IANAL, but if this case went before a court, wouldn't it set a precedent for future hacking court cases? Obviously, even though the files were on the same server, they were accessed even though this is against many, many parts of the Computer Fraud and Abuse Act, such as:
having knowingly accessed a computer without authorization or exceeding authorized access
intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains information from any department or agency of the United States
intentionally, without authorization to access any nonpublic computer of a department or agency of the United States, accesses such a computer of that department or agency that is exclusively for the use of the Government of the United States or, in the case of a computer not exclusively for such use, is used by or for the Government of the United States and such conduct affects that use by or for the Government of the United States
knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period
knowingly and with intent to defraud traffics (as defined in section 1029) in any password or similar information through which a computer may be accessed without authorization, if such computer is used by or for the Government of the United States
Though the Republicans claimed that the information was accesible through a "glitch," exploiting such a glitch to obtain private memos is still breaking the law.
Now, I doubt this will ever end up in a trial of any sort, but if it does, and (as is most likely) the case is dropped, couldn't people accused of hacking a gov't computer use this hypothetical case as part of their defense argument? By ignoring their own laws, the US gov't will eventually dig itself into a hole it can't get out of.
Cisco provides some basic site analysis with their Cisco Aironet program, though more in-depth analysis, as well as security aspects are not really addressed in the software package.
Yes, but technically the blaster worm did not directly cause the blackout (which was shown to be caused by tree branches brushing up against power lines), so I don't feel that any virus has directly caused loss of human life. If a virus were to directly attack a power company, causing a power loss that caused loss of human life, that'd be a different situation.
Sadly enough, I don't think the proper security will be in place with these critical systems until a loss of human life directly results from the compromise of said systems.
Of course, it is obvious that no computer virus has caused loss of human life (yet). However, it is probably only a matter of time until a virus or computer bug causes a massive loss of human life. Due to our huge reliance on computers, and due to the fact that 90% of the computers out there are running the same OS (including some of those that control critical infrastructures like 911, nuclear reactors, etc), the frightening implication is that in the event of a loss of life, it could be much, much worse than the Irish Potato Famine.
I'll admit, right away, that I'm a Mac user. Then again, I'm also a Windows user, Linux user, SunOS user, etc. I'm really not *that* platform dependant. I guess I really don't understand the reasoning behind arguing over an OS. The argument is rather petty if you are not doing anything to improve upon the security of the operating system you favor. No OS is perfect, and no OS is totally secure.
I did find a few problems with the article (beside the fact that the author was bashing mac users who bash windows users...circular logic, anyone?). The author claimed that due to the fact that DVD Jon cracked quicktime encryption of ACC streams (used by the iTunes Music Store) doesn't mean it's going to bring either the MacOS or Windows to its knees. It's a f**king MP3 player for Chrissakes. Sure, vulnerability that could circumvent OS security might exist within iTunes, but the specific nature of DVD Jon's crack has nothing to do with OS security.
The author made this claim about the cross-platform iTunes "exploit" while failing to mention anything at all about Macros, and the possible for viruses that accompany them. To me, it seems that the author was grasping at straws without having any concrete evidence to back up his claims.
Whenever I read an article from one side of the OS wars bashing the other side, I tend to think that the author was in danger of missing his deadline and needed to come up with something in a hurry. Why does this issue never get old? Perhaps we should think about ways to make our OS of choice more secure rather than bashing others' flaws.
One thing not mentioned in the article was where he got the list of email addresses of the Tornado clients. If he had taken this information when he left Tornado, there could be legalilty issues involved there as far as client privacy goes. Perhaps that weighed on the jury's decision...
Slashdot Mirror
having knowingly accessed a computer without authorization or exceeding authorized access
intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains information from any department or agency of the United States
intentionally, without authorization to access any nonpublic computer of a department or agency of the United States, accesses such a computer of that department or agency that is exclusively for the use of the Government of the United States or, in the case of a computer not exclusively for such use, is used by or for the Government of the United States and such conduct affects that use by or for the Government of the United States
knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period
knowingly and with intent to defraud traffics (as defined in section 1029) in any password or similar information through which a computer may be accessed without authorization, if such computer is used by or for the Government of the United States
Though the Republicans claimed that the information was accesible through a "glitch," exploiting such a glitch to obtain private memos is still breaking the law.
Now, I doubt this will ever end up in a trial of any sort, but if it does, and (as is most likely) the case is dropped, couldn't people accused of hacking a gov't computer use this hypothetical case as part of their defense argument? By ignoring their own laws, the US gov't will eventually dig itself into a hole it can't get out of.
Cisco provides some basic site analysis with their Cisco Aironet program, though more in-depth analysis, as well as security aspects are not really addressed in the software package.
Now we know how the characters from Final Fantasy VII got their physiques! To gain their popeye-esque arm structure they used this gaming pad!
Yes, but technically the blaster worm did not directly cause the blackout (which was shown to be caused by tree branches brushing up against power lines), so I don't feel that any virus has directly caused loss of human life. If a virus were to directly attack a power company, causing a power loss that caused loss of human life, that'd be a different situation.
Sadly enough, I don't think the proper security will be in place with these critical systems until a loss of human life directly results from the compromise of said systems.
Of course, it is obvious that no computer virus has caused loss of human life (yet). However, it is probably only a matter of time until a virus or computer bug causes a massive loss of human life. Due to our huge reliance on computers, and due to the fact that 90% of the computers out there are running the same OS (including some of those that control critical infrastructures like 911, nuclear reactors, etc), the frightening implication is that in the event of a loss of life, it could be much, much worse than the Irish Potato Famine.
I'll admit, right away, that I'm a Mac user. Then again, I'm also a Windows user, Linux user, SunOS user, etc. I'm really not *that* platform dependant. I guess I really don't understand the reasoning behind arguing over an OS. The argument is rather petty if you are not doing anything to improve upon the security of the operating system you favor. No OS is perfect, and no OS is totally secure.
I did find a few problems with the article (beside the fact that the author was bashing mac users who bash windows users...circular logic, anyone?). The author claimed that due to the fact that DVD Jon cracked quicktime encryption of ACC streams (used by the iTunes Music Store) doesn't mean it's going to bring either the MacOS or Windows to its knees. It's a f**king MP3 player for Chrissakes. Sure, vulnerability that could circumvent OS security might exist within iTunes, but the specific nature of DVD Jon's crack has nothing to do with OS security.
The author made this claim about the cross-platform iTunes "exploit" while failing to mention anything at all about Macros, and the possible for viruses that accompany them. To me, it seems that the author was grasping at straws without having any concrete evidence to back up his claims.
Whenever I read an article from one side of the OS wars bashing the other side, I tend to think that the author was in danger of missing his deadline and needed to come up with something in a hurry. Why does this issue never get old? Perhaps we should think about ways to make our OS of choice more secure rather than bashing others' flaws.
AgentOJ
Found on Princeton University's online directory, here's the info:
Howard J Strauss
Phone: 609-258-6045
Fax: 609-258-1004
Address: 205 87 Prospect Avenue
Department: OIT Enterprise Infrastructure Services
Email: howard@Princeton.EDU
Emailbox: howard@mail.Princeton.EDU
Netid: howard
Voicemailbox: 86045
Alias: 010003024
Now, call/e-mail him and ask him to clarify his article.
One thing not mentioned in the article was where he got the list of email addresses of the Tornado clients. If he had taken this information when he left Tornado, there could be legalilty issues involved there as far as client privacy goes. Perhaps that weighed on the jury's decision...