered as a country harboring terrorists.
All it takes is one bad customer relationship to cause a false accusation...
jeremiah cornelius
"Flyin' in just a sweet place,
Never been known to fail..."
Why in the world would they need DNA. I am pretty sure that no where in the specs for DNS or IPv4 is it required that my genome sequence be part of the string being sent out.
So, who wants to take bets that the RIAA get's copyright violaters termed as hackers?
Papa Legba come and open the gate
Right now, the laws in this country have you by six degrees of separation. If anyone is determined enough, they can convict you and throw you away for life based on laws that reference laws that reference laws. . .
This is a perfect example. Decrypting DVDs under the DMCA is circumvention. Circumvention is hacking. Hacking is now terrorism.
Crack a copy of your new CD so you can have burned copies in your car instead of the originals (in case they get stolen), and you are now a terrorist.
I don't mind increase survelance powers in order to fight terrorism. However, scrawling "I love you Crystal" or some such on some web page is not terrorism.
This thing needs to at least be tempered by a clause which adds or defines criminal intent. That is, if hacking is done with the intent to destroy or disable the United States government and/or make actual acts of terrorism (such as blowing people up) easier, then throw the bastards in jail. But defacing some web site doesn't harm the United States government; it's just annoying as hell. And annoying doesn't deserve life in prison without the possibility of parole--especially since actually killing someone is what I would consider slightly more annoying, yet many types of murder don't get anywhere near life.
In the latest cryptogram I referenced this article. And this quote(look at the reader comments at the bottom to see my point):
"There are many people of poor and evil motivations who are seeking to disrupt business and government and exploit any vulnerabilities in the digital universe."
From John Ashcroft. This guy is just way off base here. He is totally missing what is going on the real world. We need some more technically savvy people in the government!
mp3's are only for those with bad memories
Doesn't the CIA employ many, many crackers to bust into their stuff?
--
this would make def con illegal... a convention of terrorists giving information to each other.
what next?
"Yes.. no matter what the culture, folk dancing is stupid." -MST3K
I don't know much about how this bill would be interpreted were it to come to law, but it seems to me that making security bugs known to the general public could be construed as giving advice to a hacker since, well, it alerts the general public to security problems.
I hope people arn't stupid enough to support this bill. I mean honestly: Define terrorism. Then define "computer crime". Then notice that there is no containment. Ashcroft should go back to school. Why the hell do people want to pick on computer criminals so much?
"Question with boldness even the existence of a god." - Thomas Jefferson
Winter 2010: With Glowing Hearts
This is a perversion of what Ashcroft requested. Hackers who attempt to disrupt key systems that are vital to protecting human life, for example the FAA's radar systems, are terrorists. And they are.
-- "The best way to predict the future is to invent it."
Well, I don't mind the DNA thing as long as it applies to other criminals and not just computer crime, the life in prison thing is a little messed up. I just don't see how a rapist could get less time than someone who defaced a web page.
--"Karma is justice without the satisfaction"
Oh no... it's The Geeks from Brazil
That is BS. By even proping systems or exploiting vunerabilities hackers/crackers/whatever cause untold millions of dollars in damages and lost wages.
They not only steal information, but also deny others the right to do business and cause a need for shift in resources to protect the company rather than producive service.
Cave, wreck, and deep diver.
"and increase the maximum sentence for computer intrusion to life in prison." And exactly how is this supposed to help everyone out and teach someone their lesson? How can sending some of the smarter people in our society (assuming this won't be a script kiddie in many instances) to jail for the rest of their lives help better our lives? Although I should assume that every case under this proposed act would come with the possibility of paroll due to its complete lack of immediate physical or mental damage to any persons, right? What's next? The death sentence for avid computer users? Gimme a break.
Hackers face life imprisonment under 'Anti-Terrorism' Act Justice Department proposal classifies most computer crimes as acts of terrorism.
By Kevin Poulsen
Sep 23 2001 11:00PM PT
Hackers, virus-writers and web site defacers would face life imprisonment without the possibility of parole under legislation proposed by the Bush Administration that would classify most computer crimes as acts of terrorism.
The Justice Department is urging Congress to quickly approve its Anti-Terrorism Act (ATA), a twenty-five page proposal that would expand the government's legal powers to conduct electronic surveillance, access business records, and detain suspected terrorists.
The proposal defines a list of "Federal terrorism offenses" that are subject to special treatment under law. The offenses include assassination of public officials, violence at international airports, some bombings and homicides, and politically-motivated manslaughter or torture.
Most of the terrorism offenses are violent crimes, or crimes involving chemical, biological, or nuclear weapons. But the list also includes the provisions of the Computer Fraud and Abuse Act that make it illegal to crack a computer for the purpose of obtaining anything of value, or to deliberately cause damage. Likewise, launching a malicious program that harms a system, like a virus, or making an extortionate threat to damage a computer are included in the definition of terrorism.
To date no terrorists are known to have violated the Computer Fraud and Abuse Act. But several recent hacker cases would have qualified as "Federal terrorism offenses" under the Justice Department proposal, including the conviction of Patrick Gregory, a prolific web site defacer who called himself "MostHateD"; Kevin Mitnick, who plead guilty to penetrating corporate networks and downloading proprietary software; Jonathan "Gatsby" Bosanac, who received 18-months in custody for cracking telephone company computers; and Eric Burns, the Shoreline, Washington hacker who scrawled "Crystal, I love you" on a United States Information Agency web site in 1999. The 19-year-old was reportedly trying to impress a classmate with whom he was infatuated.
The Justice Department submitted the ATA to Congress late last week as a response to the September 11th terrorist attacks in New York, Washington and Pennsylvania that killed some 7,000 people.
As a "Federal terrorism offense," the five year statute of limitations for hacking would be abolished retroactively -- allowing computer crimes committed decades ago to be prosecuted today -- and the maximum prison term for a single conviction would be upped to life imprisonment. There is no parole in the federal justice system
Those convicted of providing "advice or assistance" to cyber crooks, or harboring or concealing a computer intruder, would face the same legal repercussions as an intruder. Computer intrusion would also become a predicate offense for the RICO statutes.
DNA samples would be collected from hackers upon conviction, and retroactively from those currently in custody or under federal supervision. The samples would go into the federal database that currently catalogs murderers and kidnappers.
Civil liberties groups have criticized the ATA for its dramatic expansion of surveillance authority, and other law enforcement powers.
But Attorney General John Ashcroft urged swift adoption of the measure Monday.
Testifying before the House Judiciary Committee, Ashcroft defended the proposal's definition of terrorism. "I don't believe that our definition of terrorism is so broad," said Ashcroft. "It is broad enough to include things like assaults on computers, and assaults designed to change the purpose of government."
The Act is scheduled for mark-up by the committee Tuesday morning.
information is immaterial
All those that detect and report security flaws in systems are terrorists because they comunicate these details to the Crackers (accidentally, but what does that have to do with it?).
Bummer...
-- Hofstadter's Law: It always takes longer than you expect, even when you take into account Hofstadter's Law.
"However, scrawling "I love you Crystal" or some such on some web page is not terrorism."
Water Tower taggers of the world unite!!
Cave, wreck, and deep diver.
Canada, here I come!
Computer innovation, that was mostly done via tinkering and actual analysis of the way things work, is DEAD. People having fun brining down systems because apparently selling underware on the web is of utmost importance for american nation. Think this is blessing for sysadmins? No. Now coprations don't need teams of sysadmins
maintaning security and stability of the site. As long as they can blame service collapse on some script kiddie with large sack of lawyers, they will do that.
Script kiddies are irratation to internet community nothing more, serious hackers are of a thread to real corporations, but often they don't include in their budgets a REAL security teams that have hands on experience with hardening kernels, but rather hoards of mathematitionas analysing flowchars. Now its gonna change. Lawyers will replace security teams, and sysadmins role will be installing new software, and tracing connections to nearest point where lawyers will be deployed.
This is hot headed measure that will damage internet environments and synergy they are in now. It will focus security of reprimand not of real safety of systems.
I hope Ashcroft goes to HELL. Oops I already sound like whitetrash Bush family....
Does recommending LINUX count? Does Criticizing Windoze insecurities count? What about BugTraq?
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
Microsoft regularly gives advice to hackers with this thing called the Knowlege Base.
They even have a program (IIS) that aids hackers in break in attempts.
Their new advertisement advocates the destruction of buildings.
This is clearly one of the worst terror organizations
The US and it's allies must take action
134340: I am not a number. I am a free planet!
Well I agree hacking is a crime. I think it should be classified by different areas. Like people nosing around public computers shouldn't get 20 years in jail, but military computers, .gov sites, sure I can understand that. Selling information about companies, sure that's bad. But I don't think most hackers should get more time then some murders and other violent crime criminals. That is just silly. Virus writers on the other hand, we can just hang them.
Just my thoughts on the subject.
This could be a big day for the fight against script kiddies. :)
-----
So now if script kiddi3s in the US, decide to deface chinese websites, the Chinese authorities could legitimately, accuse the US of harboring Terrorists???
- Tempestdata
So it's terroristic to provide advice to a hacker. Hmm. So that would make
:P
Comp-sci professors/students
Entire IT departments
Teachers
Parents
publishers
bookstores
helpdesk services
etc
liable. That Ashcroft guy is smoking some really bad shit. Does anyone remember that he lost mississippy gubernatorial election to a DEAD man? That's how popular he is at home. Excuse my while I go out and puke
Maskirovka
Eye no i cant spill:P
Let's all remember that this guy lost an election to a corpse, please.
Seriously, I'm afraid that this line of reasoning is only going to continue under the Bush administration.
Anyone who violates the conservative faction's very narrow definition of legality and morality is going to face harsher and harsher penalties. It's the 'hackers' right now. I'll be charitable and say that that means anyone who illegally breaks into a computer system or network. It will be expanded in the very near future to include anyone who violates non-circumvention clause of the DMCA. Seriously, how far are those two apart?
It can be reasonably argued that violating copy protections will put illegal technology or information in the hands of terrorists.
The logical progression is pretty evident from that point on. Anyone caught breaking a copyright will be targeted, and then anyone who illegaly owns copyrighted material will be targeted.
Hmmm... I wonder if I should encrypt the stash of Anime fansubs on my HDD. Wait, encryption is going to be illegal to! I'm a terroist either way!
Congress will just keep passing laws to give Bush and Ashcroft what they want in the name of 'National Security'. Don't think for a second that they won't.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
We will rise up, and wipe the world of all those infidel non-computer freaks. For our faith in the inane and bloody, we will be granted into the highest form of life, T1 connections!
Bye!
This act and the DMCA are eerily similar. Both seek to address particular historical circumstances and events (e.g. Napster, terrorist attacks). Both sets of circumstances are genuinely complex and problematic. And, in both cases, there were already perfectly adequate laws more general laws which address the particular situation. We already have laws to address copyright violation, and we already have laws to convict violent criminals, spies, and yes...even hackers.
The DMCA and all these supposedly anti-terrorist laws, past and present, take a terribly backward approach to lawmaking. The best laws, like the best software, succeed on minimality and generality. Witness the excellent US constitution, which has been extremely effective considering how long it's been around. The constitution uses very broad terms -- "life", "property", "punishment", "vote" -- and very few specific terms. (Some parts are quite specific, like the quartering of soldiers bit. They seem very quaint now.)
Laws, like software, tend to break if they are designed in specificity but used in generality. The trouble with these new laws is that they create all kinds of special cases and extra circumstances designed for a particular moment in history, which we'll have to support for decades or even centuries. The new terrorist laws, in a way, are like the 640k RAM limit -- they seem good enough for now, but in the future, they'll cripple and break all kinds of things.
The difference is, in this case, it is our fundamental freedoms that are being to get crippled and broken. As always, please please please call your representatives and give them a piece of your mind. They are under a lot of pressure right now, and they need to hear from sensible people.
A few people lose a bit of money because some company had a security flaw that they didn't feel like taking care of and made the absurdly stupid mistake in the first place of storing CC info for themselves. Seems like the company is almost as much at fault as the cracker. Still, for many credit card companies, if there are charges on your account that you obviously didn't make, then you only pay a nominal fee, like $50 or something. If the cracker has also monitored your behaviour enough to only make the same purchases that you make... well, then your just screwed, lol. The crime here is somewhat severe, but the effects of the crime are hardly severe at all to the end user.
It will be interesting to see how soon all religion is stomped out because of a few off the wall psycho's who think that random acts of death and destruction without announcing intent to do so is a good thing for their religion. At that point, God be merciful to us all...
Before everyone starts running around screaming Orwellian doomsday and the death of civil liberties, please remember that we still live in a country where there are courts, due process, trial by jury, and plain ol' common sense.
No one is going to get thrown in the Gaol for scribbling on the Jennifer Aniston Shrine or for lifting someone's Yahoo username and password in a chat Room.
You ARE in trouble if you hack into DoD systems, steal credit cards, or try to move a lot of money around anonymously, and rightly so.
Please go back and read the Bill of Rights (for you Americans out there) and remember that there are 9 wise souls in Washington who do nothing but think about this stuff all day.
davejenkins.com |
Buy a clue, folks. The proposed legislation says nothing about HACKING. It is about computer CRIMES. Unauthorized entry into a system for stealing info. Web site defacement. Virus writing. These are CRIMES, and finally someone is coming up with legislation that has the teeth to properly punish the worthless waste-of-protein creeps who do these things.
This is a GOOD thing!
(And for the record, in the good ol' days before the proliferation of script kiddies and commercial SPAM, i.e. pre-90's, there was no distinction between hackers and crackers. That semantic distinction is a rather recent piece of revisionist computer folklore.)
*** Quantum Mechanics: The Dreams of Which Stuff is Made ***
Most courts have ruled that changing the statute of limitations on a crime is a violation of the prohibition on ex post facto laws under the third reasoning. Other courts have said that if the statute of limitations in effect at the time the crime was committed has expired, a new statute of limitations may not be applied. These courts allow the statute of limitations to be extended if it has not yet expired when the new statute is passed.
Either way, the language of this law is obviously ex post facto and is unlikely to stand in court.
Is everone infected with Code Red a terrorist?
Silly huh? Well, people thought it was silly to say that the attack would be used as an excuse to abridge our rights further.
Fight Spammers!
This isnt just an erosion of personal liberty, this is an avalanche. Consider how loosely terrorism can be defined and how closely it seems to parallel sedition.
Band's proceeds from Rage Against the Machine album sales? "They're mine now," sayeth Uncle Sam, "Your lyrics are obviously inciting acts of terrorism, and thus you are complicit."
Where is John Galt when we need him?
Somewhere, something incredible is waiting to be known. -- Carl Sagan
Here's the actual bill: http://www.eff.org/sc/ashcroft_proposal.html. Instead of getting it second-hand from a news source that puts its own spin on it, why not make the judgement for yourself.
