Slashdot Mirror
House OKs Life Sentences For Hackers
ByteHog writes "The House of Representatives voted overwhelmingly Monday to create a new punishment of life imprisonment for malicious computer hackers. The article on MSNBC also mentions that police can conduct internet or telephone eavesdropping without first obtaining a court order. Says a Rep from Texas: 'A mouse can be just as dangerous as a bullet or a bomb.'" Other articles can be found here and the text of the bill is available.
A typical knee-jerk reaction.
Any lawyers out there know if the ACLU or someone similar can get it repealed?
Well, if hacking actually resulted in deaths, a life sentence would be applicable. Has it?
" Specify that an existing ban on the "advertisement" of any device that is used primarily for surreptitious electronic surveillance applies to online ads. " From the wording of this, spyware should fall under this yes? And probably any snooping programs like the one you use to watch family members....no?
Carpe Canem - Seize the Dog
Build your own computer? You're a terrorist.
Run an "unsecured" operating system? You're a terrorist.
Share files? Terrorist.
Complain about corporate abuse? Terrorist.
Demand your Fair Use rights? Terrorist.
Fail to consume your fair share? Terrorist.
Shooting people to pursue political gain? Not sure. Depends.
Holding a population hostage via threats of violence? Depends who does it.
Once more unto the breach, dear friends, once more, Or close the wall up with our American dead!
English is not my native language so sometimes when I don't know a word I have to guess it's meaning from the context. The last year or so I have come to the following:
Terrorist: used by people to indicate other people that say or do things that the first group of people doesn't approve of, doesn't understand or isn't receiving any money for.
War on terrorism: The act of violating every basic human right of terrorists.
Peace: A situation where all terrorists are either dead or in prison.
From your post I see my self guessed definitions are pretty close to the real meaning of those words. (and boy will the world be a quiet place when the American government finally decides there's peace)
Historically humans have always attacked and destroyed what they don't understand. That or they become religious and used religion to explain everything.
So hacking (cracking) is no different. Most people don't understand it. They see from movies that people can sink ships and fire nukes by playing with BASIC on their Apple IIe.
And yes I read that a life sentence is only for murder, but I'm sure a crime done through hacking will get a longer punishment than through "normal" means. There are examples of this happeneing already.
Outdoor digital photography, mostly in New Engl
If it takes each recipient an average of one second[1] to identify and delete a spam, then sending (60*60*24*365*70) = Two Thousand Million spams will consume a lifetime[2] of time[3] on the part of the recipients.
Could we convince the lawmakers that a life for a lifetime would be an appropriate punishment?
Andrew
[1]Some people read them, some scan them, some deal with them automagically, 1 second average is a guestimate.
[2]Three score years and ten. Seems like a reasonable number.
[3]Of course this ignores the waste of resource and collateral damage, such as an important email junked because it looked like spam or an importand email lost amongst the spam.
In most states of the US (and most developed nations) you are not allowed to operate an automobile without maintaining basic safety (and emissions) equipment. I expect sometime in the near future similar requirements may be made of systems connected to the internet.
Today the conversations may look like: .. I pay for this service and I'm not responsible / can't afford to fix it ...
ISP: Your system is being used for attack by an intruder, if you don't take it offline and get it fixed we will enforce our AUP and take you offline.
customer1: Ooops, sorry ok we'll spend the $$ / time to fix it
customer2:YOU CAN'T DO THAT
ISP: CLICK
Today, while it's feasible to keep systems patched / audited for a reasonable level of safety, many (most?) orgainizations don't have the skillset / funds allocated to keep their systems secure against even the 'kiddies, let alone a determined attacker. That's gonna have to change IMO either thru systems that are harder to break into in the first place or better practices.
Some of the provisions of this bill are also simple clarifications of existing statutes. For instance see the provision: Specify that an existing ban on the "advertisement" of any device that is used primarily for surreptitious electronic surveillance applies to online ads. -- apparently while it's illegal to advertise wiretapping equipment in print, this will extend the restriction to online ads also.
This explains why I've been seeing the adds and spame for keyboard keystroke recorders (shame on you thinkgeek!) and packet sniffers to protect (spy on) your kids or spouse.
Linux is Linux, if One need clarify their dist: <Dist>/GNU Linux
bsds are of course just BSD
And a book or political tract can be even deadlier -- look at the track record of the Communist Manifesto.
Will Congressman Smith sponsor a law against books, next? This whole thing reeks of technophobia.
The 20 year penalty is for "an attempt to commit bodily harm". The Life sentence is for "an attempt to cause a death".
Nevertheless, the bill does not *merely* do what the news reports claim, and in that, it is alarming.
The interesting part is the definition of "protected system", which is taken from "18 U.S.C. 1030" (search for it in your favorite search engine), and the modifications made to it by the bill.
