I think both you and daid303 are a bit right. In the case of a nuke plant, there's often a safety trigger which fires damping rods into the station and takes weeks to recover from. If you just take the station off the grid (as our hacker guru was proposing) then they can probably come back on again pretty quickly. If you are a serious "cyberwarrior", then you take a proper model of the control system and you work out a way to get the emergency systems to trigger.
This is where I call bullshit on Mr Graham. Unless you have an copy of the power station control system, you can't test and be sure your attack on it will properly trigger the emergency systems. That's why proper "cyberwar" takes more resources than just a little bit of "cybervandalism". You are actually aiming to reliably destroy or disable large amounts of infrastructure in a very short amount of time. This is not something you do with just a single guy and a mobile phone.
Because it's cheaper. Because the "anti-big-government" people (the ones with the big private contracts) make sure it's all run for maximum profit. The people that run the system don't risk that much personally (a few months wages? nothing?) for getting caught being stupid. Most of the risk is all externalised onto people who have no say in the matter (the rest of us).
the internet is there anyway... why no use it in a secure way?
Simply put because there isn't really yet such a thing as a "secure" way. Our current systems are too new, too complex and put together too quickly to make them anything approaching what you would mean by "secure". First let's start by defining secure. I'll put it as "you would have to invest 10% of the cost of the network in order to destroy it". That's an arbitrary and quite low value. I should probably have used about 30% and talked about the value of the dependent systems, but it's still a good start. I can't find a good place to start, but given that wind power is projected at around 150 Billion, let's use a Trillion dollars as the value. So to be secure, you want to make a person invest at least 100Billion dollars to attack the system.
100Billion dollars buys you a whole load of programmers. The kind that can actually analyse a VPN system and work out how to get into it. The ones that can work out how to tell passively which VPN system you are using.
Another analysis would be "weakest link" analysis. In this case, you say "what would it cost to do a physical attack" and make sure that a "cyber" attack costs more. However, a cyber attack can give you almost guaranteed anonymity, so you have to factor in the reduced risk of discovery which makes the attack more valuable. You will still find that an anonymous, whole grid surprise physical attack is almost impossibly expensive and unreliable. Again, you are probably talking billions of dollars. Doing the same thing with an attack via a VPN is likely to be much cheaper.
Fundamentally, by the time you are making your system secure enough to work on the intenet, it's probably cheaper to just start off with dedicated interconnections anyway. This is especially true for people like power grids who own a whole load of fibre optic cable (twisted together with their power lines) in any case.
Overall, whats clear is that currently not enough redundancy, stability and security are being put into the electric (or other) infrastructiure. You can't treat an electric grid as something that can be run purely by private industry because that means optimal use of resources, which means lack of redundancy. For stability and security there needs to be serious state / self defence interest in keeping it stable.
There is a difference between "war" and "terror"
on
Is Cyberwarfare Fiction?
·
· Score: 5, Interesting
As ever, this post has so many things wrong with it that it's stupid.
a) I've had my finger on the "off" switch for an entire country's power grid from a mobile phone
No you haven't; at least not in the sense that matters. Even if there is a country stupid enough to connect it's "off switch" to the internet, all they have to do is pull the ethernet cable and switch it on again. Even if you can break a small proportion of power stations, the rest will come on again. You are a "cybervandal" not a "cyberwarrior".
The real serious cyberwarfare people would do both. A disable the off switch (force it on) and b) drop a graphite bomb at a key place to do weeks worth of damage. That's proper "cyber" warfare.
Cyber"warriors" know the exploit for the radar station and disable the air defences as they fly in with real bombs.
Cyber"guerilla"s mess with account numbers in the fund transfer excels of most of the big companies in the place they target.
There's a whole load of resources which are needed for this stuff. Real test suites where you actually have the control systems of your enemies nuclear power plants; actual buildings where you can try messing up the air conditioning system, people who can actually write serious, fully EAL7 compliant defence systems. People who can write EAL7 compliant versions of exploits (have you seen the state of security software????). etc. etc. etc.
