I must agree with jared_c on this conversation. If it was my system I would be happy that someone pointed out the problem to me before any real damage was done.
ccKid
Printable View
I must agree with jared_c on this conversation. If it was my system I would be happy that someone pointed out the problem to me before any real damage was done.
ccKid
That's very true 8*B@LL, a true hacker never damages a system only explores.
I have 2 points:
1.What would the difference be between hacking a system and "looking around" and breaking into a company and "looking around"? Both involve an unautorized entry, regardless of intentions or amount of damage caused.
2.This isn't necessarily true. ISPs also must share information pursuant to a subpoena. They also may share users information if simply asked to do so, so long as they have outlined this in their TOS with a dislaimer like "we will always fully cooperate with law enforcement officials...privacy is not guaranteed..." Just thought I'd let you know.Quote:
Smith further proposes that Internet Service Providers (ISPs) freely share information obtained from their customers' e-mails with authorities. Currently ISPs cannot share such information without a warrant.
I can say this... NO - because here is whats going to eventually happen, if it hasn't already.
Throwing hackers in jail is going to expose them to other criminals whi you don't wnat to have the information they have. Jaila are Universities of Crime. Hackers are just going to teach other criminals their skills. This kind of information is going to be available to the very people you DONT want.
Think about it.... SOme young kid, thrown to the wolves, is going to be forced to "tell all" or they might wind up as eome bruisers "sex slave". Certainly enough incentive to "tell all".
Sure, most people in jail are dumb, and few have computer skills, but there ARE people in there that could pick up on this technology and make for some damaging prospects.
I can see it now... Al Quada rag heads get first hand exposure to some hacker, learns the techniques or how to download DDOS attack tools, and when his visitor visits him, he gives them the URL link on where to download the latest DDOS tools, and they spread it around and around...
Sure - it is possible they may find it without the hackers help, but perhpas the hacker may have led them to a more sinister program.
By the way, I'm speaking from experience...
Capn Crunch
That is a valid point John, I don't believe that first time offenders should be jailed for any malicious hacking/virus activity. However they should be heavily fined to, hopefully, deter them from doing this again. The laws that I have heard about hackers being treated as terrorists however I am completely against! Why sentence a young person to life in prison for hacking, I feel that is ridiculous.
ccKid
I totally agree with you. That Cybercrime initiative is way too broad and harsh and draconian. Technical solutions are always better then political ones.
After I read that initiative I wrote all my government reps just to let them know that I disagreed with it. If the parents of these "script kiddies" actually taught their children some ethics and basic morals we wouldn't have to worry about having laws threatening jail time for what the common people call hacking and most real hackers call exploring.
ccKid
erm...hacking in IS breaking in.Quote:
Originally posted here by 11001001
I have 2 points:
1.What would the difference be between hacking a system and "looking around" and breaking into a company and "looking around"? Both involve an unautorized entry, regardless of intentions or amount of damage caused.
the difference is what you do once in. the rush alot of people get from hacking is from exploration. let me give you an example:
my college has all the dorms wired on a LAN, and alot of people have network shares. while most of the boxes are win9x/me, there are a few 2k. one such box has the network name "playboy". well, its a 2k box, so, as most people here know, there is a c$ share available, but only to admins on that box. 3 guesses what that pc's administrator password is. yep, his administrator pass is "playboy".
now, having that knoledge i have full access to his c drive, as well as his registry(network reg in regedit) and some other things through the computer management util. i could trojan him, i could do anything i like to him, but i dont, that doesnt do anything for me. what do i do? i look arround his box. i delete nothing. hell, i havent even copy'd anything, just looked arround. have i caused any harm? i dont think so. i should really contact him and get him to change that admin password, but i'm not really sure how to do that without scaring the crap outta him. i still consider what i have done atleast mostly ethical, with the exception of the fact that i havent notified him to change the pass.
now, the differance i was trying to point out is this:
i did no damnage to his system. if i went in and deleted files/trojaned him/whatever, that would clearly be wrong, and i would be liable for such damnages, but sense i have caused no damnages i dont see how i could be liable.