Ashcroft wasn't a member of Congress -- so it could not have been HIS bill, unless the US govt workings changed since I last checked. He may be pushing for it, but someone else wrote it and sponsored it.
There's 10 types of people in this world, those who understand binary and those who don't.
Does 2600 magazine qualify as an organization that gives advice to hackers, and would therefore be classified as a terrorist organization under this new bill?
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Unfortunately, I can't read the actual article, because securityfocus is /.ed, so I'll have to go by the summary.
/me breaks out my copy of the US constitution...
abolish the statute of limitations for computer crime, retroactively...
From Article I, section 9, paragraph 3:
"No Bill of Attainder or ex post facto Law shall be passed".
Ex Post Facto refers to laws having a retroactive effect, for those of you wondering.
So, as always, IANAL, but this sure doesn't sound constitutional to me.
Basically, if this were to be passed, it would tell the public that cracking/hacking is considered to be worse than murder. They even go so far as to say that giving advice to a cracker/hacker can yield life in prison! Is it just me, or is something seriously wrong here? I could go off and murder somone and receive less of a punishment than someone who defaced a website, resulting in a few hours of repairs by the administrator and the fixing of a securty hole. I'm sorry, but that's just not right.
I do see some logic behind this.. A dedicated hacker with a malicious streak can do a LOT of damage, and had a few beew working in concert with the terrorist attacks of 9-11, much of the country could easily have been thrown into chaos..
That said, I see this as the same variety of short-sighted legislation that brought us the DMCA, only this time we also get an extra layer of reactionism on top, creating new law that is both far too broad and FAR too severe.
This proposal appears to make no distinction between website defacement (the rough equivalent to tagging a wall somewhere IMHO) and majorly disrupting traffic through DoS attacks or releasing a virus. (admittedly much more serious stuff) And LIFE in prison? More than many violent criminals recieve? Did the Krull invade while I wasn't looking?
Looking at the abolished statute of limitations, I wonder if Mafiaboy will be getting a knock on the door soon.. I wouldn't be surprised if a few of the higher profile groups (2600, most likely) got some trouble out of this too..
It looks like Katz was right..
I think the administration is barking up the wrong tree with this law. It seems to me that existing laws are fine for punishing terrorists. It's not as if these people were in jail for terrorism before and got out too early or something. Instead, the WTC disaster represents a failure of american intelligence, and possibly, american foreign policy in the middle east.
Does anybody really think these attacks wouldn't have happened if this law was in place before?
Hackers are criminals. Shroud their actions in whatever noble cloak you want, the bottom line is that hackers break the law and if the penalty is tough, then too fscking bad. If the laws are wrong, then make enough noise to get them changed. Like it or not, the attitude that "I don't like the law so I am not going to follow it" will do nothing to help the situation. Far from it. It will make it harder to make it any better.
This is like declaring a law that any attack with a knife is a terroristic act. People just fear what they don't understand. Fortunatly people understand knives, or we all would be registering our kitchen utensiles.
love is just extroverted narcissism
I feel sick,
and trying to understand the changes by the act is not helping.
It's that time of year again, time to post a slashdot rant.
What was the topic again?
Oh yes, hacking does this count?
"Oh no, not again"
We do not harbor terrorists!
Am I dreaming or is this country really THE America?
If programs would be read like poetry, most programmers would be Vogons.
We are worried about it because it's not crime!
In fact- security crackers should be given medals, and heralded as heroes doing an important public service: finding bugs in computer systems.
Now as for people who try to steal money by using other peoples credit card numbers, etc: THERE ARE ALREADY LAWS FOR THAT!
Another thing John Ashcroft is violently opposed to is pot. He wants life terms for growers.
He must own stock in companies that build prisons...
What happened to:
"...and God made all the plants for Man to use?"
Who did what now?
Where disrupting business is a crime equivalent to murdering thousands.
And the recording industry was happy because they convinced people that unauthorized duplication was somehow equivalent to theft of property or stealing from ships on the high seas. Well, I think this tops that!
I think the USA should just take a tip from the Taliban and make all crimes punishable by death or corporeal punishment.
And the message is clear. If you're a high school student thinking of hacking a bank web site and stealing credit card numbers, forget it, KILL THOUSANDS OF PEOPLE INSTEAD! You'll get the same punishment anyway, so do something more stylish!!
"...and increase the maximum sentence for computer intrusion to life in prison"
Somebody really needs to put this in perspective... life senteces are given to serial killers, murders, rapists and peadophiles, not skr1pt k1dd13s
So what exactly IS hacking according to the ATA?(how ironic, it's a acrynoum, for a computer term) Seriously, how long before the DCMA is included in this? Will I face federal prosecution for telling a friend about gnutella because the program can be used for illegal stuff? Could CmdrTaco and CowboyNeal be dragged from their homes at 6 in the morning and sent to jail because Slashdot had posted a story that talks about the Microsoft security problem of the week, since that could be concieved as giving advice to hackers? I am writing my senators about this asking them to reject the overly broad terms of the ATA and computer 'hacking'. I hope a number of you do the same.
-Henry
"Useless organic meatbag" -HK-47
So therefore, one shouldn't complain about bad laws? How can bad laws possibly get changed if no one complains? How will we stop even worse laws from being passed?
I would have to say that this is a textbook example of why American citizens must be very reluctant to grant additional powers to law enforcement. By redefining everything as a terrorist activity he makes a land-grab for all manner of unconstitutional powers.
I don't have to tell you people what to do - the EFF site has it all - but have you notified your friends, family, coworkers/fellow students?
~Religion is O.K., as long as it gets you laid.
Typical slashdot... over-reacting with a
worse-case scenario, and assuming that the
resources exist to "target" every hyper-geek
on the planet. Tell it Mulder and Scully,
not someone who has fewer friends alive since
9/11/01.
The wide powers being sought are very specific
in intent, and I expect, application.
While the MAXIMUM penalties for cracking may
increase, one can safely assume that script-kiddies
are not the focus of these "enhanced" laws.
There are not enough Feds, not enough hours in
the day, etc. etc.
In fact, one can see how techno-legal resources
will soon be re-focused and triaged
to point away from the usual "cracking"
foolishness, and toward more subtle activities.
That's another "typical slashdot move" - ignore
the actual POINT, which is that crackers are
likely to become a law-enforcement non-issue
for all but the most serious incidents.
Science is the art of infallibility, perpetrated upon non-scientists
Crime is crime, yes, but the punishment should fit the crime. Adding a few words to a web page as a publicity stunt should not be punished in the same manner as multiple homicide, or armed robbery, or collaborating on a terrorist attack.
I suppose you'd feel comfortable in a society where the judicial system lopped off criminal's bodyparts, as well? Or caned you silly? No thank you. As it is, I think prison should be for VIOLENT OFFENDERS ONLY. There are many ways to pass a sentence on non-violent offenders, without prison, and without impacting society in such a heavy-handed legal and financial way.
--ksw2
It seems that the US government wants to define any action that might invoke fear as "terrorism". They may have a semantic point, but that's really about it. Ashcroft is trying to "broaden" the meaning of the word "terrorism" to include things that really aren't. What about rape? Murder? Burglary? Any one of these usually cause far more fear and "terror" than any computer-related crime.
The point of this rant is - Where does crime stop and Terrorism begin? Why are computer crimes so much more global, more terrorist than any other crimes that they have to be included in laws like this one?
Can anyone tell my why this is "terrorism"?
Last post!
MUST?????
While there are many things in life that I MUST do, obey the law is not one of them. I think you're a bit confused about the meaning of the word must. Eating is a must, breathing is a must, doing what the state tells me to is not.
Lee
Muslim community leaders warn of backlash from tomorrow morning's terrorist attack.
Stop the damned civil rights whining
Why? Whining is about the only right we'll have left if Ashcroft gets his way.
Any crime is bad
Wrong. The 'American Revolution' was against the law.
Do you think it was bad?
while it is law you must obey it
Wrong. I don't have to do anything. I can pee in my neighbors gas tank, I can kick his dog, I can fill cans of Starkist tuna with lye and return them to the shelf at the grocery store, I can steal lollipops from small children, I can burn the flag, I can buy a AR-15 rifle with scope and sit on top of 75 Wall Street and gun down lawyers as the come to work.
I just have to deal with the consequences when I am done.
As for the consequences of the DMCA, well, fuck them. I don't seriously think the MPAA is going to sue me for copying Kenshin episodes to my hard drive so I can swap the DVD-ROM for the second battery. In 1940's Germany it was the law to round up and gas Jews. Am I supposed to sit idly by while people I know are killed?
While we're at it, how about death penalty for Flash ``developers''? I know it's totally unrelated, but these Flash intros are tens of times more annoying than web page defacements. Thank God Konqueror doesn't come with the plugin installed.
Join the NFSNET. Our prime goal is making little numbers out of big ones. http://www.nfsnet.org/
I bet you never jaywalk, or drive over the speed limit, or remove the tag from your mattress. Must be tough being you.
If you mod me down, I will become more powerful than you can possibly imagine.
just about the right.
,ask questions later!!
as in right of center politics!
and anyone known to eat granola is a pinko!!
get their dna
that way they can sell or clone their dna!
after all criminals make great soldiers!
cloning deviants for terror jobs is important
{remind me to watch soldier w kurt russell again}
have you noticed how america and its allies
were not on the list of known countries that support terrorism
even though hussien, bin laden and noriega were all trained by the CIA!!!?
what a farce all this is
if it wasnt for the fact thousands
were killed and hurt it would be
laughable!
goodbye terrorists.
hello McCarthyism.
um neo-McCarthyism. that is!!
times have changed but
keeping your citizens down isnt new at all
any excuse to take away freedoms
and replace with 'security'
just look at the black panthers or the weathermen
oh yeah mr l johnson took care of them
{mostly be introducing pure Heroin [tm bayer co] into the market}
those that slip through get conveinently placed into prison !
then again america has the greatest percentage of political prisioners per captia anyhoo
so get ready lefties, we'll be labelled 'terrorists' too .
back in the day we didnt have no old school
And people thought the laws regarding the War on Drugs were horribly unbalanced, you ain't seen nothing yet! At this rate the free world won't even be able to piss without someone watching for "un-american" activities.
Segregation used to be a law too. The point being that if you think a law is wrong, you try to get it changed. Y'know, civil disobedience, lobbying, "The price of freedom is eternal vigilence" and all that..
OK Guys, don't tell anyone, but there is a huge exploit in IIS involving unicode and mischevious urls..
*DOH*
Ok, CIA/FBI/NSA/Whatever, I'm fairly sure I've broken the law by helping potential terrorists hack your boxes. Book me, and while you're at it, nail that nimdba virus aswell, I'm pretty sure he's crack- I mean hacking...
No, actually I do the first two of those things quite a lot. But I've never felt the need to remove the tag from my mattress.
This space intentionally left blank.
Anyone making life easier for a "hacker" (cracker) could be sentenced to life without parole?
Bill Gates had better pack his bags now! ("... the most cigarettes.")
Stupid job ads, weird spam, occasional insight at
Allot of hacks happen because companies have bad security. If there was an out-break of bank robberies that happened to coincide with most banks switching to a new type of vault called MS-Safe(tm) then the police would advise them to improve security.
You should be able to do whatever you like in your own home (or endangering lives), with your own computer, as long as your not accessing another machine outside your house with out permission. That means cracking DSS, eBook and anything else - If these people can't produce a decent system (eBook cp system would never work anyway) then thats their problem.
This comment does not represent the views or opinions of the user.
...force convicted hackers to give the government DNA samples...
All he has to do is save what comes out when he gets done blowing me. All the DNA he can use.
Writers imply. Readers infer.
...or is securityfocus.com one of the slowest, ugliest websites anywhere?
"that's not encryption - it's a new perl script that I'm working on..." - from some Matrix parody
Define "For A While".
Once enacted, this will not be easilly turned around.
For a while: When they got Bin Laden? Don't think so, more fanatics like him out there.
-=- I heard rumours about an OS called "Social Life", heard of it? Is it stable? -=-
I just want to know as anyone found any evidence of terrorists using anything "high tech" for WTC?
The highest tech I have heard of is using email at Kinko's.
But jaywalking is against the law, and driving over the speed limit is against the law, and as long as they are, you MUST obey the law.
If you mod me down, I will become more powerful than you can possibly imagine.
I'm not saying that the DMCA shouldn't be changed/repealed simply because it is law. I'm saying that is should be obeyed while it still is.
This space intentionally left blank.
i mean vulgar of course... :)
so much for the funny
Between advising the public of a vulnerablity and aiding and abetting criminal crackers? Is securityfocus.com going to have to shut down because they discuss vulnerabilities?
--Peter
While some of you may blithely blame Microsoft, Red Hat, or other software vendors for producing buggy software in the first place, it is a fallacy to do so. I doubt any of you could work on a piece of software as complex and elegant as IIS without letting a few bugs slip through QA once in a while. It should not even be necessary to check for exploits in software; hackers shouldn't be trying to hack server software in the first place. The people who do this must be tracked down and brought to justice before they can wreak havoc on the Internet. Holding our software vendors, the heart of the new economy beholden to such unnecessarily high software quality standards, only decreases their productivity and cause time that could be better spent innovating to be wasted on fixing problems that are only there because of hackers. Eliminate the hackers, and software technology will be able to progress much faster than ever before.
We should call out for vengeance upon the hackers who disrupt the Internet just as much as we call out for vengeance on real terrorist. Deterrence is the only way to keep the Internet safe for businesses and people to use. John Ashcroft and the entire Bush administration are clearly working in the best interests of Americans now and in the future with this new legislation. Instead of complaining, we should be celebrating the eve of a hacker-free Internet.
Loneliness is a power that we possess to give or take away forever
If it's retroactive, then the U.S. ought be treated as we're looking to treat Afghanistan for harboring our terrorist-hackers.
After I have received the wisdom of good teaching, I will untiringly teach all people. - The Teachings of Buddha
The US government does not understand computer technology enough to prosecute fairly in the case of cracking crimes. This is dangerous indeed, for their misunderstandings can lead to some pretty severe injustices.
It's still stupid though.
Any crime is bad! That includes computer crime!
So if I crack your server and put MATTY RULEZ!! on your web page, I should go to prison for life? The point is we already have laws against this type of thing. In my opinion, this flies in the face of the basic Republican argument that we need less government and not more. Republicans constantly make this argument with respect to gun laws (and I happen to agree with that).
The DMCA may be evil, but while it is law you must obey it!
Bullshit. A bad law is a bad law. Many people drank alcohol during Prohibition because they knew it was a bad law and also because they knew they were otherwise law-abiding citizens and having a beer after work definitely wasn't a crime.