If you think your country's military doesn't have a valid role to play in a "cyberwar" then you haven't understood the difference between a "cyberterrorist" putting an "easter egg" into a flight control system and a "cyberwarrior" diverting all your civilians into the area where his nukes can strike them most effectively.
No no; that's the DDOSer's command and control site. Can't you tell just by looking at the comments? At first sight they look as if written by a human, but if you start to read them they are all free of meaningful content and obviously just disguised botnet commands. What else could they be?
Legal owners of copyright material have the right to copy, modify, format shift etc. the copyright material for their own purposes and have the right to transfer this right to another if they give it up themselves i.e. sell the material to someone else.
that's just asking for what we already have. Since the politics mostly ends in compromise, that means that you will end up with less than you have.
Content which ships with DRM that violates these rights is not protected by copyright i.e. if you can break the DRM then you can copy and distribute it at will.
definitely an excellent idea, but this really needs an improvement in the level of understanding of the issue by polititians to implement
As with most affirmative defences; the jury at the point where they sue you for unlicensed copying. You simply attempt to show that the work lacks value; the other side tries to show it does have value. The jury takes the evidence and decides. If you are right then you get off.
2) Elimination of the term IP would be quite good. But it's more broad than that. There is a whole language of entitlement around the term IP. The WIPO claims that IP laws "give statutory expression to the moral and economic rights of creators". I would never restrict anyone from claiming that, but, if they do they are no longer holding up their end of the copyright bargain and should be stripped of any copyrights.
5) There's quite a clear definition of private copying in many countries. It means distribution personally or within a family (and possibly close friends) for non commercial reasons. It would include time shifting, media shifting, backup etc. etc. Essentially it is any form of use or copying etc. which occurs within one private economic unit. I'm saying that that is something that copyright holders should have a duty to support.
6) Nope, it's quite clear that the justification for copyright is to add to artistic expression; to increase available literature. I happen to hate opera, but I agree many opera recordings add to artistic expression. However, yet another random Britney Spears video is of little value and should not be protected.
The answer is to get a counter proposal in via amendments such as the following:
Copyright holders who misrepresent their copyright lose it (e.g. if you claim "no copy may be made without authorisation" your copyright is invalid because you failed to mention fair dealiing/fair use).
Copyright and any of their representatives have to be clear to the public that the copyright is a trade off with free speech. Again, misrepresentation as a property right automatically voids copyright.
Copyright only applies to formats which will be reliable and easy to copy after the term of copyright is up.
Reduce copyright limits to maximum 10 years.
Attempting to interfere with private copying becomes a criminal offence
Copyright only applies to works of serious artistic, educational, informational or intellectual value. Not e.g. to pop songs. (probably as an affirmative defence of "copying a valueless work")
This is unlikely to succeed this time round, but if people gradually begin to learn about it and understand the benefits of such changes then it may succeed eventually. Getting that kind of thing into the debate will make the lobbyists try to close it down really quickly.
Well how about a) naming him and b) trying to get a protest against him organised some time soon in his constituency? If you leave it as "my MP" then there's nothing anyone can do about it (except call all their own MPs and try to identify who the enemy is).
Then why in $DEITY's name would you ever think the government would pass cap-and-trade and/or other CO2 reduction legislation that actually addressed any of the root problems, rather than being yet another wealth-and-power grab that leaves the average person with less money and fewer freedoms and choices?
Answer A) I'll believe that when I actually see it. These bills have not been passed, and it's pretty clear that the politicians and lobbyists bought by big oil are out to stop them.
Answer B) We (I'm assuming you're from the USA; I'm from Europe) still live in semi-democracies. If you actually are willing to protest about things and keep following up on them you can actually get things changed. Continue to vote against politicians who are in the pockets of industry and eventually they will take notice and throw you a few sops. Keep doing it and keep them to their words and eventually they will actually take you seriously. Politicians can't even sell themselves to industry if they fail to get elected.
Enough people have been continuing to go on about bad environmental policy for long that even politicians begin to care. That's why you begin to see so many people beginning to turn up with all sorts of different clever explanations of why these scientists are wrong, which when you try to look through them carefully turn out to based on some kind of strange lies that these people never mention and which they make it difficult for you to check up on. The oil companies are scared and are trying to build a base of popular support.
I have deactivating my facebook account in respons[e]
Try to do it together with a large group of friends. Try to find a decent alternative they can all move to together. If you don't do that then you may eventually find yourself moving back just because your friends are still in Facebook and you feel you need it.
In the U.S. the laws of Man far outrank the laws of Religion. The U.S. Constitution, Article VI states:
Except in this case we see that they don't. Facebook is trying to become the default method of communication for everybody and doing pretty well with many. If they allow this level of censorship that becomes very serious. Ideas, such as how to cure breast cancer, may not be allowed because some American fundamentalists don't like breasts.
We really really need to get a decent decentralised alternative to Facebook up as soon as possible and get people migrated away. If we don't there are going to be reall problems with practical freedom of speech in future.
Try calculating (or better measuring) the time it takes to download a web page and you'll find that for many (especially ones with lots of small content from different sites), the speed doesn't matter nearly as much as the latency. The same applies to gaming and various other things. This was the reason why 3G was a massive improvement over 2G even though speed differences weren't always that big.
Right. So, a small group of private scientists in random universities are able to pull of an intimidation campaign better than that of the CIA, whilst poor defenceless oil companies of the kind which can calmly deny journalists access to the Gulf of Mexico are completely unable to protect their own scientists. Right..
int; the "Big Government" is mostly controlled by the same people as the "Big Oil" and that is the problem.
The whole point of a small claims court is meant to be that it is for situations where employing a lawyer isn't reasonable. You have a claim of, say 500Euro and the company won't pay. A single hour of lawyer's time is going to cost more than that.
If you take it to the small claims court, the risk to you is extremely limited (in most places, just the nominal cost of registering the case + your time involved).
However, it seems like in Massachusetts at least, you still need to take lots of care. In other places, I understand that the judge has a duty to help the "little guy", overlook small mistakes and, for example, explain to you why your evidence can't be admitted.
Switzerland. Because they have referendums which the people can call almost at will. This seems to mean that the politicians are afraid of contradicting their electorate because their decisions can simply be reversed if they accidentally wake up the people. Unfortunately this seems to mean that they still live in the 18th century and are racist and xenophobic as hell so it's not the advert for the benefits of democracy that I like to use.
Various Scandinavian countries, and to a small extent some Germanic countries are more or less democratic. This is because their politicians still have some lvel of honour and do more or less what the electorate voted them in to do. From at technical point of view I'm really not totally sure why it works, but it sort of does.
Firstly, 800 Million is the implementation cost. There would still be running costs long term. Also, this seems to be a low number; No2ID identified a billion worth of contracts.
There are also other costs; e.g. organisations which would be required to check the ID card would have to link into the scheme. And finally, this isn't the only one in this set of pointless database schemes. If they also cancelled the scheme to link the whole NHS together that would save really lots.
As they say, a billion here, a billion there. Soon it starts to add up to real money.
This only needs to get to be the current GIF vs PNG situation and it's enough. There are still GIFs on the internet everywhere. They will never go away. However, nobody needs to put new content in GIF format because PNG is available everywhere. GIF licensing fees are now taxes on stupidity and help to mean that IP supporting companies become ever less competitive.
That means that the entire television industry, which is locked into H.264 will become less competitive against the internet / Google / web / open access type companies. This is the reason why the MPEG-LA is desperately spreading FUD. Hint; if you know that there's a patent which is essential to a particular existing standard there is absolutely no reason not specify exactly which patent it is out loud. If you don't do it you risk losing money for accusations of bad faith. If these people really knew which patent it was, then they wouldn't say they had it (admit they've done that analysis) without specifying exactly where the breach was. The very fact the MPEG-LA says there are patents but won't specify which shows that there actually aren't any.