Captain Crunch wrote:
"I totally agree with you. That Cybercrime initiative is way too broad and harsh and draconian."
IMO, the draconian penalties found in CSEA are contrary to logic, reason, and the prior law of this land.
Puts in my little bit on this. This is just my personnel opinion. Which is close to several of the opinions stated earlier.
Someone used the analogy of martial arts in a post once, I love this analogy and will use it here I’m sorry I can’t remember whom but if you read this, was a good one.
Firstly the term hacker needs to be defined there is a lot of chat and posts upon this so will not go into it all here. I will use hacking as a skill, as martial arts are a skill. Skills can be applied in a multitude of different ways. Teach someone how to kill with a single strike does not mean that that person will go out see someone he/she don’t like and get into a stupid bar fight and kill someone with it, but does mean that if a situation arises where deadly force is required and the person applies there skill to defend themselves that is not considered illegal. Now taking this to hacking, there will always be computers, there will always be IT, and in so there will always be hacking. Learning of the skill of hacking and practising them should NEVER be illegal, much as the practice of martial arts should NEVER be illegal even though you are equipping people with these skills that can be used to cause harm/damage. If the practice of hacking became illegal it would just be pushed more underground would not ever stop it. The act of causing harm with the skills should be however. What I mean to say is if someone learns the skills and uses them inappropriately then they should be legislated against. Back to the martial arts, if a student goes out and becomes a bully applying his/her skills to harm others that is there choice, the teacher (sensei) should not be made responsible for his students’ actions. This applied to ISP, because a person uses an ISP to commit act of harm against other computers the ISP should not be responsible to there act. However they should be responsible in trying to implement procedures to deal with persons that commit these acts, perhaps a VERY VERY limited liability, where if it can be proved that there ISP knew of this use and did nothing to prevent it or prevent the acts from continuing then there should be liable. I think ideally that the learning and practicing of hacking skills should be totally legal in fact encouraged within IT professions. This is because there will always be people out there trying to do harm with the skills, it a fact of life. I think the ethos of this site states it perfectly, how can you defend yourself against a hackers that wish to cause harm if you yourself don’t know their skills. Again in the martial art analogy, person A is a martial artist whom practices martial arts for the art itself and perhaps self defence, Person B is also a martial artist but uses his skills to cause harm, person C is someone whom experience of fighting is negligible. If person B and Person C where in a confrontation person C would not know how to defend against person B’s skills and end up harmed, take this same situation but person B starting a fight with person A, person A would know how to defend against more of person B attacks and may even prevent major harm to himself because he knows of the skills being used. Another sorter way of putting this is, building security, the best people to secure a building are the ones who have the skill to break in hence why military building are secure, they train people to break in to secure buildings, in so they know there techniques and can defend against them
However the use of this skill to cause harm/damage, corporate espionage or to gain inside information for personal gain should be dealt with. These offenders should not go to jail because as stated in an earlier post placing a person of considerable knowledge of anything within the jail community would lead to this information being passed on to other whom ethics may not be as strict as the hackers, even though the hacker has a lack of ethics because that is why they are they there. They may have boundaries that they personally will not pass. Again taking this back to the martial artist, if you have a martial art master one whom skill and understanding are great, they go out to bully and cause harm but never applies skills that cause permanent damage/death but only applies skills that cause great pain because of his/her own personnel boundaries. Pace this person within jail and he is put in a situation in which he has to teach other his skills, on of the students may not have the same personnel boundary and use the skills that cause permanent damage/death even though the original teacher and offender would never use them. Perhaps applying sanction of fines and restricted computer access at varying levels for the crime commented would be a better option, as this would prevent the knowledge of hacking reaching other people with a criminal past/mindset that might apply the skills to cause greater damage and harm. I must point out here I speaking specify of the computer crime in itself, if the computer crime was part of a large crime then of cause the operate sanctions for that crime should be enforced as well as those for the computer crime. Unfortunately I feel that the people legislating cyber crime have no REAL understanding of it, and in so are gong to cause more problems because they are going to try and do what they think is best without having all the facts information an opinions of those better informed under consideration.
Thanks for reading hope it made some sense,
Kindred69