-
when is the law broken?
I was just thinking: "When is the law broken in cyberspace?"
Is it e.g. illegal to do portscans?
I came to think of this when I was surfing through some big Internet-firms website and my IDS made a back flip... I was flickering as if all the world's scripts kiddies were DoS'ing me (I really hate this type of IDS'es and have now uninstalled it).
So how much may the firms make their servers automatically do and how much can we do?
U can say: "Well why make a portscan if u aint gonna try and break into that persons box?"
and that's partly true but what if some1 were scanning for FTPs or something...
I personally think it's because of this great confusion about Internet law that it's so hard to stop computer criminals... And the Internet can't, and musn't be controlled (no country owns it) so how can all these problems be solved???
whatta u guys/gals think?
-
port scanning is too useful of a tool for network admins to ever ban. Misuse has led to a lot of problems though. Good post zion.
-
The posts are getting good now-a-days.
IMO. The Internet is one of the last bastions of true freedom of expression as long as one does not abuse it. I fear like so many other things this may not last. Due to terroists, sKrIpT KiddIeS and such. It is the only place were for the most part I can come and have a wide open disscusion with many veiwpoints from around the globe briddled in. Ever so often you have a lamer jump in. Other than that we get a rounded picture of how the world is at largee. Thats something you can't just walk out on the street and find.
As I said before: "You may cage a man, but the mind shall always be free". Lets keep it that way. Open discussions with everyone repecting and placing value to each persons opinion.
Good post. U2 Preacher.
:p
-
ThePreacher: I hear ya....
{P²P}Apocalypse: True, but what do we do when they start caging our minds??? The goverments, mega-corporations, every big firm have shrinks working for 'em just so they can analyse the public and brainwash us to buy their products... the government is using words like "Terrorists" now instead of "computer criminals" because the avarage American hate terrorists more than anything because of 11/9.... their twisting our minds (unless ur always aware of the danger).... that's why I can't figure out the law because some times it seems like they convict ppl without actually having a proper law backing up their story... it's scary... the plot thickens.
-
corporations do these port scans but under regulations.. you may have no idea about this but every website you visit has a detail about u.. ur MAC Address, port scan results.. and more.. but the website has too many visitors for webmasters to keep track who's who.. but they do get sufficient amount of details about your box once you visit or log on to their sites..
and btw.. i think the govt use the words "terrorism" and "evil" too much.. its starting to get over-rated..
-
Here in the south we have a saying for it. We call it "bible thumping" (no religeous overtone, just a saying), in the north they call it yielding to popular opinion. I call it mass population control through preying on the fears of people that live in the shadows. The average Joe, may use a computer at work or even surf at home. What or how much does he realy know? Mainly what he hears on the evening news or what the politicians say. In many cases what the major corperations are saying. Look at MS, perfect example of mass mind control through attempting public dis-information.
They released XP as being the most secure thing since the chastity belt. All of a sudden holes pop up everywhere. Instead of saying "oops we screwed the pooch". They go on this rant on how the persons that found and announced the exploits were at fault for releasing the findings. They told them they should have been silent and no one would have known the difference. So the DOJ is after them for anti-trust violations. But who does the DOJ partner up with for computer security? MS of course. So is the government brandishing a double edged sword. IMO, yes. Why? Back to the start. To control the public. What better way than for them to scare the hell out of the unknowing public than to label exploint finders as terrorist. It makes them look good and gives them more power.
"But of course Mr.G-Man you may search my company for terrorist (programmers what have you) without a search warrant, I give you my voluntary consent because I'm a good citizen and I'm affraid of terrorist".
Thats what I believe it will ammount to and thats what they are after. Less freedoms and more control......
Thats enogh of my rant for the day.....LOL
-
I agree that the government is trying to take over the USA with the terrorist threats. I have a story about port scanning. I had been useing a port scanning divice, and I was learning more about telneting and the like. I got a new portscanner to try, and I did not know people dislike you useing them. From what I had read it was legal. Well I tried the new port scanner, for no reason in particular, on my ISP. I thought I might try to telnet in and send an email of their maill server. Well our ISP killed our account, and my parents just about killed me. I still read it is legal, but the problem is that too many people misuse this powerful tool. Oh, just in case you are interested, we did finaly get our ISP to reconnect us.
-
sandsword2: well u didn't break the law 'cause then the ISP would have sued u to hell and back but I'm 95% certain that when u registered at the ISP u agreed to some terms of service that stated that it is stricly forbidden to use portscanners, DoS and the like... nearly all ISPs write this and therefor they have the right to close ppls connection when they find out.
ISPs suck, they take the fun out of everything :D
-
gotta agree with apocalypse,ms have a long history of govt collusion,but this is an area where the providers write the rules
dont panic my american friends we have been living with the threat of terrorism for years and now the gits are elected members of hm govt... so what really makes sense ??
-
I think you are doing something illegal in cyberspace when you are accessing (or trying to access) areas of the web that your not authorised to visit. Potscanning though, like ThePreacher said will not be outright banned. No damage is ever done buy portscanning, though sandsword2 tale of being booted of his ISP is worrying (was no scanning part of the contract signed though?).
