Slashdot Mirror
How Italian Police Shut Down U.S. Web Servers
gessel writes: "CNN has an article describing Italian police shutting down a U.S. hosted website deemed in Italy to be illegally blasphemous. The article goes on to describe the ramifications and U.S. efforts along the same lines."
Looks like some Italian cops found someones password and shut things down. It's not like they forced the U.S. based ISP's to pull the content.
Looks like a non-story to me.
They who would give up an essential liberty for temporary security, deserve neither liberty nor security
If the content was created in one country and hosted in another country which laws should apply?
I bet if you were to ask an American they would say their laws should apply no matter where the content is housed as long as they created it. So what is so different about the Italian authorities believing the same? Just because you can do things outside of the normal laws of your respective homeland doesn't suddenly give you freedom from prosecution for breaking them.
I don't agree with the laws in question here but that isn't for me to decide, it is for the local people, in this case the Italians to decide to change the laws or allow them to stay as they currently are.
--- I do not moderate.
Let's all celebrate about this quote.
Jim Conway of the New York-based Direct Marketing Association worries that U.S. companies may have to scale back U.S. campaigns if they cannot assure that their mailing lists contain no European addresses.
The article says they just logged in with the user's name and password... did they obtain it volutarily, or involuntarily (network sniffer, etc...)?
Anyone know? It doesn't seem that US authorities are involved in this whatsoever, though.
There's 10 types of people in this world, those who understand binary and those who don't.
So... What's the big deal again?
Sure, it offends me that the Italian government discourages free discourse, but that's a matter for the government and the citizens of Italy to work out. Just because the site was hosted in the US does not extend legal protection to the person running the site. This would be as if I, say, obtained a copy of the Solaris source and kept it on a server in Iran, and the US forced me to delete it in order to avoid jail time. Regardless of if you think the laws involved are intelligent, I am still subject to the laws of my country.
If the Italian government had somehow forced the US hosting company to remove the speech in question, then we'd have a serious problem to discuss here. However, that now being the case, I don't see what the issue is.
Want something real to worry about? Try this: an American U student is charged with theft for taping a speech by Tipper Gore. They say he "stole" her intellectual property. I suppose from now on we'll need expressed written permission from Major League Baseball to describe what our political leaders are saying...
Every year during my review, I just pray the words "slashdot.org" aren't mentioned.
It seems to me, that the twist here is that, for the US-based ISP, it seems that the users account has been effectively hacked. An unauthorized user (the Italian Police) have acquired the password and defaced the pages being hosted by the user. Simply because they did it from the proper uses own PC, doesn't mean it's not a hack, nonetheless, does it?
Does that mean that the US-based ISP can fire charges against, and request extradition of, the offending hacker from Italy?
Awk! Pieces of eight. Pieces of eight. Pieces of seven... ERROR: General Protection Fault. [Paroty Error.]
It sound like a virtual version of the Inquisition to me. The next step is developing a way to torture the servers and make them change their contents =)
Blue Gravity's chief executive, Tom Krwawecz, said the company was never informed. And he believes U.S. laws -- not Italy's -- ought to apply.
.02 cents anyways.
I don't think so...
We do not have the right to interfere with the laws of other countries (unless it is flat out human rights violatations and the enslaved are being used to build a war machine against us) Being that the USA is a melting pot, we have been taught to respect the belief's and values of other cultures.
The content was created in italy, by an italian. Being Italian myself, the story sort of took a special note with me.
Let's say someone in the US was creating kiddie porn sites and hosting them offshore. Most states in the US make it illeagle to have nudes of anyone under 18. The laws in other countries differ, you can marry as young as 14 and still be legal. Should we exempt someone dealing in kiddie porn just because their site is offshore? No! Of course not.
So if that is the logic applied here, then why in gods name would we want to impose a double standard to our allied nations laws? It doesn't bode well with "keeping the peace"
my
It's worth repeating that the originator of this technique was the United States with the Skarlov(sp?) case. The US, in effect, used legal pretense to abduct a visiting foreign national for breaking our laws while living and and a citizen of another country.
If another country, say Iran, had imprisoned a US citizen for speaking his mind while living in the US, the Marine Corps battle flag would be flying over the rubble of Teheran by now. But, of course, might makes right, so that will just have to remain one of life's little injustices.
