Tougher Hacking Laws Get Support in UK

← Back to Stories (view on slashdot.org)

Tougher Hacking Laws Get Support in UK

Posted by ryuzaki0 on Tuesday March 7, 2006 @07:02AM from the be-careful-of-blanket-statements dept.

rainbowhawk writes to tell us BBC News is reporting that new laws outlining harsher punishments for computer crimes are gaining support in the UK. From the article: "The move follows campaigning from Labour MP Tom Harris, whose ideas are now being adopted in the Police and Justice Bill. There will be a clearer outlawing of offenses like denial-of-service attacks in which systems are debilitated."

14 of 189 comments (clear)

Min score:

Reason:

Sort:

And how should it be enforced? by Opportunist · 2006-03-07 07:03 · Score: 4, Insightful

Laws against DDoSs. Great idea. Btw, let's next outlaw Hurricanes from destroying properties.

Yes, one is a man made problem, the other one a natural catastrophe (albeit some might argue whether man made it worse... not the topic now), the problem is the same. You can make the law, but you cannot execute it.

You want the bot-brain? Good luck. If he has half a brain, the controlling computer is not his, and it's sitting in some country ending in -stan. If he has no brain, all you accomplish is to execute Darwin's law: Survival of the best.

You want the bot-drones? Well, while this does have my full support, you can already hear the outcry from computer illiterates who fell for the marketing hype around the 'net and "how easy it is to get on", only to realize now that if they don't have a clue what their computer is really doing on the net, they're now with one foot in jail when they even go online. Can you see the Sun headline already? "Granny charged with computer crime!"

So, how is this going to do ANYTHING meaningful against DDoSs or other computer related crime?

In turn, what it accomplishes is that there will be fewer and fewer people with relevant skills. Let's face it, everyone, literally everyone, who is in the security biz today, from 'net security to virus analysis has some kind of record. Either a public one or (if he's good) at least one that didn't get public. But everyone has scratched and sniffed at a server or two. If you threaten new and intelligent people with jail time comparable with premediated severe bodily harm (up to 10 years sentence here), they will go out and find some less "dangerous" hobbies.

And the price for good security experts in the UK will rise. Either that, or you have to import them from some country ending in -stan, because there they can still learn the tricks of the trade.

--
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
1. Re:And how should it be enforced? by LiquidCoooled · 2006-03-07 07:13 · Score: 4, Insightful
  
  Laws against DDoSs. Great idea.
  
  What happens when somebody complains about a thorough slashdotting?
  
  Remember, google can be taken off the air when word of a DOS attack happens (I am a firm believer that 99% of DDOS attacks are curious web users on the grapevine testing a site supposed to be under sustained attack)
  
  --
  liqbase :: faster than paper
Slashdoting? by nexxuz · 2006-03-07 07:03 · Score: 5, Funny

Would that mean that there could be legal actions against slashdotting in the UK?

--
I love random hex numbers! Just like this one, 09f911029d74e35bd84156c5635688c0.
Ambiguity by kaleco · 2006-03-07 07:07 · Score: 4, Interesting

The bill - which was being debated for the first time in the House of Commons on Monday - would also boost the penalty for using hacking tools.

What constitutes a hacking tool? A terminal emulator? Linux?

--
Prosperity is only an instrument to be used, not a deity to be worshipped. Calvin Coolidge
1. Re:Ambiguity by Anonymous+Brave+Guy · 2006-03-07 07:25 · Score: 4, Insightful
  
  This is one of those laws written by people with no clue about technology, and therefore hopelessly and dangerously broad. In this case, the text reads:
  
  (1) A person is guilty of an offence if he makes, adapts, supplies or offers to supply any article-
  
  (a) knowing that it is designed or adapted for use in the course of or in connection with an offence under section 1 or 3; or
  
  (b) intending it to be used to commit, or to assist in the commission of, an offence under section 1 or 3.
  
  A loose but credible reading of the above seems to cover every mainstream operating system, every compiler or interpreter, every text editor, every communications tool, and more.
  