It does not involve only government computers, as the text of the bill itself implies. It also involves "any restricted data, as defined in paragraph y. of section 11 of the Atomic Energy Act of 1954" -- most of which is public information these days, and available from many web sites containing information on basic high energy physics (apparently, congress-critters believe that if they can't figure something out without a crib sheet, neither can your average university-trained physicist or engineer, which is why they think they could successfully legislate against light switches).
Further, it includes records from "information contained in a financial record of a financial institution, or of a card issuer as defined in section 1602(n) of title 15, or contained in a file of a consumer reporting agency on a consumer", per "15 U.S.C. 1681".
This can be loosely interpreted to mean "any system which stores credit card numbers".
--
The real question that we should be asking is whether this is a Writ Of Mandamus... it seems so, since there do not appear to be practical restraints on use of information gathered under the terms of this bill (i.e. "We thought he was a terrorist; as it turns out, our justification was bogus, but we still get to use the evidence gathered to inform against him for that Metallica MP3 he downloaded").
From my reading, it's unconstitutional, under the 4th Ammendment.
Of course, since it passed by such an incredible amount in the House, there no reason to believe that it will not quickly become law: it clearly has wide bipartisan support, and will clearly get the White House's approval (see below).
What that effectively means is that it will remain law, until it is challenged by a perpetrator on the basis of constitutionality. Basically, the law will have to be violated to be tested, at considerable risk to the violators, given the tendency recently for the Federal Government to use the Bill Of Rights in place of toilet paper.
I guess the only thing we don't know is whether this is an overreaction to last September, or if its an overreaction to the lack of consumer confidence in the market, where they think if they can point to themselves "*doing* something about some real market risk", we will forget all about "the man behind the curtain", and not insist on substantive tort reform.
If you read the House Report version of the bill, you'd think the latter (e.g. reaction to "Enron")... almost all of the listed congressmen are from -- *surprise!* -- Texas.
The Constitutional basis for incorporation itself is to serve the public and shareholders interests (read the relevent USC on incorporation, if you don't believe me); this seems to have been reduced to nothing more than "fiduciary responsibility to protect shareholder value, and screw public interst". More fundamental reform is required: this is not about people not acting like a--holes for fear of the penalty, it's about people not acting like a--holes because they *aren't* a--holes.
-- Terry
My question is, why do we need a new law in the first place? Last time I checked all those things you mentioned are already illegal. My worry is someone will get life for doing something that doesn't "threaten" or whatever a human life. Well, it doesn't really matter anyways. It's not like he'll get a trail under our military tribunal system anyways.
What are these people smoking? First of all, real computer hacking is not "magical". It isn't like in the movies. Generally speaking, nearly all hacks take advantage of either a known bug in a networking program, or laziness. Computer hacking is not about smashing down a steel vault door...its about walking in the back door that someone left unlocked and cracked open.
Generally, the easiest way to do it is to get someone's password by either conning someone into giving it to you; sending someone a trojan email with a keystroke logger embedded in it (best and easiest way); or installing a hardware logger (if you have physical access).
OBVIOUSLY, if a computer system cannot be accessed it can't be hacked! What important financial or military computer has ACTUALLY been hacked?
Most of the court cases are stupid. They involve someone downloading software that others have written to take advantage of known software bugs (a script kiddie) and using it to mess around. Sure, a major site might go offline for a few hours....but the world of computing has so many "natural" technical glitches that's hardly a problem.
Viruses only affect major companies because the employees there are stupid and lazy. They continue to use Outlook, they don't filter executables out of incoming mail, and they don't update their software.
Oh sure, some scipt kiddies have broken into DoD "classified email" servers, but how does that warrant a life in prison?
Unlike the movies, most real machinery and IMPORTANT computer systems are generally not upgradable without pulling chips or at least gaining access with tools to the serial port.
Well, logically there wouldn't need to be a new law. But you are forgetting, lawyers will wiggle through any available hole. It could be argued that you can't actually murder someone through a computer because it isn't quite a tangible thing. The new law is probably just to plug that hole.
My beliefs do not require that you agree with them.
"You actually think Americans call anyone who has a differing opinion a terrorist?"
I'm sorry, I thought you were referring to the term: "Freedom Fighter".
So Jews are justified to live on land b/c they evicted others by force. Palastinians are *not* justified to live because jews were evicted by force.
Arabs are *evil* b/c of war to take over land. Jews *rightfully* conquered land through war.
You Sir, are a logical three ring circus.
-b
While this bill is very worrying, given the increased power it gives to the DOJ (and that maniac Ashcroft...), it's not as bad as its made out to be. Basically, the extreme penalties are for those who knowingly commit acts that result in death or serious bodily injury. That only makes sense. Killing somebody by hacking into an important computer is just as bad as killing him any other way. Also, it increases the penalties for illegally intercepting electronic communications, which is a good thing. Maybe that clause can be used against the FBI and DOJ when they get a little too snoopy.
