Ok, true enough (oh, and I live in Texas, so shooting them is certainly allowed:) I guess the issue is that there's really no physical threat involved with hacking into a system, whereas there is one when someone breaks into your home. I'm not sure that the punishments should be equivalent. But basically I think I agree with you.
I did read your post. He talked about hacking into a computer and defacing a web page. You talked about theft of credit card numbers. Perhaps that's where the disconnect was. Most cases do not involve theft, yet they would carry a much harsher penalty than other types of simple defacements. I agree that companies should have to prove their losses (and they should show up on the corporate balance sheet too), and an agency devoted to ensuring this might be a good idea too. Not too sure about the funding part though. There would definitely need to be some strict controls to keep the agency independent. All in all though, you were talking about 2 different things. I didn't see him say anything about going easy on theft. He just (correctly) stated that most of the time there is very little harm done and that we shouldn't get carried away with the punishments.
If someone defaces a website, it is quite reasonable to assume that if the intruder has managed to obtain privelages sufficient to change the front page, they could very well have obtained privileges sufficient to compromise your credit card data.
And this is a bad thing... how? Was the site somehow more secure before the hacker defaced it? Should I have been comfortable giving them my credit card info? Of course not. All the hacker did was highlight the insecurity. Kind of like spraypainting "Wal-Mart's credit card machines are insecure!! Follow these steps to charge your bill to whomever used the swipe-box before you:", etc., on the front of the Wal-Mart building. Sure, you defaced their building and could be charged with that. But should they really be allowed to claim damages because you told their customers the truth about their insecure system?
Hacking into the computer isn't the damaging part. Stealing the credit card numbers was damaging and should be considered separately. Using those numbers for fraudulent purposes is yet another crime. We already have laws against these things. If I walk in to a Western Union office and steal a PC with a bunch of credit card numbers, I've done the same amount of damage, but I'd probably get a significantly lighter sentence since I didn't hack into their computer. See the problem?
However you cut it, you are trying to compare a case of extreme punishment for an act of self-defense and a light punishment for a malicious act that causes significant financial damage. It's a highly contrived example you've created, even if each case isn't highly far-fetched in its own right. As with murder and most other crimes, there will likely be several degrees associated with computer crime. Hacking into a computer in and of itself should not be considered a severe crime most likely. Defacing a website should most likely not be considered a severe crime either. Probably those should both be misdemeanors. Destroying or stealing valuable data could be considered more severe, depending on the dollar value attached (and as with physical goods, that value should be verifiable. none of this garbage of corporations declaring major financial damage because someone hacked in and stole a marketing brochure that they happen to hand out in their front office.) If you hack into a system and open the floodgates of a damn and people die as a result, then hacking charges should be the least of your worries. You should be up on murder charges. It's really not that hard to be sensible about this stuff. We just have to make sure our elected representatives resist the temptation to create idiotic laws in an effort to look like they're being tough on crime.
Jumpin Jesus on a pogo stick!! Are you really that dense? It has everything to do with 911 detainees. All it takes is the proper label, some scaremongering, and a bit of political expediency to take people's rights away. Once you start making exceptions to the rules, it becomes quite difficult to stop. One rationalization leads to the next.
That depends entirely on the laws that exist where you live. It's not the same everywhere. I live in Texas and I can shoot anyone that breaks into my home or vehicle, whether they are threatening me or not. In DC, you aren't even allowed to own a gun. YMMV.
If my argument had really depended on complete illegality of prostitution, you might have a point. But, since the fact that a couple tiny counties in NV allow it makes very little difference to the analogy I used, you don't.
Fine. But since every state but one makes it illegal, and even that one only allows it in a small county, it is for all intents and purposes illegal in this country. Whether the law is federal or not doesn't really matter to the argument. Fair enough?
Well, since the ISPs have to deal with all the email traffic, why shouldn't they get to decide? They are selling a service to their customers, why shouldn't they get to decide what kind of service they want to sell? You can choose an ISP that has a policy compatible with your needs. If there's a market for ISP service that doesn't block SPAM, then someone will sell that service. If there isn't, then they won't.
Heh. Their script probably ignores what you put in the text box and just mails their own text to the legislators. That way they don't have to worry about people accidentally saying something they don't mean. And the legislators don't have to read each email. They just see that there's 100,000 emails from the DMA site that all say the same thing. No fuss, no muss:)
Yeah right, that's why I keep getting telemarketing calls from people who can barely speak english. These jobs are being farmed out like anything else.
The first list, a statewide "Do Not Call List," will apply to any telephone marketer, including Retail Electric Providers, calling a Texas residential phone number. There is a registration charge of $2.25 for each residential phone number to be included in this list only. Your registered residential telephone number(s) will remain on this list for three years.
I wanna know where the hell all that money is going!
Cosponsor Total: 115 (last sponsor added 06/05/2001)
43 Democrats
72 Republicans About This Legislation: This bill would require accurate return addresses on unsolicited commercial e-mail. HR 718 would make it illegal to continue sending junk e-mail to a person who has asked to be removed from a distribution list, require unsolicited commercial e-mail to be labeled, and require ISP's to let their customers opt-out of receiving junk e-mail. The bill would also set a penalty for continuing to send junk e-mail after someone has asked for it to stop. HR 718 would also allow ISP's to sue spammers for $500 per message if they violate their antispam policy.
The DMA opposes HR 718 and has testified before Congress on the bill's onerous provisions.
They don't actually say what provisions they find to be onerous. Is it the fact that people can decide that they don't want to receive junk mail? Or is it the fact that they have to provide an accurate return address? Or maybe it's the fact that they would have to label their advertisements as what they are instead of trying to make people think they are something else. No... couldn't be any of those things. That would make the DMA seem evil:) Must be the fact that there is actually a punishment for violating these rules. That's gotta suck.
All I'm finding on their website is these "Action Alert" things that don't really make any argument other than lots of people have jobs annoying other people over the phone. Lots of people have jobs as prostitutes too. That doesn't make it legal (although I'm much more inclined to have legalized prostitution than I am to outlaw do-not-call lists).
Calm down Beavis. It's quite possible to love your country even if you don't like the fact that you pay more taxes than necessary because of some of the utterly fucking stupid ways that money gets spent. The founding fathers didn't want to pay more taxes than necessary and wanted to keep the government small too. Were they unpatriotic? Would you have wanted kick their asses out of the country too?
Wow! Another brilliant debunking by Anonymous Coward! How does he do it? And how does he defeat the 30-post-per-4-hour limit? The world may never know.
Best explanation of the arguments I've seen yet.
Wow... that kung-fu game would rock :) Love to see Nintendo make this a reality!
Ok, true enough (oh, and I live in Texas, so shooting them is certainly allowed :) I guess the issue is that there's really no physical threat involved with hacking into a system, whereas there is one when someone breaks into your home. I'm not sure that the punishments should be equivalent. But basically I think I agree with you.
I did read your post. He talked about hacking into a computer and defacing a web page. You talked about theft of credit card numbers. Perhaps that's where the disconnect was. Most cases do not involve theft, yet they would carry a much harsher penalty than other types of simple defacements. I agree that companies should have to prove their losses (and they should show up on the corporate balance sheet too), and an agency devoted to ensuring this might be a good idea too. Not too sure about the funding part though. There would definitely need to be some strict controls to keep the agency independent. All in all though, you were talking about 2 different things. I didn't see him say anything about going easy on theft. He just (correctly) stated that most of the time there is very little harm done and that we shouldn't get carried away with the punishments.
Hallow. My name is Inigo Montoya. You kill my server. Prepare to die.
If someone defaces a website, it is quite reasonable to assume that if the intruder has managed to obtain privelages sufficient to change the front page, they could very well have obtained privileges sufficient to compromise your credit card data.
And this is a bad thing... how? Was the site somehow more secure before the hacker defaced it? Should I have been comfortable giving them my credit card info? Of course not. All the hacker did was highlight the insecurity. Kind of like spraypainting "Wal-Mart's credit card machines are insecure!! Follow these steps to charge your bill to whomever used the swipe-box before you:", etc., on the front of the Wal-Mart building. Sure, you defaced their building and could be charged with that. But should they really be allowed to claim damages because you told their customers the truth about their insecure system?
Hacking into the computer isn't the damaging part. Stealing the credit card numbers was damaging and should be considered separately. Using those numbers for fraudulent purposes is yet another crime. We already have laws against these things. If I walk in to a Western Union office and steal a PC with a bunch of credit card numbers, I've done the same amount of damage, but I'd probably get a significantly lighter sentence since I didn't hack into their computer. See the problem?
