Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
The Courts Government News Your Rights Online

U.S. And EU Ready International Cybercrime Treaty 193

Nightspore writes: "Yes, while you slept last night another supra-governmental body was hard at work readying a shiny new set of chains for you. Read more on how the US and EU are putting the finishing touches on their international cybercrimes treaty. The treaty will force all signatories (i.e. your government) to make illegal the 'import and distribution of devices used for hacking.' Signatories also would be required to 'provide law enforcement authorities with the ability to conduct computer searches and seize computer data.' "
This discussion has been archived. No new comments can be posted.

US And EU Ready International Cybercrime Treaty

Comments Filter:
  • by Greyfox ( 87712 ) on Tuesday September 26, 2000 @12:38PM (#752270) Homepage Journal
    IE: Computers?

    Cool! Where do we sign?

  • Well, let's see, there goes every compiler, text editor, hand tool, hardware, heck, pencils and paper can be used too! Better take those away!

  • "tools for hacking" you mean computers?
  • After all, they aren't that different than the rules that apply in the offline world. The legality of an act shouldn't vary depending on if something happens offline or online, and enforcement should be the same way.
  • provide law enforcement authorities with the ability to conduct computer searches and seize computer data. better remember rm -rf /
  • While they're at it, why don't they forbid the import/export of items that can be used to commit murder? Things like automobiles, tobacco, alcohol... oh, wait; that's right. Anything that dulls the senses is good; anything that sharpens the mind is bad. Silly me, next thing you know, I'll start doubting what Ministry of Truth tells me...

  • by scowling ( 215030 ) on Tuesday September 26, 2000 @12:42PM (#752276) Homepage
    The title of this article is a little misleading; in fact, the pact involves the US, Canada, Japan, South Africa, and the Council of Europe (which is a 41-country body which makes loose policy on every topic except for defense.

    The Council of Europe is, therefore, more far-reaching than the EU as it includes all of those countries that didn't join the EU (like Norway). Even Moldavia and Liechtenstein are on the Council.

    So, essentially, this is even worse that you might have thought. There is pretty much no "western data haven" to work from.

  • If you're in a country oustside of those two unions, you're still home free. Countries that have little or no views about "cybercrime" such as cracking and piracy - remain uneffected.
  • The big question, of course, is what a hacking device is?

    I mean, if they can ban a "hacking device" they have just been vague enough to sieze anything from a computer, except MAYBE the moniter. And then consider that software product could be a hacking tool. Port scanners and security auditing tools are widely used for cracking. But on the other side they are used to combat it too.

    We are hopeless, for when this passes, the government will have complete control over any and all electronics, and they cannot be held accountable.

    Good luck, we'll need it.
  • by coyote-san ( 38515 ) on Tuesday September 26, 2000 @12:44PM (#752279)
    A friendly reminder that ratified treaties supercede the constitution. That makes sense when the treaty ends a war and the option is rewriting the entire Constitution; it makes much less sense when it will provide a de facto end run around reasonable limits on domestic law enforcement.
  • damn i hate when we send at the same time, argh, im not even going for first crappy post
  • IANAL...but in the article it said...

    For example, they said, security testing would not be banned, because prosecutors must show there was intent to commit an illegal act.

    If this can trump the DMCA, then DeCSS can't itself be illegal. Only if you can prove a user was going to use it for illegal purposes could you prosecute - and then that user only. But you couldn't stop, say, DeCSS being part of an Open Source DVD player, because the intent there is clearly not criminal: the intent is to be able to watch the DVDs you purchased on your computer.

    However, even though the USA Today article probably only skims the surface (and like everything in the popular press, is probably fairly inaccurate), there were some deeply worrying things in that article. Still - there's always Sealand!

  • The treaty will force all signatories (ie your government) to make illegal the "import and distribution of devices used for hacking".

    Sounds like they want to outlaw computers.
    There's nothing like an overly-broad wording to turn the most well-intentioned concept into a tool of oppression.
    (Though i also doubt the intent of this is entirely noble at heart.)
  • Does anyone else see this as obvious? If they want to regulate the import and distribution of devices used for hacking... well, obviously, you're going to have to regulate and monitor internet traffic, world-wide, just to make sure that nothing that violates this treaty is getting through.

    "Sorry, folks, just passing through looking for suspicious data... really, we hate the idea of doing this; it's just so much more work for us, but hey! - it's in that damn treaty we signed. Now... your papers, please."

  • "import and distribution of devices used for hacking"

    So I guess gcc and modperl will be made illegal? I can't vouch for anyone else, but those are the tools I use to hack.

    Wait, I can see it now: "If we made keyboards illegal, then only crackers would be using keyboards." (ala NRA)

    Senseless legislation. When will Lars run for Senate?

  • by interiot ( 50685 ) on Tuesday September 26, 2000 @12:47PM (#752286) Homepage
    Or brains?
  • Does this mean my local police deparment won't laugh and hang up when I call and report that script-kiddiez just erased three years of work on my system?
  • Does anyone know of some sort of campaign against this?
  • For example, they said, security testing would not be banned, because prosecutors must show there was intent to commit an illegal act. Peter Csonka, deputy head of the council's economic crime division, said there needs to be a better explanation of the language banning the use of such devices "without right."

    For that matter, exactly what "hacking devices" are restricted? I agree that this treaty needs to be handled carefully and has the potential to restrict legitimate uses but I wouldn't file it in the the this-is-really-bad dept just on the basis of this article. Of course, given how people are flying off the handle over the NSA backdoor story which doesn't have a shred of evidence behind it, there's certainly not much chance of perspective here.

    Incidentally, I'd note this story as evidence that the cyberpunk mentality so popular here may be fun but isn't having the slightest effect on the rest of the world. I'd propose that people make a clear distiction between legitimate and illicit uses of technology and point out when legislation threatens the valid activities, instead of karma whoring about how Napster isn't a piracy tool because the RIAA is ripping off the musicians. Probably not much chance of that, either.


  • Just what I wanted. So when does my linux laptop become a hacking tool? When I have a portscanner? Or is it already one.
    No governmental organization should be making this kind of law. Nor should these 'cybercrimes' be prosecuted in any way. What's the worst thing that you can imagine? Your credit card being 'stolen?' Your identity being 'taken?'
    There are definitely some very bad things that can be done to and with computers...and they are being done, by governmental organizations. They are trying to put up borders and checkpoints where none are needed, and extracting taxes for the service. Thank you, USA, for arresting me! Now let me pay my taxes so you can enforce your laws.
    But it's a good thing they're doing this...if they didn't, people might get the idea that we don't need physical borders and checkpoints either. Then we'd be screwed...and what would happen to the 'criminals' who've broken other 'laws' like drug possession...they might be set free! Uh oh.
    Well, it's a good thing that I still have free speech and can say this stuff...hey, where are you taking me...guys...
  • "When the U.S. government cannot get a
    controversial policy adopted domestically, they
    pressure an international group to adopt it,
    and then bring it back to the U.S. as an
    international treaty - which obliges Congress
    to enact it,"

    Just look at the thread before, I get frigthened at this combination, subverting software companies (to s**t at their customers), suppressing free information exchange and forbidding the usage and/or information about tools to check your system appears quite systematic to me.

    will the next step be an Internet license and an allow list which information is allowed ?

    Brave new world ...

  • A friendly reminder that nothing but stupidy supercedes the constitution.
  • There's nothing we can do about this. We can't write to our congressmen, they have no power in this arena. Can the supreme court override an international treaty as unconstitutional? I think that will be our only hope.

    This treaty is ripe with ways to abuse it. What constitutes a hacking device? A perl script that probes a network? If I run a perl script like that, by this treaty the US will have to provide a way for law enforcement to search my home and confiscate my equipement. How is qualified to judge what exactly is a hacking device.

    This is very scary stuff.....

    How long does it take to get sued by the MPAA?