  --
  If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
What? by voice_of_all_reason · 2006-03-07 07:08 · Score: 5, Funny

10 years for hacking? So you might as well take out the cops who are trying to bring you in. Assuming concurrent sentencing, you'll get the same time even with a few second-degree murders thrown in. Sorta like a bonus.
Hacking tools... by advocate_one · 2006-03-07 07:09 · Score: 4, Insightful

what will be illegal: possession or actual usage of them? cos technically speaking I'm in breach here simply for having several common utilities installed on this Ubuntu box. Tools I use to ensure my own systems are secure...

--
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
Sony? by Lord_Dweomer · 2006-03-07 07:11 · Score: 4, Insightful

"There will be a clearer outlawing of offenses like denial-of-service attacks in which systems are debilitated.""
And where will monstrosities such as Sony's rootkit fit into this? Surely our corporate overlords would be held just as accountable under these new laws as a poor 16 year old hacker in his parents' basement.

--
Buy Steampunk Clothing Online!
Awkward justice system by GenKreton · 2006-03-07 07:11 · Score: 5, Insightful

Does anyone else find it COMPLETELY wrong someone like Milan Babic (former Croatian Serb leader who just commited suicide) serves 13 years for genocide crimes and hackers can serve as much for a little denial of service attack?
Black? White? Grey? Define it! by Opportunist · 2006-03-07 07:13 · Score: 4, Insightful

Where does white stop and where does black begin? And, more important, do they care?

What they want is the perfectly safe and sane net. Which is by its very design impossible, the net itself is "dumb". It shuffles packets from A to B, not caring (too much) about their content. And that's its purpose.

Their idea seems to be that, if there is nobody who CAN hack, nobody DOES hack. But that's the same theory you can apply to guns. What happens if you outlaw guns?

Exactly.

The best defense against an attack is to have the better guns. Or, in terms of the 'net, the better hackers. If you outlaw them, if you outlaw learning the techniques and the tricks, which you pretty much do when you outlaw hacking altogether, since even a page about hacking can be labeled a "hacking tool", you do the equivalent of outlawing weapon development in your country.

And what happens when you do but other countries don't?

Exactly.

--
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
You think this is a joke? by Anonymous+Brave+Guy · 2006-03-07 07:16 · Score: 5, Interesting
Actually, Slashdotting almost certainly would be regarded as a deliberate DDoS attack.
1. It suddenly diverts massive numbers of requests to a particular system, resulting in an obvious denial of service.
2. The admins of that system are given no prior warning and have no particular reason to expect such a spike, so they can't do anything about it. (There goes the "if it's on the web, it's fair game" argument.)
3. The Slashdot admins know damn well about the Slashdot effect, and have consistently ignored public suggestions to improve their procedures.
I would expect that if the Slashdot editorial staff continue to allow linking in articles without giving any sort of warning or (better) seeking consent from the linked service's admins, the first case will go against Slashdot in a matter of minutes, and there will be genuine consequences for the admins. Let's hope the more enlightened editorial policy zillions of Slashdotters have been advocating for years results.
--
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
1. Re:You think this is a joke? by Anonymous+Brave+Guy · 2006-03-07 07:32 · Score: 4, Interesting
  
  Reading the proposed wording, there is no definition of "DDoS". The offences are defined in terms of denying access to a system, and you would simply have to make the case that the Slashdot editors had the requisite knowledge and intent. The knowledge is clear; the Slashdot effect is widely known, and it is not credible that the editorial staff are unaware of the likely effect of linking to a site on the front page of Slashdot. The intent is less clear, but I'm sure you'd find a lawyer who could make a strong case for it. We might refer to a "DDoS attack" in conversation, but the use of zombie machines or whatever is irrelevant to whether or not an offence is committed under the proposed law.
  
  --
  If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Script Kiddies go free ;-) by TekGoNos · 2006-03-07 07:20 · Score: 4, Interesting

A person is guilty of an offence if--
(a)
he does any unauthorised act in relation to a computer; and
(b)
at the time when he does the act he has the requisite intent and
the requisite knowledge.
So, if a script kiddy just tries everything without knowing what he does, he goes free?

--
I have discovered a truly remarkable proof for my post which this sig is too small to contain.
Welcome to the new world by Opportunist · 2006-03-07 07:31 · Score: 4, Insightful

Babic killed people. Hackers kill shareholder values.

Wrong?
From a moral point of view, yes.
From a human point of view, yes.
From a personal point of view, YES.

From a financial point of view, no.

You got 3 tries to guess which one counts.

--
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.