As, then, will this concept of having your travel restricted by exercising your (US) rights.
Every year during my review, I just pray the words "slashdot.org" aren't mentioned.
YOu're forgetting the good old
google cache that, is still showing the site as it was.
On the other hand, the police seemed to act more like 15-year-old hackers than police. They "...used a suspect's computer and password to reach across the ocean and replace the offending images with the insignia of the special police unit that tracked him down." That really doesn't seem very professional to me.
The reason people say this a lot is because, of all the nationalities in the world, it's the Americans who tend to think that the world should be doing things their way, and that everyone else is just backwards.
Yes, it's stereotyping, yes, it's wrong.
But there IS a reason you see it so often... and that's because many, many americans DO reflect this attitude.
Well, the way I would see it is that in your example, the person creating the content could be tried under the laws of his country of residence for creating the content, but the server itself and content on such could only be touched by the laws of the country in which it is being hosted.
it appears that the Italian police used the user's authentication credentials to alter the site. That's a computer crime, and the Italian police involved in the action should be immediately arrested if they set foot on U.S. soil. If it's good enough for Dmitri Sklyarov, it should be good enough for foreign law enforcement officials that steal computer access.
CEE5210S The signal SIGHUP was received.
Fortunately history has shown that italians make really half assed fascists.
This is, obviously, a jurisdictional question.
There are three factors at work here:
1. The country in which the material was physically produced. Itally.
2. The country in which the author resides. Itally.
3. The country in which the material was published. United States.
Note that 1 and 2 do not necessarily have to be the same, and may be complicated.
In order for a country to have complete jurisdiction, al three categories should take place within that country: the author should be there, it should be produced there, and it should be published there.
In cases where the material is produced in one country and published in another, the country where the material was published should have jurisdiction to regulate or not regulate that material: in the case of a web-site, to take it down or not, or to censor it or not. No other country than that of publication should have this power.
That's the easy question. The hard one is which country should have jurisdiction over the author -- i.e., punishing him or not, according to laws? It certainly should not necessarily be the country of publication. The question is, should it be the country where the author resides or the country where the material was produced. They can be different. I can, for example, log into a server in Taiwan and type up a document there. In that case, the author resides in the US, but the material was produced in Taiwan.
Though this seems like a difficult question, its actually very easy if you liken it to real-world scenaries. If I -- a US citizen -- leave the United States and go to another country (for vacation) which has different laws regulating, say, murder, I am accountable only to those laws, not US laws. The laws of one nation should stay within that nations borders; they should not follow that nations citizens around the world where-ever they may go. This would require that vacationing citizens would have to consider two different sets of laws to obey -- an unreasonable request. It may even require that citizens obey two contradictory laws -- an impossible request.
Thus, the nation where the material was produced should have governing authority over the person who produced it, *provided* that person is in that nation at the time. I.e., this does not mean that the US can prosecute someone in Taiwan because he logged into a US system from remote to produce some material. However, it does mean that Taiwan cannot prosecute that person. It also means that should the person come to the US, he can be prosecuted in the US because he produced the offending material in the US, remotely from Taiwan.
Lets apply this to the Dmitry Skylarov case. This means that the US has the jurisdiction to regulate that content within the US, but not the jurisdiction to prosecute anyone who wrote that content, as the content was produced in Russia.
social sciences can never use experience to verify their statemen
Maybe I missed something. From what I can tell, the police obtained the account name and password, logged in, and removed the offending material from the user's account. No "servers" were shut down in the process, and the hosting company wasn't even aware of it.
I suppose if the account holder later calls back in to complain, there's something. But it WAS his account that was used. If the police were able to find out his password, he should have made better efforts to conceal it. As it stands, no legal action was taken against the hosting company, they weren't even burdened with a request to remove anything.
I guess I'm just not getting TOO excited about this.
-Restil
Play with my webcams and lights here
They did NO such thing, they did NOT I REPEAT NOT ! Shut down ANY web sites. They could have but they actually DIDNT.
.
What they did do, was CHANGE the content in question REMOTLEY. They made no effort to have the ISP or the US goverment TERMINATE the hosting of these sites, what they did was (probably with a rubber hose and blackjack) get the username and password and altered the site.