-
A side from wheather it is legal or illegal to port scan. Isn't there a way to connect to a remote box and run the port scanner from that copromised location. This would be an ideal situation because you are not running anything from your IP. I realize though that through a little investigation this could still all be linked right back to your location.
:lildevil:
-
good post zion.
my comments are by no means complete but a sampling -
it is wrong -
If you a breaking into a computer system (or computing resource host) without proper authorization.
If you are stealing information.
If you are altering information without proper authorization.
If you are trying to damage equipment or its processes.
It is not wrong -
If you are not doing something illegal or the above, but rather learning or helping soemone else to .
If you HAVE the proper authority and testing etnry, security, etc.
:)
-
It's a very fine line between the legal and the illegal and different things appear legal/illegal to different people. So how do you know if port scans or other things are ok to do? As long as the internet is not under control by any one body (which would be a very bad thing, anyway) we'll never know if it's right or not. Ideally, the internet would be based on an honor code, but too many people abuse that. And then the government cracks down on the abusers and makes thing bad for everyone in general. It's just a vicious cycle that screws everyone.
I don't think most of that made sense, but whatever. I hate not being able to explain my thoughts clearly!
-
First off I am not a lawyer or law expert of any kind. However they way I understand it from the security classes I have taken, the law is broken when information is changed without effective consent from the owner. However like any law it varies from place to place. Now this is pretty vague but it will continue to be this way until either law makers become more computer savvy or, (and this would be better) legit security personal get some law degrees and get some power. Gotta change the system from the inside. This is just my two cents worth.
-
OK... so we all have ideas on what we can and can't do.
But what about the other part of zions question. How much information should a server be allowed to take from you? ip address, fine. computer name, browser, email address how far can they dig into you personal information.
When i walk into a store and go to buy something, and they ask for personal information in order for me to make a purchase... in cash, i refuse, demand to see a manager, remind him that his store is open to the general public and that he must sell his products to anyone who wants them, if the choose to remain anonymous or not. They usuall ask me to make up an address...im giving you cash i want that product period.
So, because most people arn't aware that servers are taking information from them does this mean we should allow it?
Its not ok to see what services they have running, but it ok for them to record anything they can get their hands on?
i think thats pretty Fµ¢K€Ð up
-
Tedob1:
true, it seems like the corporations run the government these days.
<rant>
Everything the government desides (I'm talking about the U.S. gov here) seems to benefit the big fat rich corporations... I'm getting the feeling that every decission today is controlled by cold hard cash, not moral or ethics, not even common sence...
</rant>
I've been using many different spyware detectors the last year and the results I got were very scary... All major websites i visited did more than just create cookies. They pinged, DNS'ed, scanned... hell some even tried to trace my bloody IP....
and yes, we know this but think about all those normal folks out there who just use the Internet like they use their TV, microwave, etc... Many even feel it's nice to get spam-mailed!!! (this isn't a lie, I've actually met these kinda ppl)...
But is it legal? I would say no... Just like it shouldn't be legal for stores to keep records of their customers just so they can analyse them and figure out their every interest...
<serious rant>
WE R NOT TEST-BUNNIES!!! THIS ISN'T A TEST-LAB!!!
</serious rant>
well, u know what I mean :D
-
Tedob1
So I'm not the only one who does that at radio shack etc.
zion - while that is true, I'm going to suggest that all gov't are beholden to big corporate interests
-
Put it this way the people with the money I.E. major websites and corporations can do whatever they please. To me this is pretty ****ed up. It has always been this way. It's pretty screwed up to that they can take information about you but you can't portscan them without them getting pissed? What is this world coming to. Why are computer criminals being labeled as terrorists? They don't strike fear into the hearts of the common public and they don't kill tons of people either. My opinion is it's all too screwed up to even debate about. Someone needs to do something but who can? Just my little 2 cents.
-
hmm, i agree with Shangrila! no, it's not fair. but, i guess we'll have to get
over it. i don't think it would be wrong if you use portscanners for security reasons.
i wonder, what would they do if you portscan them and tell them of any security flaws? would
they get pissed then?:)
-
======================
Put it this way the people with the money I.E. major websites and corporations can do whatever they please
=====================
They do whatever they can get away with. if enough people start complaining, and keep complaining the government will put a stop to it, although id rather see the net self regulated.
Politicians will do anything for the vote, if they think they'll gain/loose votes they'll act accordingly. if no noise is made the corp mach wins. web-sites need backers, if enough people write to the sponsers and tell them you can never buy their products as long as their supporting (whatever), and stand behind their threats it'll stop.
========================
So I'm not the only one who does that at radio shack etc.
========================
yeah RS, its amazing, they don't know what to do. aahhh, the batteries are over there. I have a radio shack card, but unless im asking them for credit, they have no right.
kmart tried it for a while too. what a cluster Fµ¢K up that turned into.
-
You've got criminal law, and you've got civil law.
