Slashdot Mirror
Spyware Maker Indicted on Hacking Charges
An anonymous reader writes "The San Diego Union-Tribune is reporting that Carlos Enrique Perez Melara, the author of an investigative tool called 'Lover Spy,' has been indicted on 35 counts of federal hacking violations. This begs the question: if you develop and sell a software product, are you responsible for what your users choose to do with it?" From the article: "Perez, a native of El Salvador, probably is in the Los Angeles area, said Stewart Roberts, the second highest-ranking agent at the San Diego FBI office. Crime Stoppers has offered a $1,000 reward. Perez is charged with 35 crimes, each of which carries a potential five-year prison sentence if he is convicted. "
...it "raises" the question. "Begging the question" is something else completely, and you're not doing it.
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
Umm... hm. This isn't "spyware" in the sense people normally mean. These are hacking tools. "Spyware" is a word which is used to refer to software which in addition to its known function covertly transmits information back to the software author. This is nothing of the sort; it's a surveillance tool. It may be immoral or unethical to use this surveillance tool, but that doesn't mean it's a good idea to use words like "spyware". Words have meanings. If you start ignoring the meanings and deciding that if it's bad it can be referred to by the same terminology as any other bad things, language ceases to be useful.
Anyway, I find it funny that people are being prosecuted for creating tools like this at the exact same time that the government's use of tools like this is on the rise.
If you create a nuclear weapon, you should not sell it to North Korea. If you create a tank, selling it to Iran surely would not increase your merits in the western societies. If you sell guns to teenagers, you are a criminal and - as far as I am concerned - partly responsible if those teenagers start shooting their classmates.
Why of all things should you not be responsible for creating a software intended for potentially criminal purpose (here: spying on users) and giving it to people who will use it? Following this logic of non-responsibility, worm writers should not be persecuted, because the damage their creations have done was not their immediate fault.
Screw the FSM - Real geeks believe in the Invisible Pink Unicorn
a $1000 reward for a guy wanted on 35 counts? Cheepskates! Add a couple zeros to the back and I'll drag the guy in myself.
"I would say that 99 per cent of what my father has written about his own life is false." - L. Ron Hubbard Jr.
IANAL, but if a gun maker named their pistol "Felon's Favorite"(TM) or "Rob-Rite"(TM), then I'm sure they would be susceptible to either civil or criminal legal pleasantries.
Are there legitimate uses of this code? If so, then why didn't the author market it strictly for those uses and name it something a little less felonious than "Lover Spy?"
Two wrongs don't make a right, but three lefts do.
TFA doesn't explain this very well. Couldn't find an antivirus page about it, but here's another page mentioning the tool.
I actually live in san diego and read this article yesterday. If it is the same article, this guy marketed it as a program to spy on your significant other. I think that is where the law gets him. If you distribute some code thats a trojan and slap on, "Educational purposes only, do not use on anyone without their permission, I am not responsible for your actions", then it seems the law is much more lenient. But this guy was marketing it as a tool that u send (like a greeting card) to check on your gf/bf to see if they are cheating.
No this trial doesn't mean coders are responsible for their users' actions, just responsible for how they say their program should be used
On a side not, this company started in 2001 - took 4 years for the FBI to notice & catch him. Kind of funny.
This begs the question: if you develop and sell a software product, are you responsible for what your users choose to do with it?
The question boils down to the intent of the author. If the program, when considered as a whole, cannot be reasonably construed to have alternative non-damaging or benign uses then it serves to demonstrate the malicious intent of the author and therefore it becomes possible to assign some responsibility for the actions of users to the original author(s). Software engineers, like other engineers, must have some code of ethics that governs the standard and intent of the programs that we produce. If you write a virus, worm, spam ware, or other "evil" type of application then you are responsible for the damage you cause to other people. You cannot demonstrate vulnerabilities or exploit code to prove a point while damaging other people's property in the process. In this case it seems that the author in question, Carlos Enrique Perez Melara, is indeed responsible for malicious intent in the collateral damage that his software caused.
Why not? Do we not treat child-porn JPGs, which are nothing but a series of numbers stored in a file, the same way we treat polariods of child-porn?
Like woodworking? Build your own picture frames.
This mis-use of "begging the question" arose in the 1980s.
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
I'm not in favour for what he's done, but getting 175 years in prison for writing a program?
You can get less for killing a man. No wonder the prisons are already full.
Perhaps it's time to realize that it's not always the solution to lock people up for what they have done.
There are no atheists when recovering from tape backup.
How much do you want to bet that some high ranking official at the San Diego FBI office was caught cheating or at least had his email read by this program? :)
Rats would be more funny if they could fart.
From the article, he collected all the information that was being sent to his clients. So he didn't just sell the software, he was collecting information that could have been used for identity theft, credit fraud, blackmail, etc.
This wasn't a simple case of selling software with the potential for abuse -- the retailer himself was one of the abusers.
I do not fail; I succeed at finding out what does not work.
Logic is not an obscure technical field of some kind, it's an absolutely necessary core function for a free human being. If you don't understand it, you need to improve yourself, not make excuses.
Furthermore, your proposed 'simple English' meaning for the phrase doesn't stand up to the most cursory examination. 'Begs' is never used in English to mean 'demands' although it can be used as an antonym for demands, among other senses. So your 'simple English' parsing makes no sense in English at all.
The fact is, your 'simple English' parsing is simply an incorrect one, and transparently so to any native English speaker of moderate skill and a token amount of thoughtfulness. It doesn't make sense, it never made sense. Using the phrase in that way is nothing more than a way to advertise to everyone in earshot 'look at me, I like to use big words I don't understand.'
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
The fact is, it's arcane, and noticeably so. No one is going to spontaneously coin that phrase to mean 'raises the question' - it's far too awkward, it just doesn't parse, it doesn't make any sense. Because it doesn't parse, it's obviously a fixed phrase. This is an obvious clue that you shouldn't use it unless you're sure what you're saying. Ignoring that clue and charging ahead to use a phrase like that without bothering to understand it first is not behaviour which reflects well on a person, and not behaviour to be emulated. But some idiot back in the 80s did charge ahead with it, and far too many more have been happily emulating him or her since then. This is one little corner of a deeply disturbing phenomenon that deserves to be resisted at every turn.
Like it or not, language matters. Sloppy language both leads to and is a sign of sloppy thinking. No matter how popular a particular bit of sloppiness may be, it's still both possible and worthwhile to resist it.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.