I hate when people say something other than happened, I read the damm headline an just about panicked that they somehow did this through LEGAL channels in the US , THEY DID NOT
What they did is no different than what a 12 year old script kiddie could have done with a username and password. they changed content, there is a HUGE difference betwwen CHANGING content and "Shutting Down" a website, if the fellow had US cronies that were willing to host it the Italians could do absolutley NOTHING about it. Im half tempted to get a cached copy and host it for the fellows. Let the meatballs try and shut it down.
Sig went tro...aahemmm.....fishing........
The problem is that the article doesn't specify if it was with the user's consent or not. And, if it was (for example, if consent was obtained through plea-bargaining), then it can't be considered a hack.
/. beloved case, for example.
The article brings up several more interesting points, referring to a
The United States, too, is guilty of trying to extend its reach.
A U.S. copyright law was used to jail a Russian programmer in California for writing software that was legal in his country. He was later freed, but charges remain against his Russian employer.
They also talk about how they had to wait for him to attend a conference in Las Vegas before they could do anything. It seems like the laws of jurisdiction are beginning to show holes of inadequacy: just how do you deal with the global village?
But guess what -- there's even more. I double-checked this next bit when I first read it, just to make sure.
And because a large part of Internet traffic goes through the United States -- even if both sender and recipient live elsewhere -- last fall's anti-terrorism bill lets the Justice Department prosecute foreign hackers when they attack computers anywhere in the world.
Leaving aside cracks about UUNET for the moment, can you imagine the complexities of trying to enforce something like this if you are dealing with an unfriendly country that doesn't like to extradite to the U.S.? And while other countries may not be in quite the same boat as the U.S. with regards to Internet traffic hosting, let's not forget it's all going somewhere -- depending on where you're sending your traffic, it can go through several different countries before reaching its final destination. And each of those countries has its own complex legal system.
This is already a big problem (several other points mentioned in the article indicate this: e.g. the Yahoo Auctions/Nazi memoribilia difficulty), and will only get worse. Wait for the big ruckus to ensue when it's decided a world court is needed to supervise these issues and the U.S. is only one amongst many countries that refuse to accept any exterior jurisdiction (a la the World Crimes Court). The thing is that most of the world can actually agree on what constitutes a war crime against humanity -- but how do you cope with deciding if a page in cyberspace constitutes a crime when you've got as many options on what's legal and illegal as you do countries in the world?
Consider a privacy law recently passed by the European Parliament requiring companies anywhere in the world to obtain permission before sending marketing e-mail to Europeans.
:)
Jim Conway of the New York-based Direct Marketing Association worries that U.S. companies may have to scale back U.S. campaigns if they cannot assure that their mailing lists contain no European addresses.
Someone let me know if this DOES happen.. I'll be wanting a European email address the minute it occurs
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
In the case of amnesty, you need to be accepted by the country from whom you seek help. Should it work the same for ideas? If you are afraid your ideas will be censored by your home country, get someone in the hosting country to help you by maintaining your site. This way the police would have to act in the hosting company to censor the content.
So in this case, the Italian citizen should have contacted a U.S. citizen before being caught. The U.S. citizen could then maintain the site, and when the Italian police struck, would have simply fixed the site and changed the password. Then the Italians would have had to fight the case here in the U.S. where our laws would likely protect the content.
As I understand it, this is exactly what FreeNet is supposed to do without having to formalize a relationship with others to host your content. They host it merely by viewing it a few times without having to stick their own necks out.
Freedom to fear. Freedom from thought. Freedom to kill.
I guess the War on Terror really is about freedom!
Eh?
Still though it doesn't matter WHERE it's hosted. What matters is who created and uploaded the content from where, and what local laws they've broken.
In italy there is hardly and seperation between church and state, the vatican pretty much runs it all. The catholic religion is a very HUGE part of italian culture and to the italians desecrating the virgin is a VERY serious thing. I know this because my family is VERY italian and despite living in the USA we still hold strong to our belief system.