Putting these technical restrictions to regulation is a bad idea (though some limited minimum standards is probably good). I think you have to look at the difference between the credit card system and the bank account system. You'll probably find that there's more technical protection on your bank account access, but credit card fraud worries you less and causes you fewer problems. The reason for this is that the credit card fraud is pushed to the place which is able to verify the transaction and not just the account holder; the shop and the credit card system. The security is very dynamic. If you make a small transaction in a place near where you live, it will almost always go through. If you make a large transaction in Cambodia, soon after making one at home (unless, of course you are Cambodian, in which case the same argument applies, but in New York), the company will call you directly to your mobile phone and ask you to confirm the transaction.
The reason this works like this (which is expensive) and works so well is simple. You are allowed to reverse the transactions if they aren't yours. This pushes the liability to the bank. If the same applied to bank accounts, that you could just reverse any transaction and the bank had to prove you were liable for it, suddenly bank fraud would be massively reduced, disappear completely as a consumer problem and the criminals trying it would be pursued to the ends of the earth.
I'll do that too to a small extent. But I think it's also mods agreeing that keeping chow mein hot is a major life problem and that the solution sounds like one worth exploring. Many a truth said in jest and all that.
He illegaly gained access to servers in the US, so he commited the crime in the US and should be prosecuted there.
he is accused of illegally gaining access (even his own admission isn't sufficient to declare him guilty until he is found guilty by a jury - he may have given it in the hope of staying in the UK)
But your whole argument is totally stupid and short sighted. Let's find some equivalents.
A Nigerian court has decided to extradite Father Bateyoo Reelgud on suspicion of fraudulently leading on a Nigerian citizen.
Predator pilot Robby Williams is accused by the Afghan government of manslaughter for the destruction of a civilian house next to a Taliban base.
The Ayatollah of Tehran has demanded the extradition of Moron Oxyd, an American citizen accused of libelling the keeper of the holy scriptures. It is believed the charge would fail in the US, but since it fits under an existing US law, the judge is not allowed to examine the evidence.
What is so wrong with just trying this in the UK where the guy was all the time?
Just to be absolutely clear about this. Sanger has made it very clear that it's not the album covers he was interested in, but some actual representations of sexual assualts on children. The question is, since these aren't photographs, whether they are protected free speech in the USA, but apart from that he probably is in some sense right about the legal position. The Grandparent has clearly not bothered to read the various articles at all some of which link to extensive discussions on the subject and deserves to be trolled. (having said that, I accept my moderation as a troll in this case even though I think these particular moderators should a) go read the articles too and b) get a sense of humor)
Slashdot Mirror
I think both you and daid303 are a bit right. In the case of a nuke plant, there's often a safety trigger which fires damping rods into the station and takes weeks to recover from. If you just take the station off the grid (as our hacker guru was proposing) then they can probably come back on again pretty quickly. If you are a serious "cyberwarrior", then you take a proper model of the control system and you work out a way to get the emergency systems to trigger.
This is where I call bullshit on Mr Graham. Unless you have an copy of the power station control system, you can't test and be sure your attack on it will properly trigger the emergency systems. That's why proper "cyberwar" takes more resources than just a little bit of "cybervandalism". You are actually aiming to reliably destroy or disable large amounts of infrastructure in a very short amount of time. This is not something you do with just a single guy and a mobile phone.
Because it's cheaper. Because the "anti-big-government" people (the ones with the big private contracts) make sure it's all run for maximum profit. The people that run the system don't risk that much personally (a few months wages? nothing?) for getting caught being stupid. Most of the risk is all externalised onto people who have no say in the matter (the rest of us).
the internet is there anyway... why no use it in a secure way?
Simply put because there isn't really yet such a thing as a "secure" way. Our current systems are too new, too complex and put together too quickly to make them anything approaching what you would mean by "secure". First let's start by defining secure. I'll put it as "you would have to invest 10% of the cost of the network in order to destroy it". That's an arbitrary and quite low value. I should probably have used about 30% and talked about the value of the dependent systems, but it's still a good start. I can't find a good place to start, but given that wind power is projected at around 150 Billion, let's use a Trillion dollars as the value. So to be secure, you want to make a person invest at least 100Billion dollars to attack the system.
100Billion dollars buys you a whole load of programmers. The kind that can actually analyse a VPN system and work out how to get into it. The ones that can work out how to tell passively which VPN system you are using.
Another analysis would be "weakest link" analysis. In this case, you say "what would it cost to do a physical attack" and make sure that a "cyber" attack costs more. However, a cyber attack can give you almost guaranteed anonymity, so you have to factor in the reduced risk of discovery which makes the attack more valuable. You will still find that an anonymous, whole grid surprise physical attack is almost impossibly expensive and unreliable. Again, you are probably talking billions of dollars. Doing the same thing with an attack via a VPN is likely to be much cheaper.
Fundamentally, by the time you are making your system secure enough to work on the intenet, it's probably cheaper to just start off with dedicated interconnections anyway. This is especially true for people like power grids who own a whole load of fibre optic cable (twisted together with their power lines) in any case.
Overall, whats clear is that currently not enough redundancy, stability and security are being put into the electric (or other) infrastructiure. You can't treat an electric grid as something that can be run purely by private industry because that means optimal use of resources, which means lack of redundancy. For stability and security there needs to be serious state / self defence interest in keeping it stable.
No you haven't; at least not in the sense that matters. Even if there is a country stupid enough to connect it's "off switch" to the internet, all they have to do is pull the ethernet cable and switch it on again. Even if you can break a small proportion of power stations, the rest will come on again. You are a "cybervandal" not a "cyberwarrior".
The real serious cyberwarfare people would do both. A disable the off switch (force it on) and b) drop a graphite bomb at a key place to do weeks worth of damage. That's proper "cyber" warfare.
Cyber"warriors" know the exploit for the radar station and disable the air defences as they fly in with real bombs.
Cyber"guerilla"s mess with account numbers in the fund transfer excels of most of the big companies in the place they target.
There's a whole load of resources which are needed for this stuff. Real test suites where you actually have the control systems of your enemies nuclear power plants; actual buildings where you can try messing up the air conditioning system, people who can actually write serious, fully EAL7 compliant defence systems. People who can write EAL7 compliant versions of exploits (have you seen the state of security software????). etc. etc. etc.
If you think your country's military doesn't have a valid role to play in a "cyberwar" then you haven't understood the difference between a "cyberterrorist" putting an "easter egg" into a flight control system and a "cyberwarrior" diverting all your civilians into the area where his nukes can strike them most effectively.
No no; that's the DDOSer's command and control site. Can't you tell just by looking at the comments? At first sight they look as if written by a human, but if you start to read them they are all free of meaningful content and obviously just disguised botnet commands. What else could they be?
Because. It. Works. .
(unfortunately the use of my Slashdot signature is suspended for this posting; )
that's just asking for what we already have. Since the politics mostly ends in compromise, that means that you will end up with less than you have.
definitely an excellent idea, but this really needs an improvement in the level of understanding of the issue by polititians to implement
And who exactly is going to decide this?
As with most affirmative defences; the jury at the point where they sue you for unlicensed copying. You simply attempt to show that the work lacks value; the other side tries to show it does have value. The jury takes the evidence and decides. If you are right then you get off.
2) Elimination of the term IP would be quite good. But it's more broad than that. There is a whole language of entitlement around the term IP. The WIPO claims that IP laws "give statutory expression to the moral and economic rights of creators". I would never restrict anyone from claiming that, but, if they do they are no longer holding up their end of the copyright bargain and should be stripped of any copyrights.
5) There's quite a clear definition of private copying in many countries. It means distribution personally or within a family (and possibly close friends) for non commercial reasons. It would include time shifting, media shifting, backup etc. etc. Essentially it is any form of use or copying etc. which occurs within one private economic unit. I'm saying that that is something that copyright holders should have a duty to support.
6) Nope, it's quite clear that the justification for copyright is to add to artistic expression; to increase available literature. I happen to hate opera, but I agree many opera recordings add to artistic expression. However, yet another random Britney Spears video is of little value and should not be protected.
The answer is to get a counter proposal in via amendments such as the following:
This is unlikely to succeed this time round, but if people gradually begin to learn about it and understand the benefits of such changes then it may succeed eventually. Getting that kind of thing into the debate will make the lobbyists try to close it down really quickly.
Well how about a) naming him and b) trying to get a protest against him organised some time soon in his constituency? If you leave it as "my MP" then there's nothing anyone can do about it (except call all their own MPs and try to identify who the enemy is).
Then why in $DEITY's name would you ever think the government would pass cap-and-trade and/or other CO2 reduction legislation that actually addressed any of the root problems, rather than being yet another wealth-and-power grab that leaves the average person with less money and fewer freedoms and choices?
Answer A) I'll believe that when I actually see it. These bills have not been passed, and it's pretty clear that the politicians and lobbyists bought by big oil are out to stop them.
Answer B) We (I'm assuming you're from the USA; I'm from Europe) still live in semi-democracies. If you actually are willing to protest about things and keep following up on them you can actually get things changed. Continue to vote against politicians who are in the pockets of industry and eventually they will take notice and throw you a few sops. Keep doing it and keep them to their words and eventually they will actually take you seriously. Politicians can't even sell themselves to industry if they fail to get elected.
Enough people have been continuing to go on about bad environmental policy for long that even politicians begin to care. That's why you begin to see so many people beginning to turn up with all sorts of different clever explanations of why these scientists are wrong, which when you try to look through them carefully turn out to based on some kind of strange lies that these people never mention and which they make it difficult for you to check up on. The oil companies are scared and are trying to build a base of popular support.
I have deactivating my facebook account in respons[e]
Try to do it together with a large group of friends. Try to find a decent alternative they can all move to together. If you don't do that then you may eventually find yourself moving back just because your friends are still in Facebook and you feel you need it.
In the U.S. the laws of Man far outrank the laws of Religion. The U.S. Constitution, Article VI states:
Except in this case we see that they don't. Facebook is trying to become the default method of communication for everybody and doing pretty well with many. If they allow this level of censorship that becomes very serious. Ideas, such as how to cure breast cancer, may not be allowed because some American fundamentalists don't like breasts.
We really really need to get a decent decentralised alternative to Facebook up as soon as possible and get people migrated away. If we don't there are going to be reall problems with practical freedom of speech in future.
Yes, but what about the latency?
Try calculating (or better measuring) the time it takes to download a web page and you'll find that for many (especially ones with lots of small content from different sites), the speed doesn't matter nearly as much as the latency. The same applies to gaming and various other things. This was the reason why 3G was a massive improvement over 2G even though speed differences weren't always that big.
Right. So, a small group of private scientists in random universities are able to pull of an intimidation campaign better than that of the CIA, whilst poor defenceless oil companies of the kind which can calmly deny journalists access to the Gulf of Mexico are completely unable to protect their own scientists. Right..
int; the "Big Government" is mostly controlled by the same people as the "Big Oil" and that is the problem.
The whole point of a small claims court is meant to be that it is for situations where employing a lawyer isn't reasonable. You have a claim of, say 500Euro and the company won't pay. A single hour of lawyer's time is going to cost more than that.
If you take it to the small claims court, the risk to you is extremely limited (in most places, just the nominal cost of registering the case + your time involved).
However, it seems like in Massachusetts at least, you still need to take lots of care. In other places, I understand that the judge has a duty to help the "little guy", overlook small mistakes and, for example, explain to you why your evidence can't be admitted.