Computer crimes are crimes, but I shouldn't be sent to jail for life because I cracked and copied a DVD so I could take it on a trip, saving the original at home in case the one on my trip got damaged. The actual crime should be illegal, like breaking into the FBI and stealing info, or cracking a DVD to sell them to people, or to simply get the movie without paying for it.
It is truly sad, IMO, that the current administration is using this horrible tragedy to further political and corporate goals under the guise of "protecting us". Don't get me wrong, even though I didn't vote for him, I fully support the Bush administration in this war on terrorism. But that doesn't mean they get carte blanche with me to do whatever they want.
um, civil disobedience was what? wrong? Ghandi didn't obey the law, civil rights workers didn't obey state law in the 60's in the South, draft dodgers didn't obey the law. I think there are perfectly justifiable reasons to DISOBEY the law. Republishing the DeCSS was against the law but tons of people did it. Law isn't always right. It used to be against the law for women to vote. Law is an evolutionary thing, and sometimes it takes some judicious law breaking to get things right.
http://news.cnet.com/news/0-1005-201-4376193-0.htm l
Why is it that many people who claim to support standards have such atrocious spelling and grammar?
I really wish that I had mod points to mod you up. But please keep in mind that it's sometimes very hard to prove that you had only good intentions when you were posting an exploit to a mailing list after some bastard uses it to blow up a shopping mall before Christmas.
thats what should happen to put an end to all this..Let millions of people voluntarily break the laws
Learn from the Mahatama .
Feel free to concat me with all your troubles...
interesting tid bit that wasn't mentioned:
... ... ... is amended by striking the following each place it occurs: "Provided, That none of the funds available to the Immigration and Naturalization Service shall be available to pay any employee overtime pay in an amount in excess of $30,000 during the calendar year beginning January 1, 2001:".
SEC. 503. LIMITED AUTHORITY TO PAY OVERTIME.
The matter under the headings "Immigration And Naturalization Service: Salaries and Expenses, Enforcement And Border Affairs"
Looks to me that the Govt is saying "if we cant hire more staff, let's work 'em to death and give them time and 1/2 to no limit"... how many people here actually read the bill? I did...From reading the comments it looks like most posters take the 'heresay' from the original post and flame off that..
Appended to the end of comments you post. 120 chars.
It is obvious that Phil Zimmerman by refusing to consider placing government back-doors in his PGP software is willfully aiding terrorist activity and thus based on this proposed legislation should be locked away for life for his crimes against civilized society.
Jon Johansen should immediately pack his bags and disappear to someplace like Argentina due to his work in the massively damaging DeCSS virus.
This is just absurd. Will it survive? Is it just FUD? What the fuck is happening in this world? Where to run? Where to hide? The only option would seem to be Antarctica.
OTOH, worms like Code Red and Nimda will rapidly continue to evolve and become more and more damaging and something very strong will have to be done at some point to check this exponential evolution of worms and distributed DoS attacks if we want the Internet to continue to exist.
--
$ chown -R us:us yourbase
No, the government isn't that crazy. MS won't be held accountable, because flight schools were those people trained weren't held accountable and people who gave them a place to live weren't held accountable. The only way you can be held accountable is if you knew their intentions to begin with and helpded them anyway.
What you're saying is that smart people like him, who sometimes use a little poor judgment, should be given life sentences in prison? You're saying that was Randall did is on the same level as murder?
The middle mind speaks!
Did anyone else notice that this bill was originally called the "Mobilization Against Terrorism Act (MATA)?"
Matar is the spanish verb "to kill". The conjugated form, mata, means he/she/it kills.
Intentional? Conincidence? Horrible irony? I don't know. I wonder if that was the reason the name was changed.
-Derek
Testifying before the House Judiciary Committee, Ashcroft defended the proposal's definition of terrorism. "I don't believe that our definition of terrorism is so broad," said Ashcroft. "It is broad enough to include things like assaults on computers, and assaults designed to change the purpose of government."
Seems like this bill needs to be broadened to include itself and John Ashcroft, both of whom seem hell-bent on changing the purpose of government.
Edith Keeler Must Die
Harboring or providing advice to a hacker would be terrorism as well
Hmm... So if you socially engineer some dumb secretary, they're gonna be your cellmate as well?
Just a thought...
I Think the government is going too far, and before you know it, there are gonna be loopholes for the crackers, and the hackers are gonna get screwed.
Judiciary Committee List
Name, party, state, phone, fax, e-mail.
James Sensenbrenner, Chair, R-WI, (202) 225-5101,(202) 225-3190,sensen09@mail.house.gov
Henry Hyde, R-IL, (202) 225-4561, (202) 225-1166.
John Conyers Jr., D-MI, (202) 225-5126, (202) 225-0072,john.conyers@mail.house.gov
George Gekas, R-PA, (202) 225-4315, (202) 225-8440, askgeorge@mail.house.gov
Barney Frank, D-MA, (202) 225-5931, (202) 225-0182
Howard Coble, R-NC, (202) 225-3065, (202) 225-8611, howard.coble@mail.house.gov
Howard Berman, D-CA, (202) 225-4695, (202) 225-3196,Howard.Berman@mail.house.gov
Lamar Smith, R-TX, (202) 225-4236, (202) 225-8628
Rick Boucher, D-VA, (202) 225-3861, (202) 225-0442,ninthnet@mail.house.gov
Elton Gallegly, R-CA, (202) 225-5811, (202) 225-1100
Jerrold Nadler, D-NY, (202) 225-5635, (202) 225-6923, jerrold.nadler@mail.house.gov
Bob Goodlatte, R-VA, (202) 225-5431, (202) 225-9681,talk2bob@mail.house.gov
Bobby Scott, D-VA, (202) 225-8351, (202) 225-8354
Steve Chabot, R-OH, (202) 225-2216, (202) 225-3012
Mel Watt, D-NC, (202) 225-1510, (202) 225-1512, nc12.public@mail.house.gov
Bob Barr, R-GA, (202) 225-2931, (202) 225-2944, barr.ga@mail.house.gov
Zoe Lofgren, D-CA, (202) 225-3072, (202) 225-3336, zoe@lofgren.house.gov
William Jenkins, R-TN, (202) 225-6356, (202) 225-5714
Sheila Jackson Lee, D-TX, (202) 225-3816, (202)225-3317, tx18@lee.house.gov
Christopher Cannon, R-UT, (202) 225-7751, (202)225-5629, cannon.ut03@mail.house.gov
Maxine Waters, D-CA, (202) 225-2201, (202) 225-7854
Lindsey Graham, R-SC, (202) 225-5301, (202) 225-3216
Marty Meehan, D-MA, (202) 225-3411, (202) 226-0771, martin.meehan@mail.house.gov
Spencer Bachus, R-AL, (202) 225-4921, (202) 225-2082
William Delahunt, D-MA, (202) 225-3111, (202)225-5658, william.delahunt@mail.house.gov
John Hostettler, R-IA, (202) 225-4636, (202)225-3284, john.hostettler@mail.house.gov
Robert Wexler, D-FL, (202) 225-3001, (202) 225-5974
Mark Green, R-WI, (202) 225-5665, (202) 225-5729, mark.green@mail.house.gov
Tammy Baldwin, D-W, (202) 225-2906, (202) 225-6942, tammy.baldwin@mail.house.gov
Ric Keller, R-FL, (202) 225-2176, (202) 225-0999
Anthony David Weiner, D-NY, (202) 225-6616, (202)226-7253
Darrell Issa, R-CA, (202) 225-3906, (202) 225-3303
Adam Schiff, D-CA, (202) 225-4176, (202) 225-5828
Melissa Hart, R-PA, (202) 225-2565, (202) 226-2274, melissa.hart@mail.house.gov
Jeff Flake, R-AZ, (202) 225-2635, (202) 226-4386
I've had enough abrasive sigs. Kittens are cute and fuzzy.
I doubt this bill would give me that and I'm not willing to pay the price asked even if it would. Uncle Sam will make his own definition of "protected computer" and it aint me. Enforceability? What a joke. Why should I trade non existent protection for further erosion of the security of my property, papers and personal effects from unreasonable search and seizure?
Anger and vengence are poor advisors and they make bad laws. This set of laws are hyserical.
Friends don't help friends install M$ junk.
It takes TEN letters (dead tree letters, email gets deleted immediately) for a Senatorial office to open an issue. TEN. (According to Illinois Senator Dick Durban.) And regardless of the advertising and commercials that politicians raise huge war chests to fund, on election day it is YOUR VOTE that decides who ends up in DC. (East Coast, you have no say over the West Coast one.)
I'd like to issue a call to everyone who posted something modded up to 3 or above: Write a letter to your representatives with the same level of intelligence and Interesting/Insightful content. Write it once and send it three times, once to your Congressperson, and once to each Senator. Fax it if you'd prefer. (Snail mail and fax are what they like the most.) Keep it to one page. Reference the Constitution. Refer to yourself with your most impressive title. (Professor, Ph.d, Senior Engineer, Graduate Student, Independent Developer) and as a registered voter. In the name of the Tux do not tell them that you don't vote, even if that's the case (in which case you should be ashamed of yourself). Then when the next election rolls around, ignore the commercials, take an hour to do your own research, and vote for the candidate that did not support revoking the 4th Amendment and violating Ex Post Facto. It works. (See also: Former Senator Alan Dixon)
For those of you in countries outside of the US, the same applies to you. The Canadian, British, Australian, French, German, etc. governments are all popularly elected as well. (At least the active parts of the British government, anyway.) Politicians are the same everywhere. The same tactics apply. Use them. If you don't, you have no one to blame but yourselves.
--GrouchoMarx
Card-carrying member of the EFF, FSF, and ACLU. Are you?
Of course Congress is also showing quite a bit of reason in the face of Ashcroft's demands, too, so maybe calmer heads will prevail. Though I tend to be a glass-is-half-empty kind of guy when it comes to such things.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
John Ashcroft announced today that the NSA has devised a fool proof deterance to E-terrorism. The new method is called Security-Through-Imprisonment, or STI.
The premise of STI is that civilian and military systems dont need to be secured, but instead laws need to be put in place that will require life sentances for so much as a failed telnet login attempt.
In response to our questions Ashcroft had the following statement: "Everyone is aware that securing Microsoft products is as futile as the war-on-drugs(TM), so we decided that rather than attempting to fix the systems - we will just send these E-Terrorists to prison for life for their crimes against Freedom(R). It is important for us to protect-our-children's(TM - H. Clinton) future in the wake of this terrible tragedy. Our new policy is called "If you cant do the right thing, then just do something"
If the hacker attended university, go after the professors. If he/she were self taught, go after the authors of whatever computer books they might have. Scary.
JET Program: see Japan, meet intere
hijack a jet with a computer program? Get it?
These comments are about crime, but Ashcroft is about terrorism. How many hackers have killed people? Let's not get offtopic here. Ashcroft sounds like a paranoid lunatic! There is absolutely no parallel between hacking and the WTC attack. This is just another right-wing attempt to use the tragedy to push their agenda (see crypto stories, face recognition...)
It's not only unjust, it's an outrageous political manuever whereby Ashcroft wants to capitalize on the deaths of thousands of innocent people. I'm sickened.
* Please do not read my signature.
You need to grow some balls and learn to oppose some things that just "aren't right."
heh -- coming from an Anonymous Coward.
Time to pay for some more lawyers and get ready for alot more "authorization" forms..
As for your highway argument, keep in mind that bad drivers account for 300 deaths yearly in Florida alone, due precisely to lenient driving laws. While a few hundred may seem petty, keep in mind that if you proportion that number to the entire population of the United States, nearly 10,000 people die yearly from poor driving. Perhaps stricter laws would help, after all.
Loneliness is a power that we possess to give or take away forever
Where does he get off putting us in the same group as these bastards? Its one thing to something for your own knowledge that does doesn't hurt anyone (and whats his idea of "hacking" anyway") and something completly different to kill hunderds of inocent people. Personally if it wasn't for hackers the internet wouldn't be as widespread as it is today. Its scary how much the masses are under-educated and will believe anyone that says that hackers can get "inside your computer" (what would they take) and then support backdoors in windows that alow the NSA to have taps on you if they want (now what if someone stumbled upon that?) Personally i would like to know how the US plans to impose laws on the net. Is the US government going to send troops into say Switzerland if they find out someones been stealing the super secret Tang recipe from nasa.gov? What can we do to stop BS like this from becoming a law?
Carpe meam simiam!
Democracy is not a spectator sport. We have to get involved. Who do we write to? Who do we call? Who can we contact to see that this doesn't stand?
No, you have missed my point completely. The prevailing opinion around here is exaclty what I said: "I don't like the law, so I am going to break it". The law is being passed through the legal channels and it needs to be opposed through the legal channels.
How exactly is having a DNA sample supposed to help track down/prosecute/whatever hackers? DNA evidence is only useful when a physical crime has occurred. If Joe Cracker breaks into some server, there's no DNA left behind to compare to some national database of criminals to track him down, or help convict him. What's the purpose of it? How can they justify that?
If someone can fathom a usefulness for this, please enlighten me.
"This message is composed of 100% recycled electrons."
I guess the question is what is a hacker and who is a hacker. And who gets to define what is and isn't hacking. I know very few Lawyers with enough computer knowledge to create a law like this. And all of them have enough knowledge to know how dangerous a law like this is and therefore wouldn't create it.
Two things are infinite, the universe and human stupidity, and i am not quite sure about the universe. -albert einstein
Looks like mafiaboy is fucked after all.
Got Freedom?
Thinking?
Is that for IT support staff that have really good skills, some activity may inadvertantly be redefined by others as 'hacking'. (For example, putting a screen saver on the computers in the computer lab.)
That alone is scary enough, but now even stronger punishments, and treatment as what I am going to guess is a capital crime? Ouch. IT is looking even scarier.
(Is scarier a word?)
As David Quinn put it quite eloquently: Quite depressing, really. (The whole text can be found here, BTW)
But what can you expect when the whole world has bought into the idea that there is absolutely nothing that any one person can do to change things?
-- Shamus
Bleah!
I assume you know that *all* flight training is currently banned in the USA? Yes, that's right. If you are a flying instructor, currently *you cannot* train students.
Well, you won't go to jail. But the FAA will take your pilot's license away. If you are a pilot, that's nasty. Check out news://rec.aviation.pilots for more.
Without passing a law, without recourse to a *single* elected person, thousands of US citizens have had their source of income removed.
Well, that makes us all safe doesn't it?
So is the fact that it's a crime it all, but that doesn't stop the DMCA. It's impossible for this bill not to be passed. Congress won't kill it, because if they do, they'll appear "soft on terrorism" to the flock^H^H^H^H^Hpublic.