A deep unwavering belief is a sure sign you're missing something...
--quote--
If you have any evidence that nonviolent groups of people that are not attempting to kill civilian non-combatants deliberately are considered terrorists by the US government or population, please show me.
--quote--
Well.... this is dragging the cat out....happened a long time ago.... also, it should be noted that there have also been legitimate uve se of force from the US, they have been attacked and they have retaliated....but this has not allways been the case...
0.- Chile (US supported age of terror)
1.- Argentina (US supported age of terror)
2.- Nicaragua (US supported age of terror)
3.- El Salvador (US supported age of terror)
4.- Plenty African Countries and CIVILIANS...remember the 'mistake' of the aspirin plant?
Another definition for you:
Army: Organization made for the legitimate use of force.
US Army: Organization whose primary objective is to protect american interest everywhere through the use of force.
To portray an example:
In Nicaragua, US Army trained right wing government special army units specifically for the task of counter guerrilla activities. A quick run through the manual of such military concept will tell you that this means basically the use of the military to do state terrorism, eliminating the popular base of the guerrilla. This meant genocide of whole towns.
So there....hows that for an example.
Alex
NO SIG
this is just like the 10-round magazine law. It doesn't do anything usefull, it just gets people used to the concept that this sort of thing should be regulated by law. Wait about 5 years, and then this bill's successors will be there to regulate every packet.
Sitting Walrus Blog
People become terrorists because they are terrified. A Muslim whose education at a madrasas has consisted totally of reading the Koran for its power, is terrified by the powers we in the West gain from our books and films and (relatively) free communnications, so, terrified, they seek to return the terror to what they see as its source.
When I was training typical office workers in using computers back in the 80s, the most difficult hurdle was that most of them were terrified that the computer was sentient enough to become offended if they did something 'stupid' and intentionally punish them for their mistakes. Just as Muslims see a god in their book, even 'modern' Americans tend to see gods in their boxes - and both are terrified that those gods will punish them if they stray, even in ignorance, from their presumed commandments.
And now the Congress is terrified of computer networks, and seeks to terrorize those who appear to be favored by special powers by the new network gods, who must be made fearful of Congress's powers lest they reach out through the networks to strike them dead.
Lesson: Anyone whose power source is different from your own is guilty of witchcraft (whether that source is more or less advanced than yours makes little difference - thus 'modern' medicine derides 'witch doctors'). Since that witchcraft terrorizes you, you must hold the witches in check by terrorizing them in return. This is all simple anthropology.
Sometimes the witches (fundamentalist Muslims) are trying to kill you; sometimes they (sysadmins) aren't. The key to maximizing peace is overpowering the first group either with new culture or, if that fails, with containment or death; and overpowering your own paranoia regarding the second group, by whatever means are available. The tricky part comes if our own Congress continues towards behavior equivalent to that of fundamentalist Muslims. Our first course should be to ease their paranoia.
___
"with their freedom lost all virtue lose" - Milton
B) Bush is NOT taking citizens on the grounds of unamerican activities or what have you. You're making a mountain out of a mole hill. We're talking about a handful of non-US citizens that are believed to be associated with terrorists (murderers, not mere philosophical disagreements). This is not "anyone." This is not on "any grounds." You are distorting the facts.
C) Open government and "due process" is a good thing. However, not all good things are better when carried out to their extreme. In fact, some are downright harmful. Some of the practices that made sense 200 years ago, when it was very difficult for an individual to kill thousands of people, really make little sense now when it's relatively easy to do the same. I'm sorry, but I'm absolutely opposed to the idea of releasing someone who sneaks into this country illegally, who is KNOWN to be involved with terrorists organizations, either back into this country on bail or to deport them, merely because we can't find sufficient evidence to convict them in a traditional court of the more serious crime that they're probably involved in. Now that's not to say that I give my government carte blanche (and they DON'T have it) to do whatever they want with these people, but you'd attack ANY necessary change.
D) As for history, this cuts both ways. History has shown time and time again that you can't placate bullies, whether they be dictators in charge of a country or a terrorist leader. Some of the same policies that Bush has enacted are policies that should have been enacted in WWII and are being attacked by people like you.
E) It's a blatant stretch to assert that Bush, or anyone in this government, is so far gone in their change of policy that they're beyond control of the people. What's more, these policies that have been enacted are relatively slight policies and are easy to enact, so that enacting them really gets you no nearer to a police state, in reality, than we were previously. The press is still readily attacking Bush. The political opposition still does, although they're more hesitant because they're afraid to waste political capital. I really don't think that you can say with a straight face that we're in any danger of slipping into a police state given all the facts (especially when you take into account the greater risk of a massive terrorist attack).