Ok, that should have said "dam", not "damn" :)
However you cut it, you are trying to compare a case of extreme punishment for an act of self-defense and a light punishment for a malicious act that causes significant financial damage. It's a highly contrived example you've created, even if each case isn't highly far-fetched in its own right. As with murder and most other crimes, there will likely be several degrees associated with computer crime. Hacking into a computer in and of itself should not be considered a severe crime most likely. Defacing a website should most likely not be considered a severe crime either. Probably those should both be misdemeanors. Destroying or stealing valuable data could be considered more severe, depending on the dollar value attached (and as with physical goods, that value should be verifiable. none of this garbage of corporations declaring major financial damage because someone hacked in and stole a marketing brochure that they happen to hand out in their front office.) If you hack into a system and open the floodgates of a damn and people die as a result, then hacking charges should be the least of your worries. You should be up on murder charges. It's really not that hard to be sensible about this stuff. We just have to make sure our elected representatives resist the temptation to create idiotic laws in an effort to look like they're being tough on crime.
This is why sysadmins are kept on staff ... to install and maintain current systems (that includes fixing any damage done by vandels).
Not to mention working to keep the vandals out in the first place.
Jumpin Jesus on a pogo stick!! Are you really that dense? It has everything to do with 911 detainees. All it takes is the proper label, some scaremongering, and a bit of political expediency to take people's rights away. Once you start making exceptions to the rules, it becomes quite difficult to stop. One rationalization leads to the next.
That depends entirely on the laws that exist where you live. It's not the same everywhere. I live in Texas and I can shoot anyone that breaks into my home or vehicle, whether they are threatening me or not. In DC, you aren't even allowed to own a gun. YMMV.
If my argument had really depended on complete illegality of prostitution, you might have a point. But, since the fact that a couple tiny counties in NV allow it makes very little difference to the analogy I used, you don't.
Well, since the bill also requires that unrequested advertisement be labeled as such, it wouldn't be a problem.
Fine. But since every state but one makes it illegal, and even that one only allows it in a small county, it is for all intents and purposes illegal in this country. Whether the law is federal or not doesn't really matter to the argument. Fair enough?
Well, since the ISPs have to deal with all the email traffic, why shouldn't they get to decide? They are selling a service to their customers, why shouldn't they get to decide what kind of service they want to sell? You can choose an ISP that has a policy compatible with your needs. If there's a market for ISP service that doesn't block SPAM, then someone will sell that service. If there isn't, then they won't.
It's not legal in the US, which is what we're talking about here. The analogy had nothing to do with tactics either.
Heh. Their script probably ignores what you put in the text box and just mails their own text to the legislators. That way they don't have to worry about people accidentally saying something they don't mean. And the legislators don't have to read each email. They just see that there's 100,000 emails from the DMA site that all say the same thing. No fuss, no muss :)
Yeah right, that's why I keep getting telemarketing calls from people who can barely speak english. These jobs are being farmed out like anything else.
Ours is damn expensive. Check this out:
I wanna know where the hell all that money is going!
E-mail bill
Bill # H.R.718
Original Sponsor:
Heather Wilson (R-NM 1st)
Cosponsor Total: 115
(last sponsor added 06/05/2001)
43 Democrats
72 Republicans
About This Legislation:
This bill would require accurate return addresses on unsolicited commercial e-mail. HR 718 would make it illegal to continue sending junk e-mail to a person who has asked to be removed from a distribution list, require unsolicited commercial e-mail to be labeled, and require ISP's to let their customers opt-out of receiving junk e-mail. The bill would also set a penalty for continuing to send junk e-mail after someone has asked for it to stop. HR 718 would also allow ISP's to sue spammers for $500 per message if they violate their antispam policy.
The DMA opposes HR 718 and has testified before Congress on the bill's onerous provisions.
They don't actually say what provisions they find to be onerous. Is it the fact that people can decide that they don't want to receive junk mail? Or is it the fact that they have to provide an accurate return address? Or maybe it's the fact that they would have to label their advertisements as what they are instead of trying to make people think they are something else. No... couldn't be any of those things. That would make the DMA seem evil
All I'm finding on their website is these "Action Alert" things that don't really make any argument other than lots of people have jobs annoying other people over the phone. Lots of people have jobs as prostitutes too. That doesn't make it legal (although I'm much more inclined to have legalized prostitution than I am to outlaw do-not-call lists).
Calm down Beavis. It's quite possible to love your country even if you don't like the fact that you pay more taxes than necessary because of some of the utterly fucking stupid ways that money gets spent. The founding fathers didn't want to pay more taxes than necessary and wanted to keep the government small too. Were they unpatriotic? Would you have wanted kick their asses out of the country too?
Well.. Sendo did turn to gold for Microsoft.. it just sucks to be the one that turns into gold rather than the one doing the turning.
Wow! Another brilliant debunking by Anonymous Coward! How does he do it? And how does he defeat the 30-post-per-4-hour limit? The world may never know.