Hackers are common criminals

[William Knowles <wk () C4I ORG>]

http://www.theregister.co.uk/content/6/11763.html

By: Andrew Thomas
Posted: 04/07/2000 at 17:47 GMT

Hackers have a certain romantic image - it's a bit like Robin Hood;
the small man against the machine; the righter of wrongs, that sort of
thing.

On British TV the other night, a young hacker from Wales was asked why
he had broken into a computer and downloaded several thousand people's
bank details. He replied that he had done it to prove that the bank's
security procedures were inadequate. It should have been obvious that
he had no criminal intent and naturally hadn't done anything with the
downloaded details. If he hadn't done it, someone else would have.

You are a judge. Before you in the court stands a pimply-faced youth
with greasy hair and an ill-advised vestigial beard. He stands accused
of breaking into several dozen houses and stealing credit card details
and address books. The address books were used to identify future
properties to burgle and, whilst in each house, he burnt all the
personal correspondence he could find.

His defence?

"I only did it to prove that the locks on these people's doors were
inadequate. If I hadn't done it, someone else would. It's the lock
makers' fault."

Do you, the judge, dismiss the charges and commend the young chap for
his public-spiritedness, whilst roundly condemning locksmiths for
their sloppy workmanship? Or do you sentence him to a public flogging
and then send him to choky?

Spinal Tap
Another housebreaker stands accused of a number of break-ins where he
stole expensive stereo systems and CD collections. In mitigation, he
blames Metallica, Napalm Death and Spinal Tap for making him do it.
The reasoning is obvious - if these bands hadn't recorded unencrypted
music onto CDs in the first place, he wouldn't have been tempted to
pop into other people's houses while they were out and remove them.
And he needed the stereo systems to play them on. And the beer from
the fridge. And the car to carry it all away in.


In what way is hacking into a computer any different from breaking
into a house? Both are private property. Locks on doors are only
necessary because there are people who can't be bothered to work. They
would much rather you worked hard to buy things that they could later
remove while you were out earning more money.

Faulty locks are not the issue here - criminals are.

So why is it always Microsoft that gets blamed for making it too easy
for the criminals? Why aren't Compaq, Dell, IBM, Intel and AMD to
blame for providing the systems the hackers break into? For that
matter, why aren't the telcos and ISPs guilty, too? Do we read stories
about Sony being accused that its TVs and videos are encouraging
break-ins because you can't bolt them to the floor?

Of course Microsoft is a very successful company headed up by very
rich people, so envy is probably a key factor here. But surely
Microsoft is only exposed to hack attacks to the degree it is because
millions of people actually like its products and want to use them.
They don't want functionality removed, they want criminals to leave
them alone.

A hack attack on a Word or Outlook user is surely criminal trespass on
their (electronic) property in exactly the same way it is if a burglar
breaks into their house. It doesn't matter how easy or hard it is -
it's still wrong.

Stop blaming Microsoft - it's the hackers who are the guilty ones.


*-------------------------------------------------*
"Communications without intelligence is noise;
Intelligence without communications is irrelevant."
Gen. Alfred. M. Gray, USMC
---------------------------------------------------
C4I Secure Solutions             http://www.c4i.org
*-------------------------------------------------*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".