Slashdot Mirror
Lawyers Say Hackers Are Sentenced Too Harshly
Bendebecker writes "Cnet is reporting: 'The nation's largest group of defense lawyers on Wednesday published a position paper arguing that people convicted of computer-related crimes tend to get stiffer sentences than comparable non-computer-related offenses.' Finally, someone is listening..." The document makes the points that most computer crime cases involve disputes between an employer and employee, and that the seriousness of the offense is generally comparable to white-collar fraud cases.
I think it all depends on the crime committed.... stealing 8 million credit cards is a lot more serious than defacing a website for an hour, don't you think?
On the other hand I AM glad that computer crime is possibly going to be recognized as a white collar crime instead of a terrorist threat.
This one bombed a bus. That one stole a credit card. Kill 'em both!
Always going forward, 'cause we can't find reverse.
defacing a web page != stealing credit cards.
they shouldn't have equal sentences, but that isn't to say one of them isn't deserving of what they get...
There are some odd things afoot now, in the Villa Straylight.
In many cases, the victim would be ignored if s/he didn't over-state the actual damages. I've heard victim after victim (right here on slashdot) state that they've went to the FBI/local officials, and were denied help because the actual damages didn't add up to a certain amount.
No wonder victims are overstating the problem, it's because they don't like being ignored.
--sex
Very popular slashdot journal for adul
There's strength in numbers - and the lawyers finally realized that geeks are the only people as universally unpopular as they are.
Scenario A: man walks into a store with a gun, demands they empty the till, walks out with a hundred bucks.
Net effect: 100 bucks for the store + mental anguish for people in there.
Punishment: Ten years
Scenario B: Man defrauds investors, pension funds etc out of millions or billions
Net Effect: Pension funds slashed, thousands made unemployed
Punishment: 5 years
We all know that white collar crime gets punished a whole lot less, but is that right ? Why shouldn't execs from the likes of Enron, WorldCom et al be looking at life behind bars for the havoc they have reaked ? Well because there really is a different set of laws for the rich. Sure they might even get 15 years in the cases of these massive frauds, but is this enough given the damage they have caused ?
So maybe the problem is that white collar crime is punished too little, rather than hacking is punished too much. Maybe having sentences for theft, fraud etc (of any kind not involving actual violent which already has punishments) should be related to the amount of money stolen.
Maybe 1 year per $1000....
An Eye for an Eye will make the whole world blind - Gandhi
I thought a laywers job was to understand the law and to represent his/her client, not decide what's fair or not fair regarding the law.
Who says they are deciding. They are stating their opinion. It is up to legislators to create and modify the law and judges to uphold it. Lawyers just happen to be the most intimitately involved with both types of cases and therefore are qualified to state an opinion.
I would also point out that they are as free to state their opinion as you are.
And the white collar fraudsters should be hit harder? I think I'd rather see that myself. Send Skilling, Lay, and their ilk up the river for an age and a day.
Stop by my site where I write about ERP systems & more
Quoth the Rave,,, err, Anonymous Coward:
"Oh, well, in that case, since it's ONLY fraud, might as well let them go free."
You didn't understand the argument, or didn't bother to read it, at least. They're not saying computer criminal should "go free," but that the harshness of their punishments should be similar to the punishments meted out for similar crimes not involving computers. Is that really so difficult to support?
I don't want them making any public statements on my behalf...
Your behalf, eh? That's admission of guilt, get him boys.
"Probably the toughest time in anyone's life is when you have to murder a loved one because they're the devil." -Philips
Are hackers sentenced too harshly, or are "comparable" criminals not sentenced harshly enough?
--
Think Green... Burn only 100% recycled dinosaurs in you car.
It's because lawmakers have no idea what hacking is. All they know is that the news and their handlers and their real constituents (donors) say it's very bad. It's just like way back in the day when people were put in institutions for being depressed. No one knew why they were depressed so they just put them away.
Now, I'm not saying that hacking others' equipment is good. I'm just saying that the punishment should fit the crime, not get 10 years in jail because you made the RIAA website say they love mp3s instead of money.
Note To Self: change plans from hacking to fraud.
-You're wasting your time. Alfador only likes me.
Its the inability to impose proper sentences for violent criminals and drug offenders. I have no sympathy for people invading companies computers for whatever reason and they should be punished harshly. I have better things to do on my weekends then combat those assholes. But there is a need for reform in the way punishment is administered for violent criminals and longer sentences need to be handed out.
Worst. Sig. Ever.