  • by 1010011010 ( 53039 ) on Tuesday September 26, 2000 @12:51PM (#752294) Homepage
    I can "hack" anything with anything.

    I can hack a cuecat with a soldering iron, a screwdriver and a multimeter.

    I can hack a computer program with Visual Studio (built in debugger and disassembler).

    I can hack a network program with ordinary windows (netmon) or unix (tcpdump/ethereal).

    I can hack a lock with a paperclip.

    I can hack a mixmaster with a pointed stick.

    I can hack congress with a lobbyist.

    I can take G. Gordon Liddy's advice for dealing with government agents storming my house.

    I can move to a free country. Or maybe I can't.

  • or dissasembler or packet sniffer or compiler or ..... a computer, or your brain - doh! - gotta ban those 'tools for hacking' - we wouldn't want any one thinking outside their box (er cell) around here ....
  • by Tau Zero ( 75868 ) on Tuesday September 26, 2000 @12:52PM (#752296) Journal
    A friendly reminder that ratified treaties supercede the constitution.
    I don't believe it for a minute. The Constitution holds that treaty law should be held as equal to itself. Besides, if it comes to a treaty which was ratified by the Senate, and an amendment to the Constitution which was passed by 2/3 majority of both houses of Congress AND then by 3/4 of the States, which has more backing if there is a conflict between the two?

    No way do I believe that the Supreme Court would hold that a treaty overrides the Constitution. However, I sure wouldn't mind an amendment which holds the limitations the Constitution places on our government, and the rights and privileges recognized thereunder, override the terms of any and all treaties which are to the contrary. Even freedoms need backups.
    Build a man a fire, and he's warm for a day.

  • Come to think of it, the mistake the Council of Europe made is not using the term "cracking devices". Tedious pedantic geeks would have been so pleased, this treaty would be more popular than Quake.


  • The treaty will force all signatories (ie your government) to make illegal the "import and distribution of devices used for hacking".

    Does this mean someone in any of the signatory countries can sue the NSA for hacking into communications? Ex-NSA Analyst Warns Of NSA Security Backdoors [slashdot.org]

  • I found the statement in the article that the US Congress would be obliged to pass laws in support of this treaty a little disingenuous. This statement would be true if the US Senate approves the treaty. Under the US constitution, no treaty to which we are a signatory becomes legally binding until ratified by the Senate...no Administration can run off to foreign powers and conclude a treaty that gives them legislative powers. So, if they've been unwilling to pass the laws unilaterally, no signed treaty is going to make them do so any faster.

    Now could the Senate ratify a treaty requiring these laws be passed? Sure, and they very well might, but they are not under any obligation to do so (look at the Chemical Weapons Convention, the League of Nations, etc...). And that is a different issue than this article implies.

  • Like, say, switchblades, double-edged knives, guns, computers, cars, houses, countries (US rape of Mexico, German rape of most of Europe). Much safer life here in my mud hut with no fire and only what I can cultivate with my bare hands. Oh, and the maurauding bands that own all the guns don't bother me much, anyway. Since phones are illegal, all I have to do is run the three miles to the local police department, where they will arrest me for disturbing the peace.
  • A friendly reminder that ratified treaties supercede the constitution.

    Thank Goodness!!!
    It time that people start to realize that the only option we are going to have to balance the ever-increasing power of the multinational corporations is a ONE WORLD GOVERNMENT. Yes, I said it, and it's true. Unfortunantly, because too many of the people who are concerned for individual liberty have been bamboozled into thinking that government is the direct enemy of those rights, when in fact at least governments have to keep up some form of representation, while corporations, which have just as much ability to squash human rights, have no accountability.
    Now, if you care for your own liberty, get off your ass, drop your copy of 1984, and start trying to make a difference where it really matters, in creating and strengthening a strong, corporate-checking, world government.
  • by raygundan ( 16760 ) on Tuesday September 26, 2000 @12:54PM (#752302) Homepage
    Today, in a major coup for international governments, a treaty ratified by the EU and the US (among others) officially makes everything illegal. Under the section innocently labelled "hacking devices", such obvious implements such as computers, modems and network cards are naturally banned, but so are so-called "social hacking" tools, such as telephones, pieces of paper (which may be used to write down passwords, clothing (which may be used to disguise someone), cars (which allow criminals to move to the scene of the hacking). Now that everything is illegal, everyone who is alive has been asked to report to jail, where you will be put to work as cheap slave labor for the super-mega-international-government-corporation producing inexpensive T-shirts for resale in parts of the universe that have more money.

    This reporter, for one, is glad that he no longer has to worry about breaking the law-- it is with complete certainty that I can now say "No matter what I am doing, it is definitely illegal."
  • The last paragraph:

    When asked about privacy concerns with the treaty, Csonka said: "These concerns may be legitimate, but they could be raised in relation to any international treaty. Harmonization of laws is necessary to avoid a legal jungle on the Net."

    Right. Keep up the good work, guys, and thank you. Hey, what are those funny red dots, are there snipers around
  • We need to start exporting script kidd3z -- and it'll help the trade deficit!

  • by interiot ( 50685 ) on Tuesday September 26, 2000 @12:55PM (#752305) Homepage
    If you do something illegal on the internet... guess what? It's still illegal.

    This law is like saying "it's illegal to posess any object that could possibly be used to kill someone".

    Hint: that's very different from saying "It's illegal to kill someone".

  • Screw local or state or even federal...

    I can be an INTERNATIONAL criminal!


  • On the contrary, your Senators are two of the 100 people in the U.S. who do have power over this, since the Senate approves treaties. So don't throw in the towel yet.

  • by drnomad ( 99183 ) on Tuesday September 26, 2000 @12:56PM (#752308)
    You remember that slashdot article - a letter from 2020 -? Perhaps that article on NTFS-legislation is more fresh in the memory.

    Hacking is defined as 'unauthorised data-access', what about reverse engeneering, what about writing a compatible protocol. Will 'patent infringement' be hacking? What about Sony Playstation emulators?

    This is too bad. Supposedly, (just hypothatically) I find the magical holy grail of factoring primes... is that hacking? Can I publish this?

    This is too bad, I thought I'd be safe from US laws here in Europe, reading slashdot I realize that all sorts of laws and lawsuits will deteriate my freedom. So this will change then?

    What's next, regulations on internet protocols? Man is allowed to browse and mail, kill IRC, kill Napster, kill Gnutella?

    This smells like a tool for technological censorship... will I need a license-to-programm in future?

  • Hacking devices??

    Sounds a little too vague... very much like the CDA.


    "Evil will always win, because Good is dumb" - Lord Helmet Space Balls
  • Aside from stupid enforcement, this could actually be a really good thing
    A while back at a certain gov't job, we had an attacker break in. We did trace him, found out for the most part who he was and everything.
    He was from a EU country, and we couldn't do *anything* about it. It was really frustrating, because what he did went far beyond just the curiosity approach that I advocate to a point.
    His intent was damage, and instead of someone being punished for their crime myself and another coworker had to stay late for days digging through logs of other machines to find out how deep the damage went. That's not fair.
    However this could be the worst thing that we could come up against. Depending upon how far they want to take the 'device used for hacking'.
    I mean.. hell, look back to the young isreali Edin Tenebaum, aka Analyzer. That guy was funny, and aided those kids (by aiding more or less told them information they needed) to break into the pentagon.
    Edin in my opinion is completely innocent. Telling someone how to shoot a gun doesn't make them an accessory to murder.
  • According to the doccument, ISP's should facilitate the investigation team by keeping track of who is using the system when, and then turn this info over to the team. At first, this doesn't really sound that bad. I mean, you want to help all you can in a criminal investigation, right?

    The problem comes in the doublestandard that is held between the real and digital worlds, that can quite possibly bring about 1984 in a very real sense; or digital sense, if you prefer ;)

    Think about it: We can step onto a bus, get off at a stop, secretly break into a building, and do whatever it is we're doing in this example. OK, it's not the greatest analogy, but lets fly with it for a moment.