The thing is, the guy was in his own country when he did the offense. He probably TOLD them his password for a lighter sentance. How is that unauthorized access? It isn't! Shit if I was facing 10 years in the slag vs. 1 year for giving up my password, well then here! **********
You really gotta understand the culture, we have extridition treaties with italy for a reason. Nothing was extridited though, it italy it's probably leagle to search someones computer. There might be a law giving the state the right to do it, we just don't know because we don't live there. If there is a law like that, it's just a part of living in italy, and being a citizen.
If american hosting companies are afraid of foriegn goverments doing this to their citizens then they shouldn't do business with them. Simple as that. They should have a big ass bold lettering in their TOS like this..
We do not provide service to accounts from Italy, Cuba, China, Russia because we do not agree with thier censorship laws"
Thing is, we're so strapped for cash right now, I think many companies are more willing to make a buck than to fight for some censorship issue.
my take on it.
Deal with it.
Our main weapon is SSH. And SSH Tunneling. Our two main weapons are SSH and SSH Tunneling. And a fanatical devotion to TCP. Out THREE main weapons...
Etc.
http://twitter.com/onion2k
If people REALLY wanna see Porn featuring the Madonna, they can just hit amazon and pick up that awful coffee table book she put out a few years ago!
Maeryk
Feminine Protection? What is that? A chartreuse flame thrower?
Let's change the data in the scenerio. Let's say that the files in question belonged to a company, or even a political group. Would it be legal for the Italian Police to change/move/delete files from another organization, because they consider it a violation of their laws?
Let's make it even more interesting.
The Vatican is recognized by the UN as its own country, has its own police force, etc.
If I put up a site detailing the sex crimes of Catholic priests, along with pictures, name, and addresses of the perpetrators (and their governing Bishops who are covering up these crimes), and the Vatican decides doing such is against their law, can they break into my machine (hosted in the United States) and vandalize my content?
How about if, instead of an American citizen, I'm a catholic priest with Vatican 'citizenship', with the content hosted on the exact same machine (in America). Does an illegal break-in become legal simply because the citizenship of the data's owner happens to be non-American. Somehow, I think not.
I suspect the decision not to extradite the Italian police officer in question will have for more to do with politics (and favor-trading in this 'war against terror' hysteria we're in) than it will any points of law, fine or otherwise.
The Future of Human Evolution: Autonomy
I'm facing a similar situation. I run a web site (been live since Feb 96) which has a bunch of games, primarily aimed at small kids. It's hugely popular (1000's of unique users/day), I pay for the hosting myself and I just keep it up to bring a little happiness into the world. I live in Australia.
/.ers understand that (even if they don't agree with my actions).
Recently, I've been contacted by the FTC in the USA saying my site is not compliant with some new legislation called COPPA - the Childrens Online Privacy Protection Act. I replied to them, pointing out that I was resident in Australia and this was reflected in the WHOIS record for my domain. I got a personal (ie. not form letter) response from one of their lawyers, basically saying they don't care where I live, and the legislation explicitly mentions non-resident sites (with some fairly vague caveats: http://www.ftc.gov/privacy/coppafaqs.htm point 20).
They have since started sending me snail mail (based on my whois record) with friendly messages encouraging compliance, but making it very clear they are watching me.
While I applaud COPPA and support its principles, I do resent being legally threatened by another countries government.
At this point, I have chosen to remain non-compliant. I don't do anything explicitly "wrong" under the act, I don't sell kids email addresses (from an e-card page), etc. But I haven't complied to their privacy policy requirements. I want to see what they do and how far they take this. At the end of the day, compliance is a trivial task and if they get really nasty, I can become compliant in 30 minutes. But it's the principle - I'm Australian and I'm not interested in the laws of another country. I'm sure
Read reviews of shopping cart software
That the Italian government interfered with data on a server in this country, and put their official insignia, without permission, on a U.S. website is just that - an invasion on our soil and an attack upon one of our most protected civil liberties. I shake with rage when I see this site and the blatant invasion of our soverignty.
Glad I'm not President, or else I would have bombed Rome upon first mention of this incident.
"Anonymous Coward" is for whistleblowers, not unpopular opinions.
It's becoming a trend to do things you want, just if you can get away with it..
Just look at USA/UK on Iraq.
Things are getting OK, simply if you can do them without beeing punished..
Stay tuned for this becoming the norm in all aspects of society..
echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc