Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Computer Owner - Guilty or Not Guilty?

Posted by Cliff on from the guilt-by-association-may-not-be-sufficient dept.

Von-at-Infosec_Writers asks: "It is relatively easy to trace a hack back to a particular computer, but proving that a specific person committed the crime could become much more difficult especially since, as a recent CNN.com article stated, a hacker's legal defense can be: it wasn't me but my hijacked computer that committed the crime. 'In some cases, I do suspect there are people whose computer is taken over by third parties. It's also a clever defense to exculpate your client,' says Michael Allison of the Internet Crimes Group.What are possibilities to overcome this problem; to prove that the computer owner, without a doubt, is in fact responsible or not responsible for the crime?" As computers become more and more prevalent in our infrastructure, the consequences for computer crime become that much more serious. How much responsibility does the owner of an Internet-connected computer have for crimes committed using their equipment, and what are ways we can best determine their involvement, or lack of it, in said crimes?

5 of 539 comments (clear)

  1. Breaking Point Chaos and Destruction Online by segment · · Score: 5, Interesting
    Been there done that

    It's actually very easy to frame someone online which will be (mark my word) the next big thing in divorce cases, criminal cases, etal. I won't comment anymore on these issues though. I've been through the whole shabang. One thing people should be aware of though is the ease of which someone could actually do something malicious to another person. Courts, well let's just say if you're the accused, pray you don't get a computer phobic (which the DA will try to ensure he selects the most of) jury.

    --
    MoFscker
  2. "Attractive Nuisance" by ewhac · · Score: 4, Interesting

    Homeowners can be jailed when trespassers drown in their pool, because the pool falls under the heading of, "Attractive Nuisance." It thus falls to the homeowner to properly secure access to the pool, or risk getting sued when some vagrant wanders in and gets hurt.

    I can see this concept being extended to the Internet: By placing an unsecured box on the network, you have introduced an Attractive Nuisance, and it can be argued that the machine's owner bear responsibility for collateral damage.

    Trouble is, can the machine's owner really be held responsible for such consequences when the OS vendor willfully misrepresented the concordant hazards and responsibilities of placing their product on the open Internet?

    Schwab

    --
    Editor, A1-AAA AmeriCaptions
  3. WiFi as a defense by fmaxwell · · Score: 5, Interesting

    I have been waiting to see one of the RIAA lawsuit defendents use WiFi as a defense. If someone runs a WiFi 802.11a/b/g/etc. network and presents a defense in which they claim that the shared files must have been on a neighbor's computer, it would create the reasonable doubt necessary for the jury to find the defendent not guilty.

    I believe that it's only a matter of time and when it happens, it will put a real crimp in the RIAA's plans to sue every user of Kazaa.

    P.S. Don't waste bandwidth claiming that the defendent is legally responsible for the actions of others over their unsecured WiFi setup. That's not how the law works. If you leave your car unlocked and I steal it, you are not responsible if I smuggle drugs in your stolen vehicle.

  4. Re:Innocent Until Proven Clueful by Qrlx · · Score: 4, Interesting

    I have several friends who are CS majors and use Windows 98 with no virus protection or firewall.

    Typically the only people who know anything about security are the same people who have built a complete system from parts. It's sad but a lot of CS people aren't hackers (in the hackers-with-a-dumb-glider-logo sense of the word).

    Come to think of it the only programmer I know who actually went to school and got a CS degree is my mom, and it was her second degree -- she went back to school to pursue a well-paying career. I still remember the shoeboxes full of punch cards. She is clueless about Internet security, but pretty 1337 with COBOL and JCL, if such a thing is possible.

  5. Re:Innocent Until Proven Clueful by zorander · · Score: 4, Interesting

    I'm a CS student and I can't cound the numberr of people I know who leave BackOrifice installed on their machines for the very reason of deniability in this sense. For them, it's so they can blame their p2p activity on 'evil hackers'...of course, it's a flawed plan since the university just cuts you for 45 days if they are able to download from you (They only make an attempt after the RIAA notifies them that your IP is delinquent. If they fail, they tell the RIAA that they were wrong. If they succeed, they take away your connection and tell the RIAA that the problem was resolved on the inside...up until this point, this has done a pretty good job of protecting the students here from litigation).

    Brian