(Do not sign anything.) -- Fell, Planescape: Torment
OK, so this'll be flamebaited, but...
ITS ABOUT FREAKIN TIME!
I work as a consultant in a fairly small to medium sized market. I deal mainly with setting up and maintaining small companies' LANS (and Securing them) Even in this small market we have our share of Script Kiddie Lusers.. It seems like every week i have to deal with somebody's system that has been compromized because the not-all-that-bright user opens the email attatchment or file from someone on ICQ or decided that it'd be so much easier to change the access rights to C: to Full, no password.
SO i get a fair share of the not so l33t h4x0r5 tampering with machines over the newly introduced DSL system. So when i finally do track some of these punks down(and yes.. i do actually bother to try, heh)There isnt squat i can really do. And if local law enforcement does wake up and do something it'll be a slap on the wrist.
Cuz after all, they're just kids playin with the computer.
Heh, now if i could call them TERRORISTS!!! instead of the meaningless term hacker or cracker.. THAT might get some attention!
Our (U.S.ians) government has its secret agenda, which is closer to the agenda of Corporate America than yours or mine. Their media (five companies) only disseminates the information favorable to its own outcome. Welcome to the machine.
"What is the sound of one belly slapping?"
The only reason it restricts itself to only governments and military computers is that the US Gov't doesn't have jurisdiction over crimes that happen to other computers. See the interstate commerce clause in the Constitution.
.edu domains, but anything else is asking to test a very tricky boundary.
However, it's a rare computer that isn't involved in some kind of interstate commerce. Probably you're safe if you stick to the
Walt
All arguments for treating crackers like a special, would apply to any other type of criminal or suspected criminal. So why not apply the same bitchslapping against rapists, murders, etc?
This is definately a "divide and conquer" style attack. The old "they fucked x but I wasn't x so I didn't say anything .... and then they fucked me, and no one was left to speak up" applies here. Crackers are x today.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Hey, I LIVE in Canada and right about now Ireland is looking mighty inviting. Only 20 miles separate me from the US...not enough IMO!
You're using her as bait, Master!
What about those people which were defacing pro-Taliban web sites? IANAL. Would they get life under this bill? These sites would fall under interstate communication wouldn't they?
-b
Gee, this would NEVER happen under a socialist regime! Good thing most of you want to make the government BIGGER!
"Saddam Hussein cavorts with terrorists."
Just because I'm white, drive a truck, and live in North Florida does not make me a terrorist. Now you take that cracker comment back boy or else I'll hafta come after you with my frog gigin' pole.
'Same speed C but faster'
The article states that, "This act will be retroactive, so that crimes commited several decades ago can be prosecuted".
I hope Jobs and Woz are scared doo-doo-less. They used to build little Blue Boxes. These sent tones into the phone network and were able to make long distance calls for free and look up unlisted numbers. This law would make the research (sic.), which brought the two founders of Apple computer together, a crime punishable by life in prison!
"Chemestry is Physics without thought. Mathematics is Physics without purpose."
I am well aware that nearly all fingers point to Usamah ibn Laden and that Afghanistan's ruling militia, the Taliban, is possibly harboring him and his cohorts. I am also aware that we (the U.S.) are about to bomb the shit out of Afghanistan to "have closure" or "send a message" or whatever the white trash meme of the day is.
Fact: The Bush Administration gave the Taliban ~$43 million only four months ago to "curtail opium production". How much could it possibly cost, in the world's poorest country, to behead someone with the sword at your side when you catch him with opium? If ibn Laden is guilty, and the Taliban guilty of supporting him, then Bush is complicit in financing him. This is the same Bush whose inheritance grows larger every time you buy a gallon of gas.
"What is the sound of one belly slapping?"
"Something very strong," to my mind, would be a server and operating system that is not as vulnerable to these exploits as current technology (mostly M$, but anything with big gaping security holes.)
"Something very strong," would hopefully mean open-source server software and operating systems that are written as securely as the programmer is able, and rigorous testing of those servers in production environments.
I'm proud of every drop of "skull-sweat" that goes into every piece of open source software. Unfortunately, the state of the art in virus/worm technology is such that more "skull-sweat" is required to protect against them. I know that the open source community is up to the task.
Pope Felix the Scurrilous.
Computer Geek by day, religious Icon by night.
So we do everything the government tells us and nothing the government tells us not to do, and we'll be safe from the government. No kidding?
Well, when they tell me to pass the Zyklon-B, I'm going to tell them to shove it. Suit yourself.
Life imprisonment for deceiving goatsex links!
Like with the WTC thing, atleast one neighbour of one of the highjackers had been so concerned about the strange comings and goings that see phoned the CIA, and what did they do? Nothing, zip, nada, everyone is covering their arse right now by trying to pass lots of laws that look good and will punish people who do what amounts to pin pricks of damage, rather than reforming the lazy, half arsed security services over there. Over here in the UK, atleast we have had one guy, David Shayler (ex-MI5) stand up and say they are a bunch of idiots making lots of noise and not much else, hope you have someone over there who has the guts to do the same.
Any sufficiently advanced man is indistinguishable from God
Constitutionality will be questioned and laws like these, along with the careers of the idiots who propose them, will go the way of the dodo.
HobophobE
-HobophobE
Nothing laughs forever.
among several other MORONIC laws passed by grandstanding Politico's seeking reelection.
RANT
Someone needs to educate ASSCROFT, but Ghandi and Mother Theresa are both dead, and few others would have the patience to deal with a person who makes a BOX of ROCKS look gifted.
/RANT
errr....umm...*whooosh* *whoosh* Is this thing on ?
Mercantilism and we are just about there in the US.
Harken back unto the revolution, The HudsonBay company owned a bunch of TEA.
This is not the first time we've seen this kind of mercantilism, the first time was a PRIMARY motivator in the America Revolution.
errr....umm...*whooosh* *whoosh* Is this thing on ?
The only person that's getting a DNA sample from me is my wife, if you know what I mean!
The Internet is now serious business, no longer the playground of the elite hackers (or 377373 hax0rz). Any malicious valdalism of/on the net should send the creator to jail for life. These worms running around today cause billions of dollars of damage. They are not innocent pranks. Why is causing billions of dollars in damage while pulling a prank on a pyhsical object not the same as doing so on the Internet? Its time to grow up and stop idolizing hackers. It was fun in the begining now its just plain stupid.
Sorry, couldn't pass it up
Oh, and about your sig... I'm still 100 times better than you are! Woho!
--
Just lurking, thanks!
Facts:
-John Ashcroft called for terrorist assets to be seized, not just frozen. Presumably, the Gov would then be able to sell off any non-liquid assets held by terrorists.
-Anti-Terrorism act would brand hackers as terrorists.
-Linus Torvalds has publicly admitted to being a hacker.
-While of modest conventional assets, Linus is the owner of the trademark to "Linux"TM.
-Street value to an organization like, say, IBM to OWN the Linux brand (preventing anyone it doesn't like from using it) has got to be at least $1 Billion.
-Logically, the Anti-Terrorism act could force the notorious hacker/terrorist to turn over the his "Linux" asset to the Gov't for privatization sale to a 'responsible' corporate entity
-Next target: Richard Stallman's Yugo...
Piecing it together:
Sec. 2510. Definitions -
(17) ''electronic storage'' means -
(A) any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof; and
(B) any storage of such communication by an electronic communication service for purposes of backup protection of such communication; and
(18) ''aural transfer'' means a transfer containing the human voice at any point between and including the point of origin and the point of reception.
(19) `protected computer' has the meaning set forth in section 1030; and
(20) `computer trespasser' means a person who accesses a protected computer without authorization and thus has no reasonable expectation of privacy in any communication transmitted to, through, or from the protected computer.
This area relates to making it legal to listen in on computer communications. e.g., the fbi and cia under these provisions are not commiting a crime. no big deal.
On the next (big) point:
from the proposal:
1030(a)(1), (a)(4), (a)(5)(A), or (a)(7)
(relating to protection of computers),
You sited A-2, note A2 is not mentioned.
From section 1030 a1, a4, a5a, and a7 -
(http://www4.law.cornell.edu/uscode/18/1030.html)
(a) Whoever -
(1) having knowingly accessed a computer without authorization or exceeding authorized access, and by means of such conduct having obtained information that has been determined by the United States Government pursuant to an Executive order or statute to require protection against unauthorized disclosure for reasons of national defense or foreign relations, or any restricted data, as defined in paragraph y. of section 11 of the Atomic Energy Act of 1954, with reason to believe that such information so obtained could be used to the injury of the United States, or to the advantage of any foreign nation willfully communicates, delivers, transmits, or causes to be communicated, delivered, or transmitted, or attempts to communicate, deliver, transmit or cause to be communicated, delivered, or transmitted the same to any person not entitled to receive it, or willfully retains the same and fails to deliver it to the officer or employee of the United States entitled to receive it;
(4) knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period;
(5) (A) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
(7) with intent to extort from any person, firm, association, educational institution, financial institution, government entity, or other legal entity, any money or other thing of value, transmits in interstate or foreign commerce any communication containing any threat to cause damage to a protected computer; shall be punished as provided in subsection (c) of this section
Hacking Hotmail or any other communication system for fun, would not fall under this bill.
-- "The best way to predict the future is to invent it."
Death to America!
I crash truck full of Linux distros into White House!
Praise Linus!
Both are cases of Vandalism or even maybe destruction of public property because it is on the VERY PUBLIC NET. The only mitigating factor is the cost of the damage and clean-up. Why don't we enforce the laws we have, instead of pushing for new foolish ones ? Easy, because no Politician will get KUDOS for enforcing old legislation, but they will get BIG PUBLICITY for enacting new legislation in the current climate...
errr....umm...*whooosh* *whoosh* Is this thing on ?
The Mary Jane issue is the real kicker. A story came out during his confirmation process about how his two nephews were caught growing (a ton of) pot in their house, and they somehow miraculously avoided any prison time. The reporter found somebody who had done 5-10 years for growing less pot than Ashcroft's kin, and the poor guy was mad as hell--but couldn't do anything about it. The same goes for the whole country, we just let him sit up there & do sh!t like this. Who the hell likes this guy? Oh, that's right, white Christian men. But that's got to be a small minority of the entire country. Reno had her problems (letting Clinton go hog wild in campaign financing; I don't blame her for Waco or Ruby Ridge, and IMHO she did the right thing for Elian Gonzalez), but she was hated much more than Ashcroft.
:^/
Does it mean that I could be convicted if I show you how to code in Perl and show you where you can read Bugtraq??
This is the line that should concern everyone who isn't a oil baron or defense contractor:
"I don't believe that our definition of terrorism is so broad," said Ashcroft. "It is broad enough to include things like assaults on computers, and assaults designed to change the purpose of government."
I personally think the purpose of government should change. Fewer $4 billion bailouts for industries that are profitable for example...
I'm much funnier now that I'm a subscriber.
I would think that only if the caller was a known "terrorist" and the ISP knew they weren't supposed to get on the 'net.
That's the protection given for aiding. If you know they will commit the crime, then don't help.
Nitpick: it's not illegal to remove the tag on your mattress. That message is not for the end consumer.
If this is true:
"To date no terrorists are known to have violated the Computer Fraud and Abuse Act." - http://www.securityfocus.com/news/257
Then why do we need this law?
Before Attorney General Ashcroft was the Attorney General, he was a U.S. Senator from Missouri. Then along about the 2000 election he was beaten at the polls by a dead man [the challenger's widow now serves in the Senate]. Before that he was the Governor of Missouri. We were saddled with him in that position for EIGHT YEARS! The man is the stereotypical uptight, right wing Republican politician (with all the negative connotations that that entails). The man had no sense of humor whatever. Some local wags remarked that setting him in place as Attorney General at least took him out of the Senate and put him somewhere "where he can't get into mischief." So much for that...
And we should make the gaining of knowledge though legal means a crime as well? That's what this law implies. It's one small step to go from "hacking is a crime" to any "hacking related events are illegal" aka Defcon, 2600 gatherings. Or better yet, anything that is not taught by the goverment in sancitioned classrooms is a crime punishable by "life in jail".
Mashiki
--
Assholes, I'm surounded by Assholes!
--
Om, nomnomnom...
The specific sections of "computer crime" law that appear to be reclassified as "terrorist acts" appear to be only:
1030(a)(1), (a)(4), (a)(5)(A), or (a)(7) (relating to protection of computers)
Which are:
- (a) Whoever -
- (4) knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period;
- (5)
- (Interestingly, they don't seem to include B and C under this act as "terrorism", which are similar to section A, and are almost identical to each other - I have no idea why they have them. "B" says "(B) intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage;". C is word-for-word the same, except without the word "recklessly". ANy idea why they have them both?)
- (7) with intent to extort from any person, firm, association, educational institution, financial institution, government entity, or other legal entity, any money or other thing of value, transmits in interstate or foreign commerce any communication containing any threat to cause damage to a protected computer; shall be punished as provided in subsection (c) of this section.
In short, the only "computer crimes" listed as "terrorism" by this act are stealing US Gov't, Inc secrets by computer, maliciously hacking into a system with intent to steal valuables (aside from CPU cycles), and using threats of malicious computer hacking to extort.(1) having knowingly accessed a computer without authorization or exceeding authorized access, and by means of such conduct having obtained information that has been determined by the United States Government pursuant to an Executive order or statute to require protection against unauthorized disclosure for reasons of national defense or foreign relations, or any restricted data, as defined in paragraph y. of section 11 of the Atomic Energy Act of 1954, with reason to believe that such information so obtained could be used to the injury of the United States, or to the advantage of any foreign nation willfully communicates, delivers, transmits, or causes to be communicated, delivered, or transmitted, or attempts to communicate, deliver, transmit or cause to be communicated, delivered, or transmitted the same to any person not entitled to receive it, or willfully retains the same and fails to deliver it to the officer or employee of the United States entitled to receive it;[...]
(A) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
The only one that concerns me very much here is 5A - it seems like high-paid corporate lawyers could easy "prove" that for example, if 1337D00D@scriptkiddy.com maliciously hacks into www.microsoft.com and puts a link to his website on the index page, that he's obtained at least $5000 worth of advertisement...
Come to think of it, I'm a little leery of the "or exceeds authorized access" bit in (4) - if one "accesses" a computer to purchase and legally download some proprietary "protected" piece of music or video, and finds a way to convert it to a nonproprietary format for personal use, has one "exceeded authorized access" and is therefore not merely a DMCA Criminal but a full-fledged DMCA Terrorist? It's a bit of a stretch, but I think a wealthy corporation can buy enough lawyer-approved powerpoint slides "proving" this to a non-technical jury...
Hacker Public Radio is our Friend
There are frequent posts on slashdot and elsewhere about the bad laws coming out of Congress regarding computers. I know, congressmen, like the average person, is computer ignorant. But we've been going the wrong way trying to correct this. Most /. users just come complain on slashdot. Occasionally someone reminds people to write their representatives.
Writing a representative is a great idea, but what catches the attention of lawmakers more? A powerful lobby group.
We have the FSF, but it's association with GNU and Stallman make it unappealing with too many computer hobbyists. Having a lobby group that takes stands divisive within the community only divides our lobby. The power of a lobby comes from votes and money, but if a lobby group divides its community it lacks votes and money from the community.
Although I'm not really aware of any other organizations representing the computer hobbyist community that lobby Congress often, but I'm sure they're out there. Maybe the community needs to create a new inclusive organization specifically as a Congressional lobby. We could call it the American Cyber Liberties Union. Maybe not.
People: Write your representatives NOW. Find a group that represents your views and join NOW, donate some money to lobby Congress NOW. If you can't find a group you agree with, get together and form one. Don't let your views on the more controversial issues such as the GPL, open source, or browser wars or whatever keep you from making your voice heard in Congress on the issues that are widely agreed on within the community.
We have reached a time when are "cyber liberties" are coming under dramatically increased attack in the wake of the recent threats to America. We must make our voice heard NOW if we want to continue to enjoy our hobby and computers the way we wish.
I haven't read the actual text of the bill, so this might be an error in Securityfocus' reporting, but I'm awfully curious as to what the hell "politically-motivated manslaughter" might be. Accidentally decapitating someone with a protest placard?
I think I'd better move to Canada, since I'm a "dangerous terrorist/hacker".
While rapists and perpetrators of other violent crimes that do physical damage to others get off easy. God Bless America!
"You spoony bard!" -Tellah
> The DMCA may be evil, but while it is law you must obey it!
/. readers
/. because they AGREE with the founding fathers views. Namely,
*Bzzt* Wrong. Thank you for playing today though!
1) US law doesn't apply to many
2) To paraphrase Augustine's famous remark "an unjust law is really no law at all."
3) We have the moral right of civil disobediance to strike down unjust law(s).
> Why is it that every slashdot poster is some sort of liberal hippy freak?
A broad claim based on what data??!
However, there are certain liberals posting on
"The issue today is the same as it has been throughout all history, whether man shall be allowed to govern himself or be ruled by a small elite." - Thomas Jefferson
"Those who give up essential liberty, to preserve a little temporary safety, deserve neither liberty nor safety." - Ben Franklin
Cheers
Think, for example, of a technologically-adept person (much like the majority of Slashdot readership) has a job on a high-profile e-commerce site. He gets a large salary of say $80,000/yr, but also has a wife and several children to support. If his business were to be disrupted by a hacker employing a DDoS on his site, his lifeblood, then that so-called "pointless video game" could cost him his job as people are laid off to make up for the enormous losses accrued by the DDoS action. He can no longer feed his family, and with the economy in his current state, his chances of finding another job sufficient to pay the bills are slim at best. The hacker who initiated the attack effectively ended the life of this man and his family, by dooming them to trailer parks and welfare for the rest of their life. If you were this victim, would you be so willing to defend these hackers? I think not.
Loneliness is a power that we possess to give or take away forever
Why? Whining is about the only right we'll have left if Ashcroft gets his way.
<SARCASM>
Don't you know? Complaining about unconstitutional laws is the mark of a terrorist! They're going to give life imprisonment for that next!
</SARCASM>
Fascism starts when the efficiency of the government becomes more important than the rights of the people.
Hi Hackers,
Here's my advice, while I'm still free to give it:
1. Make a fun virus/worm, which switches Windows(tm) wallpaper to a porno picture. A veritable laff-riot would ensue, what with techies scrambling around trying to get the crotch shot removed from the CEO's desktop.
2. If you can delete only one file on a Windows(tm) 9x machine, do c:\windows\system\vmm32.vxd
The user will get a message something like "missing vmm32.vxd, must re-install windows". It's not just a file you can re-extract. It's built during setup with hardware specific info, like a kernel. You can't just copy someone else's either. Try it, it's fun!
"Would it kill you to put down the toilet seat?" -- Maya Angelou
On one part, Ashcroft is doing something to cover for the alledged Chinese hackers who wish to circumvent electronic security and go after the perps. While action on this part is definately welcome, there are a few more things one should consider.
On the other hand, it is one more way for the corporations with big bucks to insist on severe punishment for 14 year old kids. And no, there is no limit for how old a person must be to be labeled "terrorist".
If somebody successfully steals a database with credit cards, the company that created that database should be indicted just as well as the cracker. Why? Because they are NOT SUFFICIENTLY protecting their database. When my Egghead account was compromised I got pissed at them, not just the guys who cracked their security. If a company that wishes to have my credit card number and SSN or whatever, on electronic file, they should damn well protect that information. There are instances where people have been convicted by clause of negligence, or comparable negligence. Why is this any different? I mean, if I leave a white plastic bag with a million dollars on the curb outside the Marriott in San Francisco and I find that somebody took it, why is it that I am negligent? Because I didn't take good measures in protecting that which I meant to keep to myself!
But by all means, beef up the security around Government computer installations. I'd be happy to let my congressman pass a bill for another $5 billion to do this.
However this bill is undoubtedly going to make many people "terrorists", just because they circumvented the copy protection of Windows XP or something like that. I do not support this bill.
Alex
Wealth is the product of man's capacity to think. -Ayn Rand
Making "computer crimes" rise to the same legal level
as say, cutting a stewardess' throat and crashing a plane
into a building, does NOT serve to increase the magnitude
of "computer crimes", it rather LOWERS the magnitude of
the truly serious crimes. If you can expect the same punishment for something like defacing a web page
as you can for blowing up a car bomb, then that means
a car bomb suddenly isn't such a bad crime.
It's like saying Marijuana is the same thing as Heroin.
It doesn't make marijuana "worse", it implies that heroin
is somehow no more or less acceptable.
There might be parallels in the abortion==murder campaign as well.
-fb Everything not expressly forbidden is now mandatory.
Izzata crime?
Sig:
Navy nuke sub lifestyle?
i'd hate to see this happen. i must admit that such attacks by crackers are bad, and i'd be very po'd and want that person punished if they attacked me, i wouldn't want them to rot in prison for the rest of their lives. this is wrong. pure and simple.
while you make pretty speeches...i'm being cut to shreds. you throw me to the lions...a delicate balance.
Please reject all parts of Ashcroft's terrorism bill that deal with computer
use, as they are almost entirely misconceived, repressive and overly
punitive measures that have little if anything to do with any threat from
real terrorists. Computer professionals depend on knowledge and skill. Just
as medical students sometimes commit pranks, so do computer students. When
those pranks cause losses, those losses can be dealt with through
conventional legal penalties. But lumping them with the deadly acts of
terrorists is the surest way to alienate the good young minds we need in the
computer profession, particularly those with the knowledge of security
measures needed to keep our systems secure - which can only be gained by
testing the limits of those systems.
"with their freedom lost all virtue lose" - Milton
The actual article goes as follows:[Article 11 section 2]
Nothing a veto can't stop them getting in trouble for, here's hoping they don't use economic and defence agreements to pressure my poor Australia into putting more restrictive laws in place.
Combine this redefinition of cracking as a form of terrorism, combine it with the new powers of surveillance to be granted to investigative bodies, and doesn't this look like clear justification for programs like Carnivore?
If they can get approval now for tapping all phones that a suspected terrorist supposedly uses, not just a single phone they *know* he uses, isn't it just a stone's throw to track *all* communications that a terrorist uses? Suddenly monitoring a large amount of Internet traffic suspected to be associated with a terrorist is necessary to national security.
It was closer to "He who will trade freedom for security will get, nor deserve, neither"...
That is actualy an interesting point. Note that this has been billed as protecting freedom when it is really about protecting security at the expense of freedom.
I'm sure all the hardened foreign *crackers* are just running in fear now that the US proposes stiffer penalties for attacking computers residing in.. *errhh.. wait a minute.. where is the geographic location of the machine with that destination IP address again?!... darn packet filters, anonymizers, and misconfigured routers. Geez, these guys must be routing through 20 machines or something.. *POOF* darn.. lost 'em again. Good thing we'll nail some clueless, immature middle/high-school/college kids for little mischievious acts, though. Gotta stop terror at it's source.
And writing viruses? Isn't that a 1st Amendment violation in the first place? The first 'viruses' were born in an academic environment surrounding the research of 'artificial life.' And ever consider that a binary sequence that represents a "virus" in the context of one operating environment could very likely be a benign set of instructions in another? (especially if you bitwise shift left or right or perform other transformations on the data such as compression). Try this if you have access to a windoze box: Load up a bunch of common virus scanners and then try to download some tarballs of your favorite source code. I guarantee you'll get "virus warnings" at random--some based on heuristics, some as direct matches. Computer viruses, like biological ones, can only co-exist with vulnerable hosts. Maybe instead we should outlaw operating systems without reasonable security and access controls. *cough*windows*cough*.
We might need some new laws to help fight terrorism, but this is NOT one of them. May I suggest: 1.) Repealing the restriction on US supported overseas assassinations 2.) Cockpit "airlock" (2 doors) and non-lethal defense mechanisms on all passenger aircraft 3.) More stringent background checks on immigrants and airport employees.
What I suspect is going on here is that they want to build a DNA database of "hackers" who committed crimes before this law was passed. Hey, says Ashcroft, we aren't jailing them, so we're constitutionally okay. DNA database != legal punishment.
(For now we'll ignore the gray area in which this obviously resides...)
S.
What I see, is more people getting laid off...
from the airlines
and the airplane makers
and the airports
What I see, is George Bush spouting more rhetoric...
things are gonna be hard
we have to make some sacrifices
go back to work and be productive
What I see, is executives of companies...
still getting big paychecks and bonuses
living in their big house
driving their big suv or lexus
hecho en mexico
What I see, is more laws taking away our rights...
turning us into a police state
protecting corporate interests
and making more laws from a knee jerk reaction
What I see, is a long road ahead of us...
where our fellow Americans die
to protect Starbucks and McDonalds
protecting our corporate profits and earnings
What I see, is the bomb being dropped...
but not by us
because we can't do that
we're too civilized
I hope we have something worth fighting for after everything is finished.
Hammer of Truth
Only its not with hacking/cracking, but with trafficing or possesing drugs. You could concievably rape or shoot someone in the head and get out of prison sooner than someone busted for running heroin. I find that pretty disgusting too.
But I'm sure they'll never come for you, or anyone you care about. After all, you don't break the law, do you? And justice always prevails, does it not?
Never make the mistake of thinking that because you are law-abiding, you are safe.
-Carter
1. Make a fun virus/worm, which switches Windows(tm) wallpaper to a porno picture. A veritable laff-riot would ensue, what with techies scrambling around trying to get the crotch shot removed from the CEO's desktop.
No, actually the CEO would remove it himself, since the control-freak thinks he needs full local administrative permissions on his laptop/desktop. Unfortunately, he probably wouldn't even the mention the incident to his techies out of shame, and the fact that he can't admit that somebody else might possibly know more about a specific topic than he does. (Substitute feminine references if the CEO is a woman, I don't feel like going to the effort, though.)
2. If you can delete only one file on a Windows(tm) 9x machine, do c:\windows\system\vmm32.vxd
The user will get a message something like "missing vmm32.vxd, must re-install windows". It's not just a file you can re-extract. It's built during setup with hardware specific info, like a kernel. You can't just copy someone else's either. Try it, it's fun!
Speaking of morons who think they know more than they really do, consider checking the Devil's KB to make sure that they don't already know how to fix your "l33t h4ck".
"I hereby dub thee, Sir Scriptus Kiddious!"
Protector of Capitalist views,
Meorah
From our proposed bill:
"SS 25. Federal terrorism offense defined
As used in this title, the term `Federal terrorism offense' means a violation of, or an attempt or conspiracy to violate-
...1030(a)(1), (a)(4), (a)(5)(A), or (a)(7) (relating to protection of computers)... "
And here are the sections from the US Code that it refers to:
"Sec. 1030. Fraud and related activity in connection with computers
(a) Whoever -
(1) having knowingly accessed a computer without authorization
or exceeding authorized access, and by means of such conduct
having obtained information that has been determined by the
United States Government pursuant to an Executive order or
statute to require protection against unauthorized disclosure for
reasons of national defense or foreign relations, or any
restricted data, as defined in paragraph y. of section 11 of the
Atomic Energy Act of 1954, with reason to believe that such
information so obtained could be used to the injury of the United
States, or to the advantage of any foreign nation willfully
communicates, delivers, transmits, or causes to be communicated,
delivered, or transmitted, or attempts to communicate, deliver,
transmit or cause to be communicated, delivered, or transmitted
the same to any person not entitled to receive it, or willfully
retains the same and fails to deliver it to the officer or
employee of the United States entitled to receive it;
(4) knowingly and with intent to defraud, accesses a protected
computer without authorization, or exceeds authorized access, and
by means of such conduct furthers the intended fraud and obtains
anything of value, unless the object of the fraud and the thing
obtained consists only of the use of the computer and the value
of such use is not more than $5,000 in any 1-year period;
(5)
(A) knowingly causes the transmission of a program,
information, code, or command, and as a result of such conduct,
intentionally causes damage without authorization, to a protected
computer;
(7) with intent to extort from any person, firm, association,
educational institution, financial institution, government
entity, or other legal entity, any money or other thing of value,
transmits in interstate or foreign commerce any communication
containing any threat to cause damage to a protected computer; "
now IANAL, but this seems to make the following things terrorism:
1) Getting or transmitting any information that can be a threat to national security via computer (ie classified stuff)
2) Knowingly and intentionally doing damage to a computer system of at least $5000
3) Making and spreading viruses and computer worms
4) Threatening to do any of the above (within federal jurisdiction), with the intent to do it.
That's my interpretation, and it's probably wrong. I'm mainly posting this for easy reference.
The following sentence is true. The preceding sentence was false.
This from a man that thinks dancing is sacreligious.
I guess it's time I grow my hair back long, and start looking like a stinking hippy again!!
Question Authority.
-- "Perceptions create reality. By changing your perceptions you change your reality."
More hysteria, hype, doom and gloom from the self-styled elite of the extreme reactionary hacker community. Oh well, with VA bleeding money like a hemopheliac in a room full of Islamic Fundementalist with box cutters, we won't have to put up with their nonsense much longer.
This list hardly seems to encompass "most computer crimes". For instance merely accessing or stealing non-classified information is not a terrorist act. Nor does it include breaking encryption ala DMCA. Defacing websites is not a terrorist act unless the computer belongs to one of the above categories and changing the website results in nontrivial financial losses. Writing viruses/worms is not a terrorist act unless you intentionally use it in a way that damages "protected" computers. (From the wording, I wouldn't interpret this to include merely releasing it into the wild, but a judicial ruling would have to clarify that issue). The crimes they are signaling out are pretty significant stuff and not just any old act of hacking. Let's not further contribute to the FUD.
What follows are excerpts of the laws in question:
From The Anti-Terrorism Act of 2001 (Draft 2)
http://www.eff.org/Privacy/Surveillance/20010919_
Sec. 309: "...the term 'Federal terrorism offense' means a violation of, or an attempt or conspiracy to violate...1030(a)(1), (a)(4), (a)(5)(A), or (a)(7) (relating to protection of computers)..."
From US Code Title 18, Section 1030
http://www4.law.cornell.edu/uscode/18/1030.html
(a)(1) having knowingly accessed a computer without authorization or exceeding authorized access, and by means of such conduct having obtained information that has been determined by the United States Government pursuant to an Executive order or statute to require protection against unauthorized disclosure for reasons of national defense or foreign relations, or any restricted data, as defined in paragraph y. of section 11 of the Atomic Energy Act of 1954, with reason to believe that such information so obtained could be used to the injury of the United States, or to the advantage of any foreign nation willfully communicates, delivers, transmits, or causes to be communicated, delivered, or transmitted, or attempts to communicate, deliver, transmit or cause to be communicated, delivered, or transmitted the same to any person not entitled to receive it, or willfully retains the same and fails to deliver it to the officer or employee of the United States entitled to receive it;
(a)(4) knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period;
(a)(5)(A) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
(a)(7) with intent to extort from any person, firm, association, educational institution, financial institution, government entity, or other legal entity, any money or other thing of value, transmits in interstate or foreign commerce any communication containing any threat to cause damage to a protected computer; shall be punished as provided in subsection (c) of this section
Under the same Section, part (d)(e)(2) and (8): (2) the term "protected computer" means a computer -
- (A) exclusively for the use of a financial institution or the
United States Government, or, in the case of a computer not
exclusively for such use, used by or for a financial
institution or the United States Government and the conduct
constituting the offense affects that use by or for the
financial institution or the Government; or
- (B) which is used in interstate or foreign commerce or
communication;
(8) the term "damage" means any impairment to the integrity or availability of data, a program, a system, or information, that -That KB article has nothing to do with what I suggested.
FYI if you do delete this file on accident, you're screwed. Of course, you could rename your windows directory, re-install windows, copy out the new vmm32.vxd into the renamed windows directory, delete the new windows directory, rename the renamed windows directory back to windows, and you'd be set.
Of course you already knew that, ass monkey.
"Would it kill you to put down the toilet seat?" -- Maya Angelou
notice that the 2nd 3rd and 4th violations must occur to a protected (ie government) computer. Hacking yahoo.com and putting "I WUZ HERE" doesn't make you a terrorist. Neither does posting security holes, or sharing MP3s, or reverse engineering DVDs, or what have you.
The following sentence is true. The preceding sentence was false.
If this passes I will never do any computer work for the government again. They lost one smart hacker and maybe many more. Don't come beg for us when foreign crackers attack you. Not that its a big deal I guess when deciding such absurdities, but how many machines did the WTC terrorists break into to perpetrate their attack.. Oh yeah NONE!! Fucking NADA!!!! They did it the ol fashioned way, by killing. So fuck you Geroge Bush, fuck you John Ashcroft. Why aren't our leaders heads rolling for this attack? Why do they get away with blaming others? Its the great fucking conservatives who will lead us to gargantuan government I see. I wonder how many fucked up employers will threaten computer programers with this? I won't touch anybody's machine unless they sign fifty waivers in triplicate with a release from the government.
i'm sorry to say it but once you hack into any other computer system, even if to just say, "I love you", it is a violation of the law and you are a criminal. You deserve to go to jail. how many of you have defaced a website or hacked into a private server? it is not acceptable behavior to do so.
In some cases i'd like to applaud white-hat hackers. but that, too, is illegal even though it's for a good purpose. to take a fictional example: batman. fights crime. does good. but he breaks the law to do it. he'd be in jail, just like all people who break into servers, hack computers, write viruses should be.
(if it weren't for you hackers, i'd be able to go at least one week without patching windows!!)
No jury is going to throw someone away for life because downloaded a copyrighted MP3. We have a court system for a reason, and that reason is to make sure that laws get enforced sensibly. You all really need to stop panicking every time a law is passed that could potentially be twisted in such a way that it can be used against an innocent person. This stuff hardly ever happens. There are of course a few exceptions (Mitnick, Skylarkov, etc) but they are few and far between and really not much to worry about. You have a better chance of getting stuck by lightning than getting screwed over by this stuff.
The problem is that DNA analysis as used to identify people does not do a complete analysis of the DNA. They basically only look at a few parts of the DNA. That is not enough to uniquely identify a person. For a given DNA sample, there will be dozens or more people in the country who match.
When used with other evidence, DNA is great. For example, if without using DNA evidence, you have narrowed it down to 3 suspects, and then you take DNA samples and compare to DNA from the criminal, and you get a match, you have, to a very high probability, got the right person. There might be dozens of people in the country who would match that DNA sample, but the chances that one of those dozens just happened to be one of your suspects is very small.
However, if you start with the DNA, and that is all you have, the chances are good that your match from the database is not the right person. As I said in the previous paragraph, there are dozens or people that match a given DNA sample. That chances are low that someone picked up just for the DNA match is the criminal.
Saw Ashcroft on the tube, makes me think he (and others) are doing their best to change "America Fights Back" into "America Bends Over".
The really spooky bit is that _helping_ a "terrorist" commit a computer crime is considered an act of terrorism.
step 1: discover and publish a security hole w/ sample exploit code.
step 2: watch in dismay as unpatched boxes are rooted and abused months afterward.
step 3: get on with your life for some arbitrarily long period of time.
step 4: annoy some suitably influential politician.
step 5: rot in prison for the terrorist act you committed years before.
I'm tempted to suggest Canada, but they're working on their own DMCA and would probably cheerfully extradite "terrorists" anyway.
If you talk to people about your plans to whack a goose, they can't convict you of conspiracy to commit goose-whacking because there's no law against conspiring to goose-whack.
I was under the impression that - at least back in the Vietnam Un-War era - there are/were blanket conspiracy statutes that made conspiracy to commit a crime (even a misdemeanor) a felony.
It was a particularly noxious law. In addition to upping the ante, it criminalized talking about a crime *without committing it*, and made hearsay admissible.
IANAL so maybe somebody who is can comment.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Actually we live in a constitutional republic where the constitution is supposed to protect the minority from the ignorance of the majority.
This case being a perfect example...
Well, in the last century black people got from being called "niggers" to "African Americans", so was the case with gay people, oriental people, single mothers, flight attendants and pretty much any title that ends with -man was replaced with -person.
Why don't some american hackers out there go marching on the street and stop the media from implying they're CRACKERS???
Hugo
I've been living and working in Japan this past year. I had been thinking about going back to the US and buying a house or some such.
Not after reading about this and the national ID card though. You all enjoy your fascist dictatorship. In the interests of myself and my family, I'm defecting -- to one of those "free" (as in speech) countries.
"Reactionaries must be deprived of the right to voice their opinions; only the people have that right." - Mao
Right now I'm so sick of terrorists and people who think they are doing the country right by pushing an agenda of draconian laws that I just want to turn around and walk away. I won't because I love my country and I believe that people are innocent until proven guilty and should be treated as such.
Stuff like this really sickens me, watching people play on other peoples fears and realities to get what they want and think would be best for them. In a sense it makes them as radical as the religeous wack-o's that cause all the problems.
I want a safer and better America, but I also want a free America. I don't want over zelous religeon or government involvement. I think if America puts its foot down on the terrorists and not America's citizens we'd have better results.
This means catching and punishing those resposible to the fullest extent of law. In this case I think it'd even warrent their heads on a platter concidering all the innocent people they killed.
If others of their kind see we are just as serious if not more so then mabey they'll think of a more peaceful way of settling their issues. Otherwise we should make them fully understand what their fate will be when we catch them.
If we restrict people and take away their freedom to communicate and do things peacefully we put them in a prison. This I believe will give the Terrorists what they want, to take away a lot of the freedoms American's enjoy. Based on some of the laws and changes to law I hear being tossed around, I think they may have won.
Thats my opinion, I speak it freely here from the USA because I believe I could always do so. I will continue to do so until the day they put me six feet below ground. Sorry for the long post, I had to get it out of my system even if nobody listens or cares.
~~ Behold the flying cow with a rail gun! ~~
What is Terrorism? What is hacking? Am I hacking if I portscan you? Is there a legitimate use for having a portscanner? Is there a legitimate use for knowing how to write one? Should programmers be licensed? Should non-"compliant" compilers be outlawed? Should open source software be outlawed? (It helps teach people to write programs, and they can get ahold of a compiler!)
Well, DUH, the answer is simple.
Once again, big brother is infringing on American's most basic right - freedom of speech and freedom of expression. Now unless this person is known to maliciously "hack" computers, thats one thing. But if a security-freak white hat uncovers a hole in software and shares it through out the good hacker society, technically, he's breaking the law. What kind of crap is that?
As it pertains to "protection of computers", the following sections apply:
1030(a)(1): Basically covers national defense/espionage
1030(a)(4): Fraud via a "protected computer" - where a "protected computer" is one where the exclusive or primary use is for US government or interstate commerce use by a financial organization, in ways that directly affect their use by that government or institution. Note that even stealing credit card numbers from a financial institution (or CDNow, or Amazon, or anyone else) is NOT covered under this provision - it is covered under 1030(a)(2), and is not part of the terrorism definition.
1030(a)(5)(A): Intentional damage to a "protected computer". Reckless damage (as opposed to intentional damage) is not part of the terrorism definition.
1030(a)(7): Extortion, again involving a "protected computer".
Folks, the definition of "protected computer" makes it clear that simply defacing a website is not a "Federal Terrorism Offense", and stealing credit card numbers is not covered either.
What IS covered is this: espionage, and specific acts that intentionally disrupt the workings of the US government or financial institutions involved in interstate commerce. This is a completely reasonable definition.
For those of you who argue "hey, I just took down their system for a while, its no big deal"... ask yourself this: is a bomb threat against the government an act of terrorism? Even though you don't physically follow through on the threat, and even though there are no long-term effects the answer is clearly yes. An intentional, malicious strike against a government computer system should be treated the same way.
Slashdot is entertaining like pro wrestling is entertaining
Including simple computer crime in this act is unnecessary and trivializes the act of terrorism. What an obscenity. There is a BIG difference between damaging a building with a can of spray paint, and with a 757. The penalties for these very different crimes are of course very different. Our chief law enforcement not seem to understand this concept. I have been expecting this type of excess in the overzealous rush by politicians to be seen as doing something to fight terrorism. As W said, "You are either with us, or you are with the terrorists," and there is no room to question or dissent. No politician will dare to question this proposed act publicly. We should all remember that the road to hell is paved with good intentions. Who and what will be the next domestic casualties in this war? I shudder to think.
This should cut down on script kiddies defacing websites because they downloaded an exploit.
So....
If you know 25 other people that have the same type of CAR that you do
and they all are having problems with X failing on them,
and you decide to document this failure and let others know, what is this called?
"Class action Lawsuit" or "Lemon Law".
OTOH, If you know 25 other people that have the same type of SOFTWARE that you do,
and they all are having problems with X failing on them,
and you decide to document this failure and let others know, what is this called?
"Life in Prison".
nuclear presidential echelon assassination encryption virulent strain
Whizzmo
There is a law in place that if you have been convicted of ANY type of domestic violence EVER you can not own a hand gun. The howling of cops that lost their jobs did not get the supreme court to overturn the law. It was retro active as well. If they are allowed to get away with it they will continue to take away our rights.
If you don't believe it simply continue to do nothing.
In some ways, a lot of people in this forum are is detached from reality as those who claim they need an automatic weapon to go hunting.
Not Meta-modding due to apathy.
Sounds retroactive to me....
Rachael
"Go Forth Ye Lemmings and Propagate"
Ashcroft is quoted as saying his definition of terrorism is "broad enough to include...assaults designed to change the purpose of government." So does that mean that these sweeping bills that he's been pushing are themselves a terrorist attack?
It isn't that simple.
Things rarely aren't.
Consider the case of Randall Schwartz.
Good idea. Here's another case of a law written by people who whine that programming a VCR is too hard, but then, in a fit of "We've got to get tough on computer crime"-ism, seem to think they know more than the people who actually use computers.
In my opinion,
Yes. I have a different one I'm about to express.
he clearly broke the law
Yes, but so did everybody else in his state that used a telephone system.
and paid for it.
Boy, you better believe it!
The ruling was fair,
What are you talking about? Exorbitant sums of money and a permanent criminal record are fair punishment for telling your employer that some of his employees are violating the employer's security policy?
he learned his lesson,
Unfortunately, the lesson many of us got out of this was cynicism.
and he still manages to make many positive contributions to society.
Right you are! Randall's really a good human being, considering all he's been through. None of it was fair, but he still manages to make many positive contributions to society.
Secession is the right of all sentient beings.
I heard on NPR that they are postponing consideration of this until next week, so you have time to send letters.
Further suppose that individual hacks the proof out, and gives it to a reporter with the Washington Post.
Finally, suppose the reporter does the write-up and the editor lets it see print.
Now the hacker is a terrorist.
Now the reporter who refuses to disclose sources is harboring a terrorist.
Does willfully acting to violate the U. S. Constitution make Ashcroft guilty of treason?
"Freedom means freedom for everybody" -- Dick Cheney
sorry I didn't see that someone already posted this above. Please be merciful with your redundant moderations ^_^
The following sentence is true. The preceding sentence was false.
"Harboring or providing advice to a hacker would be terrorism as well"
Does this mean that the CIA is going to be held criminally libel for
training bin laden? Or is that OK?
I seriously doubt that you have *any* programming abilities.
Please, leave. Don't let the door hit you in the ass.
Come to think of it, I'm a little leery of the "or exceeds authorized access" bit in (4) - if one "accesses" a computer to purchase and legally download some proprietary "protected" piece of music or video, and finds a way to convert it to a nonproprietary format for personal use, has one "exceeded authorized access" and is therefore not merely a DMCA Criminal but a full-fledged DMCA Terrorist? It's a bit of a stretch, but I think a wealthy corporation can buy enough lawyer-approved powerpoint slides "proving" this to a non-technical jury...
If you noticed, sections 4 5A and 7 only apply to "protected computers." From the US Code:
(d)(e)(2) the term ''protected computer'' means a computer -
United States Government, or, in the case of a computer not
exclusively for such use, used by or for a financial
institution or the United States Government and the conduct
constituting the offense affects that use by or for the
financial institution or the Government; or
communication;
So only attacks against state and financial institutions, and computers used for interstate or foreign commerce and communication can be deemed terrorism. There are further definitions in that section if you're curious. Hacking www.microsoft.com or downloading pirated video won't count as terrorism. Slashdot folk have to stop being so knee-jerk about all this.
The following sentence is true. The preceding sentence was false.
I have a really funny sig line that is too long for this. Bummer.
f yr sg brly ds nt ft n th spc thn try t wtht ny vwls. Wll tht wrk?
what possible crime could a hacker do to constitute life in prison?
"Cornflakes are not the innocent critters they seem"- Sterling Morrison
So only attacks against state and financial institutions, and computers used for interstate or foreign commerce and communication can be deemed terrorism.
You've mixed up one of your logical operators, there; there's a big difference between "and" and "or". The correct operator is "or". As you quoted the first time:
which is used in interstate or foreign commerce or communication
Only computers used for interstate communication, huh? That would be everything that has an IP address...
I just read that courts have interpreted "which is used in interstate or foreign commerce or communication" so that it basically applies to any computer on the internet. Crap. Never mind my post then, this is as disturbing as you implied. Hacking microsoft.com and putting "hi! i was here!" might be terrorism =/
r kplace/14995-1.html for a specific case where they used this interpretation. Basically, you could send email out of state from a computer, so it was a "protected computer"
See http://www.washingtontechnology.com/news/15_18/wo
The following sentence is true. The preceding sentence was false.
I have represented parties in civil lawsuits where CFAA violations have been pleaded as counterclaims. I am here to tell you that the courts have treated virtually ANY alleged unauthorized access of a computer as a CFAA violation that will be likely to survive a motion to dismiss and summary judgment. It is, to me, chilling that such naked allegations as "he wasn't supposed to do that" could be sufficient to put an individual away for life.
Indeed, only crackers who attack "protected systems" (meaning .gov and .mil boxen - not the d00d who hax0rz the average web site) appear to be in line to get their asses handed to them on a silver platter under this Act, and those provisions I can support. (Hell, those are about the only provisions I'd support ;-)
You are so wrong you can't believe it. The CFAA defines a "protected computer" to mean a computer that is used in interstate commerce. This means any computer connected to the internet or a modem.
I have litigated CFAA civil actions, and I am here to tell you that virtually ANY unauthorized access where virtually ANY valuable information is received, or where ANY valuable data is modified or changed is quite arguably sufficient to lay down a prima facie case.
This bill is as bad as you first thought it was.
First step is to write. Kill a tree and send a letter to everyone you voted for (or against) or would have voted for if you had voted (shame on you!). Make copies of your letter for your lazy friends. All they have to do is sign.
And then....
If this becomes law (and that seems pretty certain) we need to call for a world wide strike of all IT professionals. Turn off your servers, turn off your routers, don't give anyone the passwords. Go home for a few weeks. Advertise the reasons for your strike on every web page you influence. See how the people like their new laws when they can't access the information they want.
It makes me pleased to be a Canadian. So far out of this lash-up the government is contemplating issuing picture ID to immigrants and deporting them if they are or become criminals.
Better consider moving north to the true land of the free and the home of the brave. We're NOT sending any of our folks off to Afghanistan to get holes punched in their asses. So far the PM seems to be standing firm in our commitmernt as Peacekeepers.
Pot's cheap and simple possession generally nets you a $25 fine. If they bother. And you can learn to fly if you like. Don't send a letter to your congressman. Send a check to your travel agent.
But leave your guns at home, boy, don't take your guns to town... at least not here..
How does this apply to:
open-relay abuse spam
I would think it would abolish it (for U.S. citizens)
Isn't retroactively changing the statute of limitations an "ex post facto" law and hence unconstitutional?
Any laywers care to comment?
Just because it CAN be done, doesn't mean it should!
Ashcroft can suck my dick.
A fellow Missourian
"I might have made a tactical error in not going to a physician for 20 years." -- Warren Zevon
Yes, the U.S. may be becoming a police state. Not only does the U.S. have at least three agencies that police the entire world, the NSA, the FBI, and the CIA, but the U.S. has the highest percentage of its citizens in prison of any country ever, in the history of the world.
Here are the official December 31, 2000 prison statistics from the U.S. Department of Justice. Sorry about the formatting. The lameness filter is lame. It won't let me post enough leading dots.
People in federal and state prisons... 1,312,354People in local jails... 621,149
People on probation... 3,839,532
People on parole... 725,527
Total number of citizens... 6,498,562
The total population of the United States, projected to September 24, 2001 at 6:34:55 PM PDT is 285,218,008. Therefore, 2.3 percent of the entire U.S. population is in prison or involved with the criminal justice system. But remember, many of those are babies or children. About 3.1 percent of all adult U.S. citizens are in prison, jail, or on probation or parole.
An April 20, 2000 ABC News article, U.S. Prison Population Rising says that the percentage of growth of the U.S. prison population is rising.
There is other evidence of social breakdown: An August 19, 1998 BBC News article, The United States of murder, says that the city with the highest murder rate, Washington, D.C., has a murder rate 170 times higher than the city with the lowest murder rate, Brussels, Belgium. The nine U.S. cities in this study of murder rates all were in the list of the 12 cities with highest murder rate.
There is evidence that the secret agencies of the U.S. government and the weapons manufactureres have too much control: What should be the Response to Violence? .
Bush's education improvements were
The has to be thousands of "script kiddies" out there (getting?) ready to take on the task of hacking systems or creating a virus. If anyone has seen the sizable contracts a couple of there predessors have gotten it would seem like a good idea. This act is there to change that but has the same effect as capital punishment on a serial killer i.e. it just makes the thrill of getting away with it greater.
How about companies think about hiring these hackers and crackers to secure the systems and keep them channelled on something good rather then bad so that this act can act against those whom it is meant for (osama bin laden?)
The article that started all this is largely FUD, and a poor representation of the legislation being past. If you are going to write to Congress at least read the intelligent posts on this page, if not the legislation itself. Making statements which are factually wrong will more than likely cause them to dismiss the whole letter without considering your opinion.
If you look around at the other posts, you'd realize these modifications only applies to 4 of the more severe computer crimes for which we have laws (though one can be legitimately concerned about stretching them to cover less serious crime than what were intended). Also it allows life sentences to be applied but it doesn't mandate them, and any applicable lesser sentence can also still stand. Ex Post Facto doesn't apply because it's not making things illegal retroactively, only removing the time limits on how soon actions that were already illegal can get prosecuted.
Finally, remember that the computer provisions are only a small part of ATA, and I for one don't mind tougher rules for kidnapping congressmen or attacking nuclear power plants, etc. Know what you are upset about and have good reasons why.
If only the law extended to spam as well...
He's conflating vandalism ("willful or malicious destruction or defacement of public or private property") with major violent crime by using the term "assault" in other than its normal legal sense - a threat or attempt to inflict offensive physical contact or bodily harm on a person (as by lifting a fist in a threatening manner) that puts the person in immediate danger of or in apprehension of such harm or contact.
In effect he's raising the status of a collection of hardware and software to the legal status of a person, if not trying to imbue it with human emotions.
In other words, he's making a total ass of himself. Let us strive to prevent him from doing the same to the legal code, shall we?
Whistleblower protection with real teeth would be more effective in cleaning up inept government agencies. So would giving the federal Inspectors General the power to fire Federal employees. But no, Ashcroft's not asking for that.
..but passing this bill will turn us into terrorists.
I wonder how many other terrorist groups started out like this. It really puts things into perspective.
In retrospect, it's so obvious that we're becoming society's new scapegoat. Amazingly, some people have held that belief all along (Emmanuel Goldstein, since about 1985)
All programs are numbers that represent something.
Hacking is gaining knowledge of a system through an abnormal process
So to take a step away from pure tech appilcations, couldn't a mathematician or physicist can be considered a hacker and therefor a terrorist under the proposed statutes?
By manipulating known values, they both come away from their studies with an increased knowledge of the world through mathematical manipulation. Such manipulation would have to be considered abnormal simply becaus it's probably never been done or observed before in the history of Man.
But this law specifically makes giving hacking advice illegal, and classes it as terrorism. I don't think there is a similar law for murder.
These kinds of laws make it look like it was actually the CIA (or some other TLA) who orchestrated the hijackings, in order to have a handy excuse to get "favorable" legislation into place. Back in the day, the Germans did the same kind of thing with the "Reichstagsbrand". Think about it.
This stuff is extremely dangerous. While the country is reeling from 9/11 Ashcroft and company are seeking to do an end run around due process, legislative considerations, the Bill of Rights and, potentially, the freedom and security of all of us. What does "terrorism" mean? Why, it means whatever Ashcroft and company say it means this week, or next week or next year. And of course all future definitions are retroactively effective. This week it covers amorphously "computer crimes" which we all know are so well defined there is no confusion there right? Anything and everything any of us geeks/nerds do is, or will be if this or that bill is passed, a "computer crime". If you somehow manage to escape the ever-broadening net of what is a computer crime and therefore "terrorism" then you better be real careful of who you trade code with or date or give tips to before you are accused of aiding and abetting a terrorist!
These people aren't fooling around. They can take everything you own and lock you up for as long as they wish by this proposal without even necessarily charging you!
Please, PLEASE pay attention and do what you can to fight this now while you still have the ability to do so. At this rate it will not be so easy very shortly.
Call your congress critters. Write editorials. Inform your friends. Demonstrate. Support any/all organizations fighting this before they get accused of aiding and abetting terrorists!
The time for vigilance is NOW.
Is anyone else getting this feeling of being overwhelmed by sadness and pity? I'm a U.S. citizen, watching laws be considered that would have made the Brown Shirts proud. I'm a compassionate human being who was horrified by the terrible violence brought home, not only to my country, but to close friends of mine in NYC.
But nothing horrifies and saddens me more than seeing such laws even be CONSIDERED in the United States of America. In the U.S. I grew up believing in, the Land of the Free and the Home of the Brave, such a law would have been laughed right out of the Capitol building. In the america I grew up believing in, Patrick Henry was one of our heroes, with his fiery "Give me liberty or give me death!" We even have a state whose motto is an even more extreme, "Live free or die!" And then at the slightest fear, at the slightest hint that the price of all this freedom - death, of course - might actually have to be paid, and these Free, Brave americans roll over like mewling puppies and - beg! - for the shackles to be applied. These horrible feats of mislegislation and unconstitutionality are not being forced through against opposition, they're tripping over themselves to write it because Americans are screaming for it.
So I don't know which I'm more ashamed of. Egotistical men with no understanding of their own margin of error, recklessly wielding powers they neither deserve nor understand. Or the people who are meekly letting them do it, because they're too afraid to stand up like men and retain their freedom. I'm going to bed now, and if I could cry I would. I'm just too appalled.
-Kasreyn
Kasreyn: Cheerfully playing the part of Devil's Advocate to hairtrigger
I work in the network management industry. we like to draw maps of networks (sometimes in pretty pictures).
its a frequent technique that you ping a whole subnet (or network range) to discover which boxes are alive, maybe which services run on each box, etc. to do this, you probe.
you might do a slight portscan by trying to discover if the box is a host or a router (or whatever). you may even do this in net.ranges that may or may not belong to you (perhaps you might overlap since you might be thinking of class-c when in fact, its subnetted larger or smaller than that and you didn't know that).
so if I discover a network (again, a fairly typical thing to do in the netmgt field) and I happen to set off some alarms, and someone gets overzealous, could I end up being "bubba's bitch in the big-house" for life?
doesn't the conceivable abuse of this law seem totally shocking to anyone in the computer industry?
--
"It is now safe to switch off your computer."
FWIW, most of us in Intel computer security think that Randal really got shafted by the state. Arrogant prima donna? Yup. Felon? Whoa there. That case was a lot of work, and continues to hurt my ability to recruit outside talent to this day. Now Dmitri is going the way of Randal, and there's no guarantee that the result will be any different. Don't count on the courts to overturn bad laws, because real people get their lives destroyed by being test cases.
Well that's what i call Terror! Your Governmet is running amok. Who is going to stop them? If they go this road further, the awsome amount of destruction in NY will look like a fart compared to the damage America caused it self reacting to it. If i lived in the US i would run anywhere else before it's to late!
Look, passing a reactionary law is one thing, getting it to stand up to the scrutiny of the Supreme Court is another. In the short term, it could/will violate people's rights, and for the few that are unlucky enough to be arrested, a tremendous amount of time. Potentially, this could set the stage for dozens of new Dmitry/Kevin-escque t-shirts to be produced.
The point is, we still have our constitution despite the best efforts of lawmakers.
Often in Error, Never in Doubt.
I once helped a script-kiddie with his Windows (I fixed it, thus enabling him to pursue more havoc).
Guess I'm a terrorist as well then.Better find a place to hide.
C-ya.
Yep, U.S. has the best government money can buy.
Why am I not even surprised?
There is no such thing as good luck. There is only misfortune and its occasional absence.
That whole generation gets off on boris carloff movies with brains in glass jars. "Then the brains took over"
JS
A lot of people say they see little wrong with this. Please consider these:
1. Laws which are retroactive, like this one, are inherently unjust. The whole concept of the rule of law is based on people knowing what the legal consequences of their actions may be. Retroactive laws destroy this.
2. Lawmakers increasingly like to define something as something else. Here, they define some kinds of computer offences as "terrorism". Am I the only person who thinks this stinks? The purpose is to confuse people. You send someone to jail for 10 years for an offence which may be equivalent to scrawling graffitti on a web site. Then you tell people he's in jail for terrorism. That stinks. Yes, it's bad to scrawl graffitti, whether on tangible property on or a web site. Yes, kids who do it should be punished. But it has nothing to do with terrorism.
3. People generally seem increasingly willing to inflict terrible punishments, in this case life imprisonment, on their fellow citizens for less-than-terrible offences. A penalty as drastic as life imprisonment should be reserved for the most drastic crimes.
COnsidering that now, CS instructors are teaching students in highschool bsd sockets, and thusly, about buffer overflow. Thusly, they just provided information and advice to a possible "hacker" Which would be illegal under this law rite?
Non impediti ratione cogitationus.
On the day of the attacks, George W Bush stood tall and proud and told the terrorists they would not win. They could not win. American freedom was precious and would be defended.
Every day I see some new freedom being removed from American people. Every day I see some new law being introduced under the anti terrorism law.
You're in danger of imploding your freedom's America. Grave danger. Step back Senators. Step back DA. Step back war mongerers and please realise, before its too late, that you are giving the terrorists EXACTLY what they want. Exactly what they want.
Step back. Slow down. Stop reacting. Make the new laws from reasoned discussion, reasoned thought and stop reacting out of fear. American's should not be afraid.
Ask the British for advice. Or the Spanish. We've dealt with terrorists for 25 years or more. Bunches of our civil liberties are gone as a result, but none are even a mere shadow compared to what your guys are proposing. I'm scared for America - not because of terrorists, but because your Senators want to do exactly what the terrorist want them to, and that is to remove your freedoms.
My life is on display at http://www.deardiary.net/ if you really care
And I don't ever plan too.
I just hope they do not force their way of "free" life upon the rest of the world.
Wasn't there a saying: Do not bite the hand that feeds you?
Emphasis mine. In other words, a "protected computer" is any computer on the internet worldwide. Every computer on the internet is "used in interstate communication", isn't it?
Defacing websites is not a terrorist act unless the computer belongs to one of the above categories
Can you list any web site that *doesn't* belong in the "protected computer" category as outlined above?
Also, that under this act it won't be "defacing a web site", with the overtones of "graffati", it will now be defined as "attacking a protected computer", with the overtones of "terrorism".
It's all about perception in the public eye, the ordinary person will hear "attacked a protected computer", gasp, and call for a severe punishment, even if he has no idea what the wrongdoing entailed.
Exigo spamos et dona ferentes
The second requires the hacking be used for monetary or material gain beyond just gaining unauthorized access to the computer (unless access is valued over $5000).
And you think that the amount will never be reached? Do you think that the system owners won't inflate any amounts so it becomes over this amount?
How about Randal Schwartz? For what he did he had to pay $68K. Do you really think that stealing a little computer time and access was worth that much?
And how about Kevin Mitnick? One of his crimes was
"downloading of Sun's source code cost the company $80m"
Yes, that right, the same code you can now get for free from Sun. Do you really think that he could have caused that much damage to Sun?
If you attacked my server at home, I could easily make up a figure close to that of $5,000, based on my normal hourly billing rate and making up an amount of time it took to rebuild my system.
If you truly believe that this law will not be used unjustly, then let me tell you about this nice bridge I have for sale.... hardly used, going cheap....
"The best part? I became an ordained minister while not wearing pants." -- CleverNickName
a) You already live in a totalitarian police state with a facade of democracy, and
b) None of you are prepared to do anything about it (unlike your founding fathers).
So why not give it a rest? Its not that bad. Theres only a small probability that it will be you thats carted off into the night. Sure possessing open source software will soon be a crime (because it doesnt have backdoor crypto), but, really, MS Windows doesnt cost that much. Its not like you're starving, or dying, like the people who make your nike's.
Your own CIA has smuggled drugs which has surely killed many americans. Is it that hard to believe that they'd "miss" this terrorist attack so they can get some great laws through. Or, "whoops" we bombed the wrong factory (that just happened to be the only competition for US companies in the region). Or, UNICEFs claim that 500,000 children died who didnt need to because of the sanctions against Iraq, but, hey, my V8 has cheap gas.
Your american dream isnt what you think it is. But its still pretty nice. So stop whining about it and chill out. Have a bud. Drive your ford. Wear your nike's.
It's already hard enough going after *major* criminals who are more visible. Are they going to bust down doors of violators in households all over the world? I don't have any data on the origination of online attacks, but we should expect that *some* attacks are coming in internationally.
Sen. Phil Gramm,
. ht ml
a le rt.html
Sen. Kay Bailey Hutchison,
Rep. Joe Barton,
A second attack on the freedoms of Americans is happening right now, and you're on the front lines. Please help defend my freedom.
I know that times like these compel one to try to do something about it, to fight for our freedoms and security. I can only assume that this urge is what is driving the current push for laws that ostensibly increase our national security, but in fact restrict our freedoms without measurable increase in security.
You are doing more than your fair share to fight for the American way if you resist the urge to pass oppressive laws in a time of crisis. Please don't let national law be driven by current events. The strength of our nation lies in the freedom it grants its citizens, not the power of the government to control those citizens.
That said, I would like to list some laws which I believe are currently under consideration, and which I feel gravely impact the freedoms on which America is founded.
1) The Mobilization Against Terrorism Act a.k.a. Anti-Terrorism Act proposed by Attorney General Ashcroft. If I understand this bill correctly, it would for example treat computerized graffiti (defacing a governmental web page) as an act of terrorism punishable by life in prison. While defacing government property is obviously a crime, there are already laws on the books with reasonable punishments for these crimes. This bill also appears to violate our ex post facto protections granted by Article I, Section 9 of the Constitution.
2) Amendment S.A. 1562 of H.R. 2500, the Combating Terrorism Act, sections 816, 832, 833 and 834. This bill appears to grant broad rights to government agencies regarding computerized wire taps. There are already mechanisms for obtaining the right to a wire tap (warrants). I feel this act is an abridgement of our fourth amendment protections against unreasonable search and seizure.
3) The draft Public Safety and Cyber Security Enhancement Act (PSCSEA). Restrictions on cryptography can only hurt legitimate uses, never criminal or terroristic uses. Cryptographic algorithms are well known and software providing strong encryption is easily obtainable, regardless of US law. If its use is criminalized, will that stop criminals from using it? Also, encrypted communications can NOT be identified if the communicating parties use commonly known methods of steganography. The kind of messages that terrorists would send back and forth could easily be hidden undetectably in any public internet forum, video stream, photograph, sound or other file. Criminalizing encryption will only restrict law abiding citizens from protecting personal and financial information.
4) The draft legislation titled "Security Systems Standards and Certification Act" (SSSCA). This law grants unprecented rights to intellectual property holders (including virtually eliminating Fair Use rights, first sale doctrine, and public domain rights). At the same time, it increases the cost of all computer systems and eliminates an entire computing industry founded on openness and freedom. (There is publically available software which allows one to operate a computer while legally paying no license fees. This software and any like it would be untenable since anyone could alter the program to disable the copy protections required under the SSSCA. This software (Linux) is an incredible boon to students, non-profit organizations, and low income users everywhere.)
I am a computer software developer. Intellectual property is my livelihood. Please follow the guidelines given by the founding fathers in our Constitution with respect to IP. The limited monopoly on intellectual property is a sacrifice we make to satisfy the real goal.
From the US Constitution: "To promote the progress of science and useful arts by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries." The goal of intellectual property rights is to promote the progress of science and useful arts, not to guarantee income in perpetuity.
How you vote affects how I vote. Please help protect the freedom of American citizens.
Regards,
Bobby Martin
CEO NavTools Inc.
Here is a list of articles further enumerating the concerns about current legistlation:
http://www.securityfocus.com/news/257
http://www.aclu.org/action/liberty107.html
http://www.politechbot.com/docs/hollings.090701
http://www.eff.org/alerts/20010921_eff_wiretap_
Dear nephew,
We're all fine despite every thing and all, although your aunt Alices arthritis flares up every time the radiation blows over from the accident site up state. How are you?
Whats this I heard about you all in Washinton tryin to get a bill launched that would put them kids thats learning about them computers in jail for life? Is that true? Are you really trying to irritate all those American voter mothers that got to pay them lawyer fees, not to mention all them computer people?
Are'nt they the only ones who know how to fix them things?
Not that I'm critisizen now, but are'nt you boys bitin off an awful lot to chew lately, you know with them muslims and all? Who woulda thought that there was that many of em?
If you really get them computer kids riled they'll probably move to Canada or one of them other foreign countries and you know your aunt Alice an me got most of our retirement money in that computer stock you told us about.
I heard that the canadian president up there was offering lifetime pizza's and waiving the immagration fee to anyone that could keep one of them damn things runnin for longer then a month.
I thought you wanted to represent us for a few more years, don't you like washinton anymore?
Um, now I aint tellin you your business at all but why don't you ask em for help instead?
Just askin is all.
So I guess you won't be able to take that little vacation we was plannin with all them emergency sessions and the rioting and all. Too bad I was lookin forward to it, it being a record year for bigmouths at the lake. Well get some rest. I heard you was workin till the wee hours every night an havin to skip breakfast in the mornin to catch up. Now you know that ain't good for you.
You send us a letter on how it all turns out now because your phone ain't workin that well any more and when Jimmy went back to school we could'nt get that email thing to work at all, even when the lines were open.
So be good now,and be sure to write. Your uncle Zack
The current idea of Ashcroft is, to use the outrage over the current incidents to get harsher laws. By doing this, he does a severe damage to the democratic system. There is a danger, that he destroys which shell be protected.
This is allways the danger when fighting terrorists. Panic and outrage leads to action which breaks up the foundation of the society. You win the battle and lose the war.
What most people don't seem to grasp: This is what the terrorists want. Even if they take every Boeing and Airbus ever buildt and crash them into buildings, they cannot destroy the U.S. The terrorists want to split the society. If they manage to make the politicians to take actions against minorities (arabs, geeks, etc.) this will damage a country more severly than any bomb.
CU, Martin
Hold on, im in no way an expert on this, but isnt what this bloke Ashcroft is doing actually terrorism in itsself? I mean, reading a lot of posts on /. makes the under lying fear of those people making the posts widely seeable. A lot of people are actually afraid of this law, so isnt that terrorism? If not then how are we defining terrorism? And dont go and sya its different because only those who break the laws have to be afraid, i think by now that laws designed for one purpose can easily be made to fit all other purposes :/
Makes ya think doesnt it?
Oh, duh, the quote is in the article. Duh. :P
You know, the prime objective of terrorism is to spread terror.
I've heard it several times on the news, that terrorist will not succeed in "terrorizing" America. But, seems to me, they have. These new foolish laws that are stealing people civil rights, liberties and freedom. And many people agree to them, and allow them,. Why? Cause they are terrorfied, scared.
Sounds to me like the terrorists in a way succeeded in what they wanted.
The US secret services and the US governement should face their responsabilities instead of enforcing "big brother"-like laws.
e ws .35300.html
Have a look at that :
http://www.jpost.com/Editions/2001/09/25/News/N
If you tape razor blades to the bottom of your car stereo, and someone breaks in and cuts him finger when stealing it you've broken the law in most place i.e. attractive nuscience laws. therefore if you use windoze are you guilty?
Seriously this had to happen, just look at your sever logs over the past month. I guess that this will prevent us from using an active defense on our machines. I was wondering what would happen if an request for defualt.ida fired a counter-attack script, now I know I go to jail for life!
Apocalypse Cancelled, Sorry, No Ticket Refunds
"I don't believe that our definition of terrorism is so broad," said Ashcroft. "It is broad enough to include things like assaults on computers, and assaults designed to change the purpose of government."
Immediately after the bill was passed Ashcroft was arrested under terrorist charges under the very same bill, for "changing the purpose of government".
It's 10 PM. Do you know if you're un-American?
I might have to take my operation offshore.
... they just got around to calling unsolicited e-mail an electronic attack (which I feel it is). I wouldn't mind having the Feds kick down doors and drag off the people that keep flooding my mailbox with e-mails they pretend I asked for.
I can see it now, the next set of anti-terrorist laws requiring a big brother program on all computers in the US. One where if you download a mp3 file off the internet or visit a hackers web site you'll get a message like this, "You have broken the US Anti-terrorist laws, an Anti-terrorist task force is being notified at this time. Please wait at this computer until they come and pick you up, any attempted to escape will be meet will extreme force. Thank you and have a nice day :) and remember big brother is always watching you." Boy I feel safer already.
Let us now all have a week of careful meditation on the pain and suffering endured during the Greatest Dark Age of history, before all humans learned to wish only the Peace of God upon each other. Once we have all passed a week thinking upon these matters, our class will resume for a discussion of how similar misunderstandings and applications of the now-debunked "greater good" system of pseudoethics were also being perpetrated, to various degrees of horror, by governments and organizations outside the former United States of America.
Have you looked at the case? Randall was violating Intel security policies. Intel said "stop it right now, please." Randall said "ok," the proceeded to continue violating the policies. Intel hit him hard. They were kind the first time. They weren't the second time. What more do you want?
The middle mind speaks!
Hi all,
If you want to write your Senator and District Representatives to protest this piece of sh*t legislation, here's an easy template to fill out and mail.
If it's important enough for you to sit around and spend 30 minutes reading all the posts here and typing a response, you should be able to spend 2 minutes and 34 cents filling it out and sending it to your representatives...
Address for all senators: Senator _______, U.S. Senate, Washington DC 20510
Address for all House members: Congressperson _______, U.S. Congress, Washington DC 20515
All members of Congress may be reached by dialing the Capitol Switchboard: 202-224-3121.
Dear Senator _________ (or Dear Congressperson ______),
I am very concerned about the dangers posed to the rights of U.S. citizens and citizens of other nations by the Justice Department's proposed
"Anti-Terrorism Act of 2001."
I urge you to work hard to ensure that basic freedoms, and basic elements of our privacy rights, are not eviscerated in the rush to "do something" to combat terrorism. Whatever power the Justice Department has or is given to incarcerate or deport foreign nationals, to wiretap or engage in surveillance, must be carefully defined, and subject to review by our courts.
I support the principles laid out by the groups who have come together In Defense of Freedom, and I hope you do too.
If we, out of fear, give away our rights, the terrorists have won.
Sincerely,
Yes, but that's a firing offence, not a felony. Actually, it is a felony in that state, but it shouldn't be.
Secession is the right of all sentient beings.
Thanks for digging up the original quote.
Now if you look closely, you'll see that Franklin qualifies his statement by using the words "temporary", and the slippery "essential".
Franklin does not help us when we can give up "non-essential liberties" (whatever those may be) to gain "permanent safety" (as far as that is possible).
If he attempts to violate the constitution?
-All your base are belong to the man.
We better watch out with our networking code, and accidentally wacky ping might get us life in prisonment because it could be considered a DOS attack if it slows down a server. BTW, what exactly determines a DOS attack, could one day a server goes down and the admin determines it was DOC attack to cover his butt after he secretlly finds out he misconfigured something. What happens if the higher up's tell him to find out who did it and he blames so guy who was just scanning ip's for the hell of it? Would that poor soul get life inprisonment? And one more thing, is the digital equivelent of graffiti, "defacing", really deserve life in prison? jezz,..
Didn't Louis Freeh have more control over the FBI and ATF than Janet Reno? Freeh hated the entire Clinton administration, and went way out of his way to instigate investigations into Clinton. How these government figures and agencies interact is always difficult to discern, so, yes, please explain your understanding of it. The opacity of our government should be of great concern to all citizens, but few seem to care. Then again, maybe ignorance IS bliss (or at least oblivious contentment), because those people that do care and find out often commit suicide.