If I break into someone's house, I'll be charged with breaking and entering, and with trespassing.
If I hack into someone's network and don't even do anything but look around, I'm charged with causing losses of millions. I'm charged with stealing any sensitive content I gained access to whether or not I even looked at it. Not to mention they'll slap all the cybercrime and terrorism laws they can find down on me too. It has nothing to do with the severity of the laws, just that you get pinned with so many of them.
I am a viral sig. Please help me spread.
arguing that people convicted of computer-related crimes tend to get stiffer sentences than comparable non-computer-related offenses.
Only in US. Convicted hacker Raphael Gray, who stole 23,000 credit card no. and sent Bill Gates boxes of Viagra, was only sentenced to three years of community rehabilitation. As he told BBC:
"...Kevin Mitnick was stopped from going near computers, even from working a cash register, but they can't do that in this country.
I've had two job offers - one from the guy who tracked me down..."
...are the hackers of today.
"... McOwen was charged under Georgia law with computer trespass. Facing up to 120 years in prison..."
A man installed a program that for all intent and purposes is a screen saver and he could have been forced to serve 120 years in prison had he not plea bargained. Clara Harris killed her husband with her Mercedes, was found guilty of 1st degree murder, and was only sentenced to 20 years (she'll get out in 10).
I think something is wrong with a system that gives you more time for installing a program that doesn't do any damage than it does for murdering a person in cold blood.
...more year in prison than the average raper ?
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
If that logic is pursued, just make every crime, from littering and jaywalking on up, a capital offence. That would deter ALL crime. Sounds idyllic, doesn't it?
The point the lawyers are making is that the penalty should be in relation to the harm caused, not multiplied merely because it somehow involved a computer. Whether you defraud using a fountain pen or a PC, the penalty should be the same.
Check this out:
Story (palmbeachpost.com)
An 11 year old snuck into his classroom during lunch and changed some of his grades on his teacher's computer. He was caught and is now facing FELONY computer fraud charges. Tell me that's not a bit ridiculous.
-Dan.
People have always tended to be hysterical about that which they fear and don't understand. They see this "hacking" (it should be called "cracking" in this context, but that's a lost cause) as a vaguely defined but fearsome threat, regardless of the actual reality of harm, and clamor for the modern equivalent of witch burnings.
A truly excellent pizza parlor is a delight unto the heavens. Treasure the sauce and the toppings!
Kevin Mitnick, in his Slashdot interview, explained this in detail:
Suffice it to say, we need to find a compromise where we can accurately represent the loss of intellectual property without undually exaggerating its (non-material) worth.
Its not like it takes an order from the president with full access codes to launch a strike or anything. Just a dialtone and a modem from the computer that lauches the strikes.
Also he could of obstructed justice by using a walkman or radio because he could of turned it into a hacking device. The fbi needed to take these priveldges away as well so he can stare at the walls and do nothing in his solitary confiment for 7 months while still technically inocent I may add. I mean screw John Gotti. This man is clearly more dangerous to our whole American way of life.
Also look at economic sabatoge and espianage caused by Jon Johnson from reading his own personal dvd's? The RIAA and the BSA claimed they lost over 9 billion a year because of piracy. Its a shame and we all know that these kids and college students can easily afford adobe photoshop, 3dStudioMax and all of Nsync's and britney spears artistic masterpieces of great music which is worth every penny of the price so it must be piracy! We need to stop these so called terrorists before they kill every man woman and child on earth. Hopefully some hardware based solution will be the salvation towards the problem.
Do we want the whole ecomomy to fall apart and lose millions of jobs because of lenient sentancing? Somebody please think about our children.
http://saveie6.com/
Well this is really quite simple.
/usr/bin/perl
Computers are for "smart" people
People feel marginalized when they don't understand even the basic concepts of what has happened
Therefore when a CEO realizes they have been hacked/cracked (you fight that out) they feel even more violated since they don't even understand how someone could get past all the hardware they bought and all those 45-100K+ people they have running around purporting to be computer experts.
Their anguish is then felt by atrtorneys who can't understand the crime, the criminals or why everyone is so upset. The one thing they do know is that THAT FAT GUY WITH THE UNKEMPT BEARD AND THE WIERD SHIRT THAT HAS THE FORMULA FOR HELL ON EARTH:
#!
ON HIS SHIRT IS DEFINITELY GUILTY!
And that's pretty much what happens.
This
Too harshly? Why, in my day, after Prometheus stole fire and gave it to mankind, we chained the guy to a rock and had a giant bird eat out his liver every day. Now that's punishment!
-kgj
That a lot of the problem here is due to double standards and lack of accountability.
Joe Schmoe embezzles from his S&L firm for ten years, gets caught, and it is realized that he made off with 500K. He is slapped on the wrist, fired, made to "pay it back" on time deferred payments, or maybe stuck in a white collar prison/country club for a few years.
Mike, the l337 hacker from down the street, defaces Stuff-Marts web page, pointing out that Stuff-Mart buys 80% of its stuff from china, where it is made in forced child labor camps at gunpoint, and it is repaired in an hour.
Now.. Stuff Mart's lawyers tell the jury that they *potentially* lost MILLIONS due to the damage, (when in fact, they did not "lose" anything.. and there is no way to prove how many people would have bought during that time anyway). The SM lawyers also point out that it cost "an estimated 100K dollars to repair the damage!".. which means they just budgeted in A) the new server and colocation company to handle the site, B) the three person team who maintains and handles the site already, and C) all of their IT staff who received an Email about the "hack" and therefore were "working" on it.
Its all about what the jury wants to hear, and all about language.. "potential" is used ahead of "we could have potentially lost BILLIONS in sales!" but the judge/jury does not hear the "potential". Nor do they realize that 99% of that IT staff was already working there, doing their routine jobs, and had nothing to do with the repair anyway.
(Same reason a procedure at the hospital that took all of 15 minutes costs your insurance company as much as your house did.. funky accounting and everyone wanting to be "in" on the action.)
I think a lot of "hacking" is a no harm no foul problem anyway.
Maeryk
Feminine Protection? What is that? A chartreuse flame thrower?
From http://www.savage.net/public_html/net/phrack.html:
This guy was accused of stealing 80 grand when in reality it was worth 13 dollars!!!Also see Kevin mitnick answers if you missed it.
100 years ago before the automobile became dominant, society & the economy depended quite a bit on horses. As such, you would be hung for stealing a horse, not because it's such a horrible offense, but because if the punishment wasn't really stiff excess horse theivery would probably have actually undermined the stability of society. Who would want that!
The same forces are probably in effect here.
Keep passing the open windows...
I'd look at it this way; you broke into the house to steal a TV, but on your way out you slipped into the china cupboard and accidently broke a Han Dynasty era vace worth 1.2 million.
I suggest you actually READ the PDF. Your $1.2 million vase is NOT broken. The entire point of the article is that computer related law is broken.
If some kid sneaks in, watches some TV and leaves. he does NOT berak your vase. The crime is a misdemeanor. The economic damage is zero. This is sentenced as a "Base Offense Level" 6 misdemeanor. Perfectly reasonable.
Now lets look at what computer law does:
The kid didn't touch your cupboard or vase, but you decided you needed a cupboard with a lock for $5000. This counts against the kid and he gets +2 on the base offense level for $5000 in "damages". It now becomes a FELONY.
Then there is a +2 on the offence level for using a "special skill".
Then there is a +2 on the offence level for using "sophisticated means".
The kid did he not intend to cause any harm. The kid in fact did not cause any harm. So now a harmless prank that is supposed to be a level 6 misdemeanor is actually treated as a level 12 felony. THAT is the point they are making.
They also want to make sure this harmless prank doesn't get sentenced as TERRORISM. They don't go deeply into this topic, but they are also opposing certain "computer-terrorism" laws and proposed laws. They essentially make it terrorism for a kid to throw a snowball across state lines at a supermarket. The DOJ claims this is acceptable because they promise it will only be used in "appropriate cases". Pardon me, but I don't think a misdemeanor harmless prank should EVER be within the scope of a terrorism law.
Another problem they mention is one that came up in the Mitnick case. The kid takes a photo of your vase. The kid never shows the photo to anyone. Here's how computer law meaures this "vase theft": You paid $1000 for the vase, but you bought it on a $50,000 vacation. You later realize the vase is worthless and give it to the salvation army for free. According to computer-law taking the photo caused $51,000 in economic damages.
In the Mitnick case he copied software. If they had to spend money repairing damage Mitnick had done then there would be economic damage. If Mitnick had sold or given the software away then there would be economic damage from last sales. Yes, Mitnick broke the law, but the fact that he was charged and punnished based on tens or hundreds of millions in economic damages when the actual figure was zero damage was absurd.
And yes, one of the companies did in fact decide to give the software away for free (and it had nothing to do with Mitnick). Care to explain how he caused millions of dollars of damage by making a single copy of $0 software?
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.