    Now, for comparison, someone is using XYZ SDSL, breaks into a computer system, and does whatever they want to do. I know all the flaws with this example but just think about it -- it's hard to like the digital world with real life.

    In any case, by the new laws that seem OK which are attempting to be passed, XYZ DSL service would be required to keep logs of users, users to identies, and possibly what their users are doing online. This is like the bus driver in the first example being required to take down name, addresses, and phone numbers when you get on the bus, then storing where you got off and when in a notebook. For some strange reason, the very same people who don't react to the digital laws would be screaming murder if a government tried to pass a law like this.

    Just because we have the ability to packetsniff, parse, and store potentially illegal info (or notes which can help prosecute) automatically with scripts doesn't mean we should. I maintain a large office over a single T1, and I admit I am almost always sniffing and parsing the data that's going through the pipe. But I do this in a manner that is consistant with the rest of my ethics: I specificlally filter OUT (so I don't see) port 25 and port 110 traffic. I scan port 21 and 23 for the sole purpose of screaming at the people who try to use these ports *grin*. Often I find people viewing porn or whatnot, but IMHO that's there business. Even though it is against company policy I will never notify anyone of this misuse. About the only thing I do crack down on is Napster (only because of the bandwidth issue). Mainly I want an idea of what's going over my network.

    What scares me is I know the government won't have such scruples. For some reason intercepting and making photocopies of letters is illegal; yet we're trying to legalize sniffing email...

    Shh! Nobody knows I'm gay!
  • by technos ( 73414 ) on Tuesday September 26, 2000 @12:57PM (#752312) Homepage Journal
    Actually, I'd rather we ban export of people without brains. The typical US tourist seems to make the rest of us look rather sorry, so perhaps this is one good way to prevent sour international relations..
  • Or brains?

    Sorry Mr. Torvalds/Mr. Johansen/etc. Your brain has been classified by our government as a munition and you are hereby denied entry into our country.

  • BZZT! Wrong answer. Nothing "supercedes" the constitution. Not in the U.S. nor anywhere else I'm aware of. Rather, treaties are *sanctioned* by the Constitution, and *if ratified* (e.g. signed into law by Congress/President) have the same force as any other law - subject to the same constitutional limits that any other law has.

    The original poster should go back and take a remedial course in civics. Either that or go join some random right-wing kook group with their typical habit of making bald assertions that they have no clue about.

  • by Claudius ( 32768 ) on Tuesday September 26, 2000 @12:59PM (#752316)
    It also would ban the sale, purchase, import and distribution of devices used for hacking....

    And in related news today: Axes, hatchets and machetes are now selling like hotcakes on Ebay in anticipation of the ban. (Time for another /. gripe fest over the meaning of the word "hacker/hacking").

    Lizzy Bordon took an axe
    and sunk it deep into a Vax.
    When she saw what she had done
    she turned and hacked apart a Sun. -author unknown
  • by 1010011010 ( 53039 ) on Tuesday September 26, 2000 @12:59PM (#752318) Homepage
    The Council of Europe [coe.int] members are from many countries [www.coe.fr]:
    Albania (address) Mr Paskal Milo, Minister for Foreign Affairs
    Andorra (address) Mr Albert Pintat Santolaria, Minister for External Relations of the Principality of Andorra
    Austria (address) Mrs Benita Ferrero-Waldner, Federal Minister for Foreign Affairs
    Belgium (address) Mr Louis Michel, Minister for Foreign Affairs
    Bulgaria (address) Mrs Nadezhda Mihailova, Minister for Foreign Affairs
    Croatia (address) Mr. Tonino Picula, Minister for Foreign Affairs
    Cyprus (address) Mr Ioannis Kasoulides, Minister for Foreign Affairs
    Czech Republic (address) Mr Jan Kavan, Minister for Foreign Affairs
    Denmark (address) Mr Niels Helveg Petersen, Minister for Foreign Affairs
    Estonia (address) Mr Toomas Hendrik Ílves, Minister for Foreign Affairs
    Finland (address) Mr Erkki Tuomioja, Minister for Foreign Affairs
    France (address) Mr Hubert Védrine, Minister for Foreign Affairs
    Georgia (address) Mr Irakli Menagarishvili, Minister for Foreign Affairs
    Germany (address) Mr Joschka Fischer, Minister for Foreign Affairs
    Greece (address) Mr Giorgos Papandreou, Minister for Foreign Affairs
    Hungary (address) Mr János Martonyi, Minister for Foreign Affairs
    Iceland (address) Mr Halldor Asgrimsson, Minister for Foreign Affairs
    Ireland (address) Mr Brian Cowen, Minister for Foreign Affairs
    Italy (address) Mr Lamberto Dini, Minister for Foreign Affairs
    Latvia (address) Mr Indulis Berzins, Minister for Foreign Affairs
    Liechtenstein (address) Mrs Andrea Willi, Minister for Foreign Affairs
    Lithuania (address) Mr Algirdas Saudargas, Minister for Foreign Affairs
    Luxembourg (address) Mrs Lydie Polfer, Deputy Prime Minister, Minister for Foreign Affairs, External trade.
    Malta (address) Mr Joe Borg, Minister for Foreign Affairs
    Moldova (address) Mr Nicolae Tabacaru, Minister for Foreign Affairs
    Netherlands (address) Mr Jozias van Aartsen, Minister for Foreign Affairs
    Norway (address) Mr Thorbjørn Jagland, Minister for Foreign Affairs
    Poland (address) Mr Bronislaw Geremek, Minister for Foreign Affairs
    Portugal (address) Mr Jaime José Matos Gama, Minister for Foreign Affairs
    Romania (address) Mr Petre Roman, Minister for Foreign Affairs
    Russian Federation (address) Mr Igor Ivanov, Minister for Foreign Affairs
    San Marino (address) Mr Gabriele Gatti, Minister for Foreign and Political Affairs
    Slovak Republic (address) Mr Eduard Kukan, Minister for Foreign Affairs
    Slovenia (address) Mr Dimitrij Rupel, Minister for Foreign Affairs
    Spain (address) Mr Josep Pique i Camps, Minister for Foreign Affairs
    Sweden (address) Ms Anna Lindh, Minister for Foreign Affairs
    Switzerland (address) Mr Joseph Deiss, Head of the Federal Department of Foreign Affairs
    "the former Yugoslav Republic of Macedonia" (address) Mr Aleksandar Dimitrov, Minister for Foreign Affairs
    Turkey (address) Mr Ismail Cem, Minister for Foreign Affairs
    Ukraine (address) Mr Borys Tarasiuk, Minister for Foreign Affairs
    United Kingdom (address) The Rt. Hon. Robin Cook, MP, Secretary of State for Foreign and Commonwealth Affairs

  • i guess Michael Dell, Linus Torvalds, and Bill Gates are among the many violating this new treaty?


    After 16 years, MTV has finally completed its deevolution into the shiny things network
  • Constitution , Article VI [cornell.edu]:
    • This Constitution, and the laws of the United States which shall be made in pursuance thereof; and all treaties made, or which shall be made, under the authority of the United States, shall be the supreme law of the land; and the judges in every state shall be bound thereby, anything in the Constitution or laws of any State to the contrary notwithstanding.
    I think that means: constitution first, state laws second, treaties third? That hurts my head to read.
  • Sir we are here to take all your computer data. Including some of the vintage bootlegs on MP3 that could not be found anywhere else, and those neato shell scripts. YOUR government has given us the permission to take them since you are a threat to internet security (that and being 1 million times the size we do pretty much what we want in YOUR country now). Please do not resist us in any way or we will use any force needed.
  • The consitution WAS supposed to be a backup to the freedom provided by democracy, IIRC. A way to prevent the servants of the people from taking over. Unfortunately, the Republicans and Democrats have shown repeatedly that they don't care what it says, they're going to do WTF they want.