Switzerland. Because they have referendums which the people can call almost at will. This seems to mean that the politicians are afraid of contradicting their electorate because their decisions can simply be reversed if they accidentally wake up the people. Unfortunately this seems to mean that they still live in the 18th century and are racist and xenophobic as hell so it's not the advert for the benefits of democracy that I like to use.
Various Scandinavian countries, and to a small extent some Germanic countries are more or less democratic. This is because their politicians still have some lvel of honour and do more or less what the electorate voted them in to do. From at technical point of view I'm really not totally sure why it works, but it sort of does.
Firstly, 800 Million is the implementation cost. There would still be running costs long term. Also, this seems to be a low number; No2ID identified a billion worth of contracts.
There are also other costs; e.g. organisations which would be required to check the ID card would have to link into the scheme. And finally, this isn't the only one in this set of pointless database schemes. If they also cancelled the scheme to link the whole NHS together that would save really lots.
As they say, a billion here, a billion there. Soon it starts to add up to real money.
This only needs to get to be the current GIF vs PNG situation and it's enough. There are still GIFs on the internet everywhere. They will never go away. However, nobody needs to put new content in GIF format because PNG is available everywhere. GIF licensing fees are now taxes on stupidity and help to mean that IP supporting companies become ever less competitive.
That means that the entire television industry, which is locked into H.264 will become less competitive against the internet / Google / web / open access type companies. This is the reason why the MPEG-LA is desperately spreading FUD. Hint; if you know that there's a patent which is essential to a particular existing standard there is absolutely no reason not specify exactly which patent it is out loud. If you don't do it you risk losing money for accusations of bad faith. If these people really knew which patent it was, then they wouldn't say they had it (admit they've done that analysis) without specifying exactly where the breach was. The very fact the MPEG-LA says there are patents but won't specify which shows that there actually aren't any.
Putting these technical restrictions to regulation is a bad idea (though some limited minimum standards is probably good). I think you have to look at the difference between the credit card system and the bank account system. You'll probably find that there's more technical protection on your bank account access, but credit card fraud worries you less and causes you fewer problems. The reason for this is that the credit card fraud is pushed to the place which is able to verify the transaction and not just the account holder; the shop and the credit card system. The security is very dynamic. If you make a small transaction in a place near where you live, it will almost always go through. If you make a large transaction in Cambodia, soon after making one at home (unless, of course you are Cambodian, in which case the same argument applies, but in New York), the company will call you directly to your mobile phone and ask you to confirm the transaction.
The reason this works like this (which is expensive) and works so well is simple. You are allowed to reverse the transactions if they aren't yours. This pushes the liability to the bank. If the same applied to bank accounts, that you could just reverse any transaction and the bank had to prove you were liable for it, suddenly bank fraud would be massively reduced, disappear completely as a consumer problem and the criminals trying it would be pursued to the ends of the earth.
I'll do that too to a small extent. But I think it's also mods agreeing that keeping chow mein hot is a major life problem and that the solution sounds like one worth exploring. Many a truth said in jest and all that.
He illegaly gained access to servers in the US, so he commited the crime in the US and should be prosecuted there.
he is accused of illegally gaining access (even his own admission isn't sufficient to declare him guilty until he is found guilty by a jury - he may have given it in the hope of staying in the UK)
But your whole argument is totally stupid and short sighted. Let's find some equivalents.
What is so wrong with just trying this in the UK where the guy was all the time?
Just to be absolutely clear about this. Sanger has made it very clear that it's not the album covers he was interested in, but some actual representations of sexual assualts on children. The question is, since these aren't photographs, whether they are protected free speech in the USA, but apart from that he probably is in some sense right about the legal position. The Grandparent has clearly not bothered to read the various articles at all some of which link to extensive discussions on the subject and deserves to be trolled. (having said that, I accept my moderation as a troll in this case even though I think these particular moderators should a) go read the articles too and b) get a sense of humor)
http://www.gnu.org/fun/jokes/ed.msg