Interesting People mailing list archives
Appropriate punishments for hackers
From: Dave Farber <dave () farber net>
Date: Sat, 30 Aug 2003 15:50:42 -0400
Date: Sat, 30 Aug 2003 09:13:55 -0700 From: Lauren Weinstein <lauren () vortex com> Subject: Appropriate punishments for hackers To: dave () farber net Cc: lauren () vortex com > I have less of a problem with house detention than the original author but > strongly believe the book should get thrown at him unless there are mental > problems. I, for one, am getting tired of seeing the net attacked for fun. > Dave [Farber] Dave, I've been dealing with the massive hassles of the latest hacking attempts along with everyone else, but I'm still going to take an unpopular viewpoint here. I am most certainly not an apologist for hackers, but I have long asserted, and would continue to argue, that this is a much more complex situation than with "ordinary" crimes. In essence, we've created a computing and network environment with the equivalent of big red flashing "DO NOT PUSH" buttons all over the place out in public, and then we act surprised and upset when bright, under-guided, bored kids push them. That those buttons unleash such expensive consequences speaks mainly to inanity of the environment we've created -- and the important applications we've inappropriately deployed in that environment -- and much less about the kids who push the "buttons." We see this pattern again and again. Teenagers hacking the gaping holes in these systems, with no attempt at financial gain, and often little if any effort to even really hide their identities. That they don't understand the seriousness of their actions in many cases is clear -- schools and parents must take a significant share of that blame by definition. But will "throwing the book" at these offenders really deter such events? Maybe some, but there will always be those youths who will treate the environment as a challenge, and in its abysmal security condition that's all it will take to ensure a continuing array of hacking problems. Not all hackers are created equal of course. They range from adults out for financial gain -- basically hi-tech common criminals -- to the theoretical risks of cyberterrorists (which I personally consider to be an overblown straw man in many cases) all the way down to the kinds of kids who release these worms and viruses but have nothing to gain but the same kind of emotional "satisfaction" that similar youths got from phone phreaking decades ago. All hacking needs to be dealt with appropriately, but the key word is *appropriately*. I for one am glad to see a reasoned response so far (house arrest) in the current case. This is a positive change from the usual tendency of law enforcement in this country to try demonstrate their "toughness" by parading non-violent offenders around in shackles. Hackers need to be held accountable. But all of us who have built this marvel of computing technology, this delicate networking house of cards held together behind the scenes with the software equivalent of bent paper clips and duct tape, also bear responsibility. The PFIR Statement on Hacking ( http://www.pfir.org/statements/hacking ), which I wrote several years ago, still seems directly applicable. Thanks much. --Lauren-- Lauren Weinstein lauren () pfir org or lauren () vortex com or lauren () privacyforum org http://www.pfir.org/lauren Tel: +1 (818) 225-2800 Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org Co-Founder, Fact Squad - http://www.factsquad.org Co-Founder, URIICA - Union for Representative International Internet Cooperation and Analysis - http://www.uriica.org Moderator, PRIVACY Forum - http://www.vortex.com Member, ACM Committee on Computers and Public Policy
------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Appropriate punishments for hackers Dave Farber (Aug 30)