  • by 1010011010 ( 53039 ) on Tuesday September 26, 2000 @01:04PM (#752329) Homepage
    Treaties do not supercede the constitution, as it, and only it, is the supreme law of the land.

    Article 1, Section. 10,Clause 1: No State shall enter into any Treaty, Alliance, or Confederation; grant Letters of Marque and Reprisal; coin Money; emit Bills of Credit; make any Thing but gold and silver Coin a Tender in Payment of Debts; pass any Bill of Attainder, ex post facto Law, or Law impairing the Obligation of Contracts, or grant any Title of Nobility.

    Article 2, Section 2, Clause 2: He shall have Power, by and with the Advice and Consent of the Senate, to make Treaties, provided two thirds of the Senators present concur; and he shall nominate, and by and with the Advice and Consent of the Senate, shall appoint Ambassadors, other public Ministers and Consuls, Judges of the supreme Court, and all other Officers of the United States, whose Appointments are not herein otherwise provided for, and which shall be established by Law: but the Congress may by Law vest the Appointment of such inferior Officers, as they think proper, in the President alone, in the Courts of Law, or in the Heads of Departments.

    Article 3, Section 2, Clause 1: The judicial Power shall extend to all Cases, in Law and Equity, arising under this Constitution, the Laws of the United States, and Treaties made, or which shall be made, under their Authority;--to all Cases affecting Ambassadors, other public Ministers and Consuls;--to all Cases of admiralty and maritime Jurisdiction;--to Controversies to which the United States shall be a Party;--to Controversies between two or more States;--between a State and Citizens of another State; (See Note 10)--between Citizens of different States, --between Citizens of the same State claiming Lands under Grants of different States, and between a State, or the Citizens thereof, and foreign States, Citizens or Subjects.

    And the kicker:

    Article 6, Clause 2: This Constitution, and the Laws of the United States which shall be made in Pursuance thereof; and all Treaties made, or which shall be made, under the Authority of the United States, shall be the supreme Law of the Land; and the Judges in every State shall be bound thereby, any Thing in the Constitution or Laws of any State to the Contrary notwithstanding.

  • Where do they draw the line?
    Will computers be illegal? No
    Will encryption tools be illegal? Maybe, or restricted
    Will security tools that can be used for hacking be illegal? Most likely

    This is one of the worst laws I have heard of...
    We need to let our government know that it is not OK with us!
    Another problem is what they consider hacking. Is ping flooding someone hacking? Maybe cracking a box? How about modifying an executable file... No more hex editors, they are a "hacking tool"
    This could be the loss of freedom on the net as we are used to it now.
  • by interiot ( 50685 ) on Tuesday September 26, 2000 @01:11PM (#752336) Homepage
    Well, here's [coe.int] the first draft. The article says they're nearing a final draft, so this one might not be right (anyone find a better one?)

    • a. the production, sale, procurement for use, import, distribution or otherwise making available of:

      1. a device, including a computer program, designed or adapted [specifically] [primarily] [particularly] for the purpose of committing any of the offences established in accordance with Article 2 - 5;

      2. a computer password, access code, or similar data by which the whole or any part of a computer system is capable of being accessed with intent that it be used for the purpose of committing the offences established in Articles 2 - 5;

      a. the possession of an item referred to in paragraphs (a)(1) and (2) above, with intent that it be used for the purpose of committing the offenses established in Articles 2 - 5. A party may require by law that a number of such items be possessed before criminal liability attaches.

    Sounds just like the DMCA's defintion [cornell.edu] about what a copyright infringement device is. So this type of law now will extend from only covering copyrights to covering anything that was intentionally locked. Which would probably cover the CueCat (keep those articles coming!)

    (please note: offline lockpicks are not illegal. online ones will be illegal soon.)

  • by interiot ( 50685 ) on Tuesday September 26, 2000 @01:14PM (#752339) Homepage
    Thus, third world countries can make lots of money by being data havens. The knowledge gap meets the freedom gap.
  • by Parity ( 12797 ) on Tuesday September 26, 2000 @01:15PM (#752341)
    'Laws' being proposed are,
    People with access to information must make all reasonable effort to provide it to the authorities. Ie, 'We need to see all your server logs because we think the cracker routed through your network' or 'We need your entire anonymous remailer database so we can do traffic analysis to determine which 17 accounts belong to the cracker'; With a warrant... without... ? Will it be a 'crime' to not turn over this information on request? (Well, not for long in the USA but who knows about other countries; the courts will make sure warrants and/or subpoenas are still required to coerce information, but it could take time if the law isn't written that way.)

    'Cracker Tools' being outlawed; to draw an analogy, 'lets outlaw drills because they can be used to drill out lock cylinders and gain entry into people's houses!' Uhm. What's a 'computer hacking tool' anyway? Netcat? I'm using it right now to test ftp protocols by hand. nmap? I use it to check that I didn't miss any ports when locking down a box. Nessus? Satan? They'll tell you exactly where a machine is vulnerable. Your machine, somebody else's machine, how are they supposed to know? (Actually, with Nessus you already have to be inside the target to use it, though I'm sure it could be used as a codebase to start a dedicated cracking tool.) My point is, run a security 'auditor' in combination with a 'stealth' portscan and compile a handful of 'demonstration' exploits from securityfocus and you've got yourself a handy-dandy skr1pt k1ddy level cracking-kit built out of security admin tools. Never mind the prior restraint/free speech issues implied since code is text is speech, dammit.

    'Illegal to do unauthorized access' ... What's an unauthorized access? Pinging a machine? Reading a webpage meant for internal use but not secured? Attempting to log in as user 'ftp' on a non-public ftp server? Portscanning? What is a portscan? Does telnetting to ports 21, 23, 25, and 80 out of curiousity to see what they're running count as a 'portscan'? D'oh.

    If you ask me, the only 'computer crime' law we need is to make it illegal to destroy or alter information on a computer that you don't have authorized access too, (where 'alter' does not include doing things that generate log entries, etc, etc, long list of exceptions to describe normal behaviour). Yeah, this means if someone cracks your computer without overwriting files or anything nasty like that (like, maybe they sniff your in-the-clear telnet or ftp password transmission...) that you can't do jack about it in court, but so what?
    Everyone always wants to draw parallels to the real world: In the real world you don't arrest people for walking into the lobby; you don't arrest people for using the bathroom without buying anything even though it says 'customers only'; you don't arrest people for looking in through the window of a jewelry store or even rattling the cage over the windows. You -do- arrest people for spray painting on the walls of the bathroom or for throwing a brick through the window of the jewelry store and running off with a pocketful of diamonds. Where the access lines between 'use' and 'abuse' are is entirely too vague and if we're not careful the government(s) will write up a set of laws that making any new network protocol illegal - not by intent, but because they're politicians and lawyers, not engineers, and won't know the implications of what they're writing! (Presumably they have enough technical advisors to know the -explicit- meaning of what they're writing, but long term implications are another matter.)

    Any-way. The article is very vague; maybe safeguards are being built in to prevent the worries I describe; maybe they aren't; maybe they're penciled in but maybe they'll get erased; keep an eye on it, anyway, because it is -not- 'mostly harmless'.

  • That's not a terribly unusual argument, however. Handguns are banned in D.C. for that very same argument if memory serves, as are all long guns in NYC. Of course, the usefulness of such laws is rather dubious...

    A problem right now with internet crime is jurisdiction. Without treaties, it's unclear how international unauthorized access should get handled -- especially since different nations have different ideas on what is or is not illegal, let alone different judicial systems and standards. It's probably a good idea to formalize guidelines...
  • But gun offense and defense technology is mostly developed by now.

    Computer security isn't developed very much yet, and this law will probably encourage admins to be lazier. And the only people who will have hacking skills worth mentioning will be the criminals.

    If hacking were allowed to go on for a few more years, most of it would be innocent. During that time, defense strategies would be refined, allowing our overall security to be actually stronger, rather than legally stronger (which isn't worth much).

  • Someone else helpfully supplied this quote from the US constitution:

    Article 6, Clause 2: This Constitution, and the Laws of the United States which shall be made in Pursuance thereof; and all Treaties made, or which
    shall be made, under the Authority of the United States, shall be the supreme Law of the Land; and the Judges in every State shall be bound thereby,
    any Thing in the Constitution or Laws of any State
    to the Contrary notwithstanding.

    The obvious interpretation of this is that a
    treaty supercedes a STATE law or STATE constitution. Any other inerpretation simply makes no sense.

  • by Parity ( 12797 ) on Tuesday September 26, 2000 @01:25PM (#752347)
    It says,
    'The constitution, and laws made by the rules of the constitution, and treaties made by the USA, together make up the supreme law, and all judges are bound by it, no matter what the state laws and state constitutions of the individual states may say.'
    Or in other words, the constitution + federal law + treaties are bigger and badder than state laws and state constitutions; it doesn't say where treaties are relative to the federal constitution... though since the only thing that gives treaties power is the constitution -saying- they have power, there's a certain implication there...

  • Offences consist of violating one of the following: authorization/authentication [2], confidentiality [3], integrity [4], or availability [4,5].

    Additional clauses were added for forgery, fraud, kiddie porn, and copyright infringement on a computer.

  • The US government is corrupt BEYOND redemption. Instead of looking to the Constitution to reform it, we should write a NEW constitution that ... blah blah blah.

    Which, by your thesis, will also be ignored. If 'they' are using the original one for toilet paper, what's going to make 'them' respect a new one? If a new constitution is enforceable, why don't we just enforce the one we have?

  • 1) DMCA = can't reverse engineer something and use the knowldge to make a device that primarily infringes copyright

    2) this law = can't sell/make/link-to debugers or compilers if they're primarily advertised as cracking devices.

  • Indeed, when the wild west was starting to be civilized, the govmnt didn't outlaw guns altogether. So this situation is clearly worse (primarily because these guns can be copied for free and with very little effort and it's easy to hide the transaction), and they realize it.
  • Article 2, Section 2, Clause 2: He shall have Power, by and with the Advice and Consent of the Senate, to make Treaties, provided two thirds of the Senators present concur; and he shall nominate, and by and with the Advice and Consent of the Senate, shall appoint Ambassadors, other public Ministers and Consuls, Judges of the supreme Court, and all other Officers of the United States, whose Appointments are not herein otherwise provided for, and which shall be established by Law: but the Congress may by Law vest the Appointment of such inferior Officers, as they think proper, in the President alone, in the Courts of Law, or in the Heads of Departments.

    You left out Article II section 1, which specified that "He" is the president. Out of context and coupled with the constitution's peculiar capitalization, it reads like we're talking about the Divine One, who's free to enter into any damn treaties He pleases, I suppose. Perhaps that's what's missing from this treaty: a little divine intervention. I wouldn't want to be in Brussels or Washington when the helfire and brimstone comes a-raining down like on Sodom and Gomorrah of yore, smiting the corrupt tribes of Europe and USiA for this latest of ther abominations.
  • Either that or go join some random right-wing kook group with their typical habit of making bald assertions that they have no clue about.

    Yes, those kooky right-winger cut-ups. With their assertions about being the inspiration of Love Story, their mothers-in-law paying more for health care than their dogs, being lulled to sleep at age 27 by the "Look for the Union Label" song, and Clinton being the one of our "greatest Presidents." What a bunch of idiots.

  • If you'd like to see how this type of law can be applied, look no further than our friends in the UK. If you attempt to enter the U.K. with a computer, they want to inspect it for illicit material like child porn. If you have encrypted data on it and the authorities have reason to think that you know the key, you can be thrown in the slammer for not giving it to them. At the least, they'll keep the machine until you give them the key, or hell freezes over, whichever comes first.
  • Several academic security specialists wrote a statement of concerns [purdue.edu]about the treaty:

    • As leading security practitioners, educators, vendors, and users of information security, we wish to register our misgivings about portions of the Council of Europe draft treaty on Crime in Cyberspace.

      We are concerned that some portions of the proposed treaty may inadvertently result in criminalizing techniques and software commonly used to make computer systems resistant to attack. Signatory states passing legislation to implement the treaty may endanger the security of their computer systems, because computer users in those countries will not be able to adequately protect their computer systems and the education of information protection specialists will be hindered.

      Critical to the protection of computer systems and infrastructure is the ability to

      • Test software for weaknesses
      • Verify the presence of defects in computer systems
      • Exchange vulnerability information

      System administrators, researchers, consultants, and companies all routinely develop, use, and share software designed to exercise known and suspected vulnerabilities. Academic institutions use these tools to educate students and in research to develop improved defenses. Our combined experience suggests that it is impossible to reliably distinguish software used in computer crime from that used for these legitimate purposes. In fact, they are often identical.

      Currently, the draft treaty as written may be misinterpreted regarding the use, distribution, and possession of software that could be used to violate the security of computer systems. We agree that damaging or breaking into computer systems is wrong and we unequivocally support laws against such inappropriate behavior. We affirm that a goal of the treaty and resulting legislation should be to permit the development and application of good security measures. However, legislation that criminalizes security software development, distribution, and use is counter to that goal, as it would adversely impact security practitioners, researchers, and educators.

      Please do not hesitate to call on us for technical advice in your future deliberations.

    I guess the treaty would, at the very least, make a significant part of the Bugtraq mailing list illegal.

    Also note that I don't think they're only asking for an academic exclusion. If corporations want to do internal testing, they would need exceptions also. And individuals... and...

  • This constitution, and the laws of the United States which shall be made in pursuance thereof; and all treaties made, or which shall be made, under the authority of the United States shall be the supreme law of the land; and the judges in every state shall be bound thereby, any thing in the constitution or laws of any state to the contrary notwithstanding.

    Emphasis mine. See? Even the constitution takes a back seat to any agreements made in treaties.

    That is incorrect. It's a very common error, and comes from misparsing the sentence. The same misparsing could be used to say that federal law overrides the constitution, or that the constitution overrides itself.

    What it REALLY says is that the (federal constitution, federal laws, and treaties) override state (constitutions and laws).
  • by interiot ( 50685 ) on Tuesday September 26, 2000 @02:23PM (#752391) Homepage
    The Locksmithing FAQ [respublica.fr] says:
    • 3. Is it legal to carry lock picks?
    • This depends on where you are. In the U.S. the common case seems to be that it is legal to carry potential "burglar tools" such as keys, picks, crowbars, jacks, bricks, etc., but use of such tools to commit a crime is a crime in itself. Call your local library, district attorney, police department, or your own attorney to be sure. Possession of potential "burglar tools" can be be used as evidence against you if you are found in incriminating circumstances. An example of a state law can be found in the Viginia State Code: Section 18.2-94 _Possession of burglarious tools, etc._ "If any person have in his possession any tools, implements or outfit, with intent to commit burglary, robbery or larceny, upon conviction thereof he shall be guilty of a Class 5 felony."

      Note that the prosecution has to prove "intent". However, the law continues: "The possession of such burglarious tools, implements or outfit by any person other than a licensed dealer, shall be prima facie evidence of an intent to commit burglary, robbery or larceny." This means that the possessor can have a bit of an uphill battle and has to convince the jury that this 'prima facie evidence' is misleading.

      Places where it *is* illegal to carry lock picks: The District of Columbia, New York State and Illinois. New Jersey law appears to make these illegal if they can work motor vehicle locks. There may be many other places as well (such as Canada, Maryland and California.) It can be hard to tell since the relevant laws can be dealing with burglary, motor vehicles or locksmith regulation, etc. This emphasizes the importance of finding out for *your* area - and determining the applicability to *your* circumstances (e.g., locksmith, full or part-time), repo worker, building maintenance worker, ...

  • A friendly reminder that ratified treaties supercede the constitution.

    I don't believe it for a minute. The Constitution holds that treaty law should be held as equal to itself.

    Close, but no seegar. The section you're referring to actually says that any of (the federal constitution, the federal laws, treaties) trumps any of (state constitutions, state laws) in any court case.

    THAT section doesn't say anything about the relative strength of the federal constitution, the federal laws, and treaties.

    However: laws, treaties, and constitutional amendments are authorized, and their manner prescribed, by the constitution. And the bar is much higher for amending the constitution than it is for either making a treaty or making a law. So it should be pretty clear that treaties, like laws, haven't qualified as constitutional amendments and thus neither treaties nor (federal) law trumps the (federal) constitution.
  • by fugue ( 4373 )
    I think that rape is a much more serious and widespread crime than hacking. When will they ban possession of that equipment?

  • A Senate ratified (which this one isn't yet - write those letters) treaty is equal in auhotirity to the Constitution, but cannot supersede it.

    Actually, it is not equal to the constition. It's just that it's a member of the set of federal things (constitution, laws, treaties) that override state things (constitutions, laws).
  • The text of the draft Convention can be found on here [coe.int]. They do welcome comments, By releasing the latest draft of the treaty, the Council of Europe seeks to enhance the consultation process with interested parties, whether public or private. It particularly encourages business and civil society organisations to come forward and share their comments with the experts involved in the negotiations before the text eventually becomes final. Commentaries are welcome on : daj@coe.int So, instead of bitching here, Slashdot should create a communal comment, indicating the worries that we, as a community have. Thalia
  • Because it outlaws pretty much every OS Microsoft have ever produced and, for that matter, Novell prior to (if memory serves) 4.11.

    They're perfect cracking tools. You just have to persuade your target to install them, and the poor fools are wiiiiiide open.

  • Wow. Storage of traffic is mandatory? Time to buy stock in some hard drive companies. My first reaction would be that this attempt would be prohibitive, and that they wouldn't store all traffic, but re-reading it, it looks like they mean to store all the data.

    Okay. Let's say they recorded traffic at a backbone. An OC-48. 5Gbps. That's 52TB of data in one day. I guess that's not terrribly prohibitive...?

  • by Azog ( 20907 ) on Tuesday September 26, 2000 @02:40PM (#752401) Homepage
    Your're right - sort of. The biggest problem with laws like this is that "hacking tools" is obviously too vague. And vague laws are a license for selective enforcement - a way to get people thrown in jail when they have an attitude that powerful people don't like.

    Owning computers, compilers, debuggers, and the like will be legal - until you do something with them that some government agency or big company doesn't like. Then they will call it "hacking" and the fact that you have those tools will be proof that you are a criminal.

    Under a law like this, the people that reverse engineered CueCat could be charged with possession of hacking tools - the same software that millions of other people have - but their knowlege and application of those tools will magically make the tools themselves illegal.

    I figure it will be time to leave the US and move to a free country in about 5 years at the rate things are going. Hope there are some free countries left by then.

    Torrey Hoffman (Azog)
  • .. or has it? I guess they're not a sovereign nation, are they ... which I suppose makes it perfectly acceptable for the US government to make a treaty with it, without the will of the people, to control the US economy.

    (Hint: The Federal Reserve Bank is a privately held organization...)
  • THAT section doesn't say anything about the relative strength of the federal constitution, the federal laws, and treaties.

    Actually, read it again. The way I look at it, it seems as though it provides a clear hierarchy. State constitutions trump state laws. Federal law trumps state laws. Treaties trump federal law. And finally, the Constitution trumps everything else, at least as far as the US is concerned.

    Of course, technically the government is forbidden to ratify any treaty that would conflict with the Constitution, but go figure; that provision has been ignored for how many years?
  • by Ungrounded Lightning ( 62228 ) on Tuesday September 26, 2000 @02:47PM (#752406) Journal
    The text of the treaty does not use the term "hacking". That occurs twice in the editor's comments, and nowhere else.

    The treaty explicitly defines the classes of crimes in question.

    There's some bad stuff in there. But it's not QUITE as bad as the article makes it sound.

    (One example is the section on seizure, which includes deliberatly denying access to the siezed data.

    In the US, seizure as part of a search is supposed to be only to preserve evidence. Denial or disruption of access to the seized material is only authorized when it's an unavoidable consequence of preserving the evidence, and copies of the data siezed must usually be made available to the data's owner at some point in the proceedings.)
  • ...my brain. It's the most useful device I have when I want to hack.
  • Nah, you don't do that sort of thing all at once.

    You start small, like being required to 'register' the equipment. Hmmmm....looks like my birth certificate already takes care of that part.

    The next step then, is to ban "assault" versions of the equipment. In this context, I suppose this means either equipment over a certain length, or equipment that produces or can handle "assault" concentrations of testosterone....

    Once that's in place, we just institute a "buy-back" program which allows owners of the equipment to sell it to the Government (presumably this means taxes go up to pay for nationwide 'sexual reassignment' surgery....) Those who hold out on this will have their equipment taken by force later on.

    Okay, I'll stop. I'm starting to scare myself, and I don't want my legislators to think I'm serious and start getting ideas...

    Joe Sixpack is dead!
  • by interiot ( 50685 ) on Tuesday September 26, 2000 @03:07PM (#752413) Homepage
    A lot of people are arguing over this, so maybe some facts will help.

    Reid v. Covert (1957) Supreme Court [puertorico51.org]

    • When the United States acts against its citizens abroad, it can do so only in accordance with all the limitations imposed by the Constitution, including Art. III, 2, and the Fifth and Sixth Amendments. Pp. 5-14. [354 U.S. 2]
    Commentary on the case here [pitt.edu].
  • You are obvously a member of one of those completely utterly clueless rightwing groups.

    It's rather off-topic to the original article, but in the general interest of Slashdot's "News for Nerds, Stuff that Matters", allow me to grant you some small fraction of a clue you so desperately desperately need.

    To wit: Al Gore once said he was the model for the main characters in Erich Segal's 1970 romance novel Love Story. The truth: Al Gore based his account on an article in the Nashville Tennessean. Segal says the newspaper "exaggerated" the connection to the Gores. He says the protagonist was a combination of Gore and his college roommate, actor Tommy Lee Jones.

    The song Gore actually heard as a bedroom lullaby: "Don't Forget the Union Label". He got the titles confused.

    Clinton being one of our greatest president? That's a judgement call. But he didn't get us in any wars, and wasn't suffering early Alzheimers in office either.

    We now return to our regularly scheduled clueless whining.

  • Read the whole thing:

    ...any Thing in the Constitution or Laws of any State to the Contrary notwithstanding.

    The President could not enter into a treaty to revoke the 1st amendment.

  • The Supreme Court has talked about this on several occasions, and it's clear that the Constitution will always override a conflicting treaty. Here's two cases-- Missouri v. Holland, 252 US 416 (1920): "a treaty cannot be valid if it infringes the Constitution." Reid v. Covert, 354 US 1 (1957): no "agreement with a foreign nation can confer power on the Congress, or on other branch of Government, which is free from the restraints of the Constitution...The prohibitions of the Constitution were designed to apply to all branches of the National Government and they cannot be nullified by the Executive or by the Executive and the Senate combined..." So--treaty will trump any state law or state constitution, but cannot trump the Constitution. The more interesting question is when a treaty conflicts with an existing federal statute. In general, courts would analyze the case "as if" the treaty were another law passed by Congress. And there are several rules courts and lawyers (!) use to resolve apparent conflicts or inconsistencies. For instance, specific trumps the general, later-in-time, etc. Here's a vignette I remember from school: in the Fifties, a group of Southern Congressmen got together to try and pass a constitutional amendment that would clearly resolve this debate we're having--treaties would not apply internally to the US unless Congress passed specific implementation legislation. So, what do you think those Southern members were scared about? The United Nations Charter and the UN Declaration of Human Rights.
  • ...any Thing in the Constitution or Laws of any State to the Contrary notwithstanding.
    Sigh... "Anything in the (consititution or laws) of any state to the contrary notwithstanding."