In criminal law, youv'e offended the gov't and
can be prosecuted. Under civil law, it's up to
the offended party to sue you, and show that your
actions resulted in loss, or were a breach
of contract etc.
The Internet, being new, has very little criminal
law prohibiting specific acts. If disputing parties
can work out their problems with civil suits,
there will be no need for additional laws.
Of course, by analogy, all normal, real world
criminal law already applies to the internet.
Things like theft, conspiracy etc are already
illegal. Portscanning though, I think they'd have
to sue you, unless gov'ts pass laws specifically
prohibiting it.
:cool:
-
port scanning is very useful in system administrating finding vulnerable networks and prove that your network is secure against such threat. many system administrators alike and also script kiddies do use port scanning to scan on open ports and check it out if it is vulnerable. as long as you behave and doesn't breach threat to the system that you are scanning i think that is still legal as long as you know that port is public. if you encounter a port that it is not open to the public please do keep out and stay away to be play safe.
-
Well I agree whole heartedly with Zion on the topic of Government/Corporation there seems to be no difference as they are one and the same. He who has the most green back’s wins !!! Port scanning is useful and shouldn’t be a problem if you do not take it to the next step. As far as corps getting information from you wow they just will not stop till they have a cookie in every orifice you own.
Information should not be illegal at all but lately seems that is no longer so. The more people talk about it and voice there negative opinion on the direction we are headed the better chance you have of being able to do certain things without having everything deemed a threat to security. Gee that’s easy to hang on everything isn’t it? So speaking your mind and not always saying well I am an honest law abiding citizen I have nothing to worry about. As they cuff you and drag you away screaming, because why would you be using that port snuffer if you weren’t up to something bad. :)
Ok so its lite on port sniffin and heavy on whats wrong with this picture holds up a pic of the world......
-
There is a problem in that everyone (nation, state, individual, continent, planet, etc...) has a different oppinion of how far is too far. Many people don't like portscanning. So they mark it is being "too far", or wrong. Others, don't really mind. Many people think that all hacking is wrong, including white hat. But, in my not-so-humble opinion, hacking is what keeps the internet alive. One country thinks differently from another. If the internet only existed in one country, computer crime would drop tremendously. But since it IS in different countries, they have different regulations, and different ways of doing things. And I'm going to bed now. Good nite!
--PhirePhreak
-
Well I guess this is as good as this thread gets....
Thx every1 for ur excelent point of views....
-
U.S. Law states that you have broken the law as soon as you gain access to any system you do not have permission to access, even if you dump right out in under a second and touch nothing. They can also extradite you to the U.S. if you don't live there and prosecute you under U.S. law.
SSJVegeta-Sei
-
I feel that Braking into a Non-sensetive system should not be illigal, unless it was with Malicus intent, white-hatterss do alot of good, they enter a system, leave a message as to how to improve theyr security, then they just edit the Log files (so they don't get busted for doing the right thing).
How ever, powerfull tools should be keept off the net... Script kiddies can cause alot of damage, If they wanted to do some thing in the old days the they would have to work and learn how to, by the time they had learnt asll the coding and systems, then they would no longer have the urge to destroy things.....
Well....Thats my opinion.
-
Noia:
It has to be illegal to break into some1's system no matter what ur intent is... It's like walking into some1's house just because u checked and found out that their door was unlocked... it's not very nice and it's, well I guess it could be called, trespassing... sounds a little odd when talking 'bout 'puters though. :D
And yes it would be nice if the click-kiddiots didn't have such easy access to the different tools they use but u can't control the Internet and no1 (not even the U.S. government) should try to... The info has a right to be there if the creators wish to publish it...
-
A fine line
I think there is fine line between something being illegal and being just outright censorship. Personally, I think the Government should keep their damn hands off the internet. I believe they should keep their hands off it, so people that use it, can police themselves. People who actually use the internet should have their own code of conduct, and if it is being violated, then others she be able to cyber attack them if want to. You should be able to get whatever programs that you want, so you will also be able to get defensive programs too. Personally, I don't mess with the stuff, and I say live and let live. That, and you get what you pay for.
Just the other day, I downloaded a program, and it ended up being a virus. Who's fault was it. Was it mine, or the person who made it? I would have to say it was mine. I didn't bother to update my anti-virus software or to scan it. I have to take responsibility for it, and not blame a worthless hacker who had nothing better to do with his or her time. These people who don't maintain their machines and get viruses from doing stupid stuff, actually deserve it, in a way. When you use a computer on the internet, you know you have a chance to get a virus from a lot of places so you should protect yourself with the knowledge that is out there. Having a computer on the internet means you should take the responsibility for your machine. What you do with it, is your business. Blaming others for the faults or the viruses you may get, is just your own fault. If you give a gun to someone who doesn't know how to use it, something bad will occur. Its the same with a computer. If people can't learn the rules and protect themselves, then its their own fault. If they can't accept that, then, maybe they should just not use the internet and just use their computers in a closet and not connect to others.
Let freedom reign!!!