    Come on guys, I know the style is a little archaic, but it's not like it's Middle English...
  • Gee, I've always read it, "any thing in the constitution, or laws of any state, to the contrary, notwithstanding." Meaning, when there is a contradiction, the Constitution wins.

    However, I'm not not so sure that that means what I thought it meant, either way, due to the "notwithstanding." That word means "in spite of." Essentially, the constitution can be repealed via treaty if that's what it means, which scares me and pisses me off. People like Clinton study COnstitutional Law just to find loopholes in it and ways around it. Treaty would be the mother of all loopholes.

    The idea that nothing supercedes the U.S. Constitution is familiar; here's a couple of links I just dug up:

    http://citizens.reagan.com/rig ht/ no-irs/helms.htm [reagan.com]
    Thus, when the United States joins a treaty organization, it holds NO AUTHORITY over us.We abide by our treaty obligations because they are the domestic law of our land, and because our elected leaders have judged that the agreement serves our national interest. But NO treaty or law can EVER supercede the one document that all Americans hold sacred: The U.S. Constitution.

    http://www.aei.org/past_event/conf12 09b .htm [aei.org]
    Critics, particularly those from the United States, stress the negative impact allowing treaty law to supercede domestic law would have on the constitutional balance of power and the federal checks and balances. Ultimately, as one observer note, they believe that allowing "treaty law to be superior to federal legislation (let alone to the constitution) to be dangerous to the idea of democracy and democratic representation of individuals."
    Regardless of whether the Constitution can technically be countermanded by treaty, the U.S. can simply withdraw from treaties its citizens do not like. The whole idea of surrendering soverign authority to unelected, unaccountable bureaucracies like the WTO, WIPO, etc. strikes me as highly distasteful, and even treasonous. I for one have no intention of obeying the "laws" made by faceless parties outside of my country.

    Can you provide an explanation of how treaties can supercede the U.S. Constitition as the supreme law of the land? Could the fifth amendment, for example, be nullified by treaty? Wouldn't that constitute a change to the consitution which the states would have to ratify?

  • Actually, we should just get back to respecting the constitution we do have. Tearing it up would be much, much worse than anything going on now. Can you imagine documents like the Declaration of Independance and the Constitution being created today? We'd have a bunch of Pat Robertsons, Bill Clintons, George W. ("there ought to be limits to freedom") Bushes, etc. running the show. A LONG way from Jefferson, Madison, Franklin, et al.

    Take the Strict Construction Cure! Make the government stop doing anything not authorized explicitly by the Constitution!

  • linton being one of our greatest president? That's a judgement call. But he didn't get us in any wars,

    Um... yes he has. Quite a number, actually.

  • "The horrors experienced by many young inmates, particularly those who are convicted of nonviolent offenses, border on the unimaginable. Prison rape not only threatens the lives of those who fall prey to their aggressors, but it is potentially devastating to the human spirit. Shame, depression, and a shattering loss of self-esteem accompany the perpetual terror the victim thereafter must endure."

    U.S. Supreme Court Justice Harry A. Blackmun,
    Farmer v. Brennan

    This statement by a United States Supreme Court judge was made before prisons had become a primary breeding ground for AIDS, not to mention Hepatitis-C (which is at 40% of inmates in California prisons).

    There is a false myth being promulgated by a woman named Carolyn Meinel, "the Happy Hacker" [dis.org] that young hackers are not subject to sexual exploitation in Federal prisons. Carolyn Meinel has been published as lead author for such establishment magazines as "Scientific American" concerning computer security, makes frequent use of the FBI's services and is rumored to have been in the pay of the FBI on more than one occasion.

    The truth is, rape of young men in Federal prisons is not as frequent as it is in some of the worst state prisons, but is more directly targeted by US Government authorities themselves.

    Assistant U.S. attorney Gordon Zubrod from Harrisburg, PA made the following public statement to 3 suspects who fled to Canada (this statement was captured for the public record during a Canadian Broadcasting Corporation interview):

    "You're going to be the boyfriend of a very bad man if you wait out your extradition."

    Here are a couple of letters written by young men to the late Steven Donaldson, the dead founder of Stop Prisoner Rape [spr.org]:

    I was raped by an inmate that was assisted by an federal correctional officer [at FCI Memphis, Tennessee]. I have attempted to file a law suit in the matter, but with no money and without the legal knowledge to pursue a legal confrontation, I was simply forced to accept what happened to me as if it was the normal thing to do/or happen.

    The incident was also investigated by the Office of Internal Affairs. The officer was then fired and I was simply transfered.

    It is hard for alot of rape victims to seek help from the prison law assistance without the other inmates becoming aware of the fact that a male has been raped. Once this information has been set out there, the rape victims become victims of another type. This could be the reason that many cases such as min[e] never even reaches a court of law, simply becasue we can not initiate this kind of legal process without the help of other inmates. There are some inmates that have been raped in prison that cant even read. Not to mention the mere shame that comes with having your manhood stripped away as concieved by other male prisoners, so it becomes something that is hidden in your past if you are transfered to an institution where it is not known.-Valgene Royal, San Pedro, California

    From Royal's BP-10 administrative appeal: "On July 3, 1991 I was laying in my bed sleeping in disciplinary segregation, when I was awakened by my door being unlocked, at which time an inmate entered my room and appeared at my bedside. The officer that let the inmate into the room left and locked the door before I could identify him. The inmate forced himself on me and proceeded to rape me....Eventually an officer whom I was able to identify...let the inmate out of the room and locked the door back and they left together.

    [Royal reported the rape and was moved to the prison hospital.] I remained in the hospital cell from July 3th until July 9th, 1991 without being allowed to shower or exercise....On a few occasions I was only fed once a day....A F.B.I. polygraph examiner verified my claim `via' polygraph examine." [Royal was kept in segregation involuntarily even after his disciplinary time expired and both the attacker and the officer involved had been transferred from the institution.]

    And another:

    In 1986, at the age of 20...I pleaded guilty to one count of bank fraud....On March 14, 1987, while sun-tanning on a hill away from [the federal prison camp at Lompoc, Calif.], [Tony] Armstrong and his two friends approached me. I was tackled and punched in my gut. I couldn't scream for help because I had the wind knocked out of me. I struggled and twisted, trying to get free, then I was hit and almost became unconscious. They raped me. After they were through, they said that, if I complained to the authorities, I would be killed. No matter where I went, they, or their gang members, would be able to kill me. Later, at dinner, Armstrong and his friends came over to my table and warned that they wanted to rape me again that night. I believed them because we lived in dorms and could move freely. The rape resulted in a large triangular piece of skin being torn off near the base of my tail bone. I still have a scar.

    At 5:30 a.m., on March 15, 1987, I escaped by walking away from Camp. There were no fences around the camp.

    Three months after I was raped [having been rearrested May 4 or 5 and incarcerated at VCI Terminal Island] I tested positive for HIV in a routine medical check up. This test was the first test among other routine ones in which I tested positive.

    While at FCI Terminal Island, I wrote to...the Bureau of Prisons...My letter contained complaints about the amount of protection given to inmates from other inmates....[2 ½ weeks later] prison authroities asked if I had written the letter. I said that I did. The guard, Lieutenant Webb, at that point (and other times) mocked me and said that I should stop complaining and that I "should take it like a man." Other prison guards also made derogatory remarks. I was immediately placed in solitary confinement for over 100 days (January to April) "for my own protection."-Kevin Borkowski, California

    Obscene are the arguments about whether any of the things the government does: treaties, taxes, etc., are "constitutional". Clearly it is well beyond the stage where the US Government gives your rat's ass to one of their civil sodomites whether or not anything they do is "constitutional" in the slightest. The only thing they care about is whether they can get away with what they want to do -- and, since their authority is based on criminal conduct at its very root, this has much more to do with who has the power than who has the law on their side.

    The message the US Government is sending via its well-targetd prisoner rapes in Federal "corrections" institutions is clear:

    Acquire power now.

    Acquire power before they come and batter your door down and take you off to be gang raped by their alpha disease vectors "just to show you who's boss". You should be prepared to defend yourself from these murderous sexual sadists posing as "law" enforcement officers by whatever means necessary.

    Since the US Government has taken to pitting ethnic groups against each other in prisons as a means of enhancing the degree of torment and control of prisoners, the primary means of defense, if you are black, Hispanic, Asian, Jewish or Italian, is to make sure you have friends who are connected with gangs of your ethnicity so that when you enter prison you can be protected from the other ethnic gangs. Be sure you have access to lots of money in the bank to provide insurance payments [geocities.com] to your ethnicity's gang.

    Unfortunately, most young "hackers" are Protestant heritage men who, as a result of that ethnicity, have an even bigger problem in prison:

    With the encouragement of the prison system, young Protestant men (especially ones with light-hair color) are considered "prime chicken meat" by other ethnic gangs and the only gangs you can seek out for protection are those targeted by legislation as "terrorist hate groups" and receive correspondingly intense scrutiny, infiltration and even covert control by Federal authorities. Get anywhere near one of those groups and you are almost certainly going to run directly into an FBI operative as one of your first contacts within the group. Some of these under cover FBI operatives pad their reports out to make it look like they are doing some "good" for their civil sodomite paycheck. Furthermore, those Protestant ethnicity gangs are singled out in the prison system for suppression of their activities. In many prisons you can't even get a copy of the Poetic Eddas (a pre-Christian book of religious mythology from tribes that later became Protestant) because it is deemed "hate literature" by the government. Political asylum in other countries is a possibility, but once you have been labeled a "neoNazi" or "white supremacist" by any western country, you effectively lose your rights to political asylum anywhere in the West -- unlike those who are declared by the US Government to be members of gangs of ethnicities other than Protestant heritage.

    PS: Setting up alternative monetary systems like DBarter [dbarter.com] can't hurt either. If they want to back their money with protection from the very threats they create [geocities.com], then it is high time to dispense with their monetary system.

  • If you turn off paranoia mode and actually think about what this treaty says it starts to look a lot less frightening.

    The US and UK (and probably other countries) already have laws banning trade in devices used for hacking and other criminal purposes. AIUI in the US the usual test is lack of "substantial lawful purpose" or something along those lines. The treaty doesn't set down detailed rules for this, it just commits the countries in question to have some law on the books which covers that subject.

    Similarly for the provision of information. The treaty doesn't set out criteria for warrants: that is a domestic matter. It merely requires the signatory countries to have some kind of law on the books which enables the police to get at computer data.

    Recall the problem with the virus author in the Phillipines who couldn't be prosecuted because the Phillipines didn't happen to have an anti-virus law on the books? This treaty is intended to avoid that kind of situation.


    (BTW "Mainwaring" is pronounced "Mannering", as every Dad's Army fan will know)

  • "Treaties overriding constitution" is an urban legend popular among certain right-wing factions concerned about the New World Order and similar conspiracy theories.

    The constitution doesn't say so, and neither does the most applicable case law. The Supremacy Clause reads as follows:

    This constitution, and the laws of the United States which shall be made in pursuance thereof; and all treaties made, or which shall be made, under the authority of the United States shall be the supreme law of the land; and the judges in every state shall be bound thereby, any thing in the constitution or laws of any state to the contrary notwithstanding.

    Thus, a treaty is no more immune from Constitutional scrutiny than is any other "law[] of the United States which shall be made." While treaties (and federal law) are CLEARLY given special treatment as supreme law over that of states, the Constitution has special overriding status, and the Supreme Court has stated so clearly in several cases. See, e.g., Missouri v. Holland, 252 US 416 (1920) ("a treaty cannot be valid if it infringes the Constitution").
  • Most US Law up until now have presumed a person innocent until proven guilty. And "guilty" usually meant using that weapon to hurt/kill someone or anything else that's illegal. Okay, there are laws that don't let you carry guns in certain places, but the NRA has been actively fighting that. Any arguments against the Cybercrime treaty are essentially the same as the NRA's arguments that non-criminals should be allowed to have/carry/use-in-a-legal-manner guns.

    It's the act of crime that's illegal, not the weapon itself. What's wrong with that?

    I don't know, maybe they scale things back to allowing people to be licensed virus carriers, since viruses do have ligitimate uses. There are very few of them (eg. making sure your antivirus tool actually works, studying viruses, making an antivirus tool...), but they aren't insignificant uses. Especially the antivirus tester.

  • And my favorite: "Who are these guys?" while pointing at busts of the founders. Stupid right-wingers.
  • Being an A.C., not to mention semi-literate, I doubt that you'll see this, but just in case others do: go here [cwis.kub.nl]. Take a look at the template for how an oppressive government goes about its business. I wish you well in your island Gulag, Brits.
  • Of course there is a higher percentage of 'smart' ones outside the country. How many people you know that can afford a three week trip to Paris on what they make as a peep-show booth cleaner or as the deep fry schmuck at McDonalds??

    Still, Ma and Pa Piddioit are out there..
  • No, but I bet you'd be screaming at 911 to get the police to your house if your pervert neighbor was peeping through your window at your wife getting out of the shower.

    Actually, no; I'd make sure we kept the curtains drawn (my online journal encrypted); unless you mean he was in the yard right up at the window? Then yell at him to get the hell away (kill the process of the intruder and change the passwords he/she got).

    Now, if the peeping time broke into the house and planted a camera and 'fixed' the locks so he could get in any time, then I'd call the police; and in the analogy, damage would have been done to the computer system - software 'damaged' with insertion of backdoors, etc.

    In the real world we don't have a law against looking in through somebody's window, though we do have laws against stomping across the yard and climbing into the azalea bushes to peer through the cracks in the curtains...

    People behave reasonably in the real world; they -don't- call the cops because someone looks out their bedroom window and into yours, or because somebody walked across the corner of the yard and happened to glance into the living room window (even though you could technically say it's trespassing, maybe... sort of...); people want to make the analagous behaviours in the online world felonies, and people are -not- reasonable about it. There are people out there who would (And even try to with current laws!) try to take someone to court for ftping to their machine. (Kinda like insisting the police arrest someone for 'trespassing' when they pulled into your driveway by accident mistaking it for their friend Bill's house... )

    Anyway; if ten years from now, we see that certain loopholes have been left in the legislation, we can close them, but remember - tampering with logs to hide your presence would count as damaging the machine, adding accounts and backdoors makes the machine less secure and is damaging the machine... just about any conceivable 'cracking' attack will at some point 'damage' the machine... a portscan or an attempt to ftp in or whatever are harmless and shouldn't be criminalized, -that's- what I'm saying. (And if someone cracks your machine without fixing the logs you can just block their host forevermore since you know exactly who they are!)

    Anyway. It's much easier to -add- legislation to solve a problem and it's much -harder- to undo draconian legislation, so it's much, much better to add laws for 'digital crimes' slowly and carefully and without any sweeping gestures that might outlaw lots of legitimate activity.

  • In the real world we all agree on the difference between 'inside' and 'outside' and the difference between 'an open door' and a 'closed door' and the difference between a private residence and a public facility is usually clear at a glance.

    In the online-world we have no such agreements. So what I'm saying is, don't make 'trespassing' or 'entering' a crime, only make 'breaking' a crime; at least so long as we -don't- have a society-wide agreement about where the lines are.


Loose bits sink chips.