U.S. And EU Ready International Cybercrime Treaty 193
Nightspore writes: "Yes, while you slept last night another supra-governmental body was hard at work readying a shiny new set of chains for you. Read more on how the US and EU are putting the finishing touches on their international cybercrimes treaty. The treaty will force all signatories (i.e. your government) to make illegal the 'import and distribution of devices used for hacking.' Signatories also would be required to 'provide law enforcement authorities with the ability to conduct computer searches and seize computer data.'
"
Devices used for Hacking? (Score:4)
Cool! Where do we sign?
hmmm... (Score:2)
öööööööööööööööööööööööööööööööööööö
wait wait wait (Score:1)
These proposals sound resonable... (Score:2)
"sieze computer data" (Score:1)
Good grief. (Score:1)
While they're at it, why don't they forbid the import/export of items that can be used to commit murder? Things like automobiles, tobacco, alcohol... oh, wait; that's right. Anything that dulls the senses is good; anything that sharpens the mind is bad. Silly me, next thing you know, I'll start doubting what Ministry of Truth tells me...
More than just the US and EU (Score:5)
The Council of Europe is, therefore, more far-reaching than the EU as it includes all of those countries that didn't join the EU (like Norway). Even Moldavia and Liechtenstein are on the Council.
So, essentially, this is even worse that you might have thought. There is pretty much no "western data haven" to work from.
--
Note that it says US and EU... (Score:1)
Drawing the line (Score:2)
I mean, if they can ban a "hacking device" they have just been vague enough to sieze anything from a computer, except MAYBE the moniter. And then consider that software product could be a hacking tool. Port scanners and security auditing tools are widely used for cracking. But on the other side they are used to combat it too.
We are hopeless, for when this passes, the government will have complete control over any and all electronics, and they cannot be held accountable.
Good luck, we'll need it.
Reminder: treaties supercede constitution (Score:3)
Re:wait wait wait (Score:1)
US and EU? Cybercrime Treaty?! (Score:1)
Unintended consequences? (Score:1)
For example, they said, security testing would not be banned, because prosecutors must show there was intent to commit an illegal act.
If this can trump the DMCA, then DeCSS can't itself be illegal. Only if you can prove a user was going to use it for illegal purposes could you prosecute - and then that user only. But you couldn't stop, say, DeCSS being part of an Open Source DVD player, because the intent there is clearly not criminal: the intent is to be able to watch the DVDs you purchased on your computer.
However, even though the USA Today article probably only skims the surface (and like everything in the popular press, is probably fairly inaccurate), there were some deeply worrying things in that article. Still - there's always Sealand!
Hacking Devices? (Score:1)
Sounds like they want to outlaw computers.
There's nothing like an overly-broad wording to turn the most well-intentioned concept into a tool of oppression.
(Though i also doubt the intent of this is entirely noble at heart.)
Carnivore World Tour (Score:2)
Does anyone else see this as obvious? If they want to regulate the import and distribution of devices used for hacking... well, obviously, you're going to have to regulate and monitor internet traffic, world-wide, just to make sure that nothing that violates this treaty is getting through.
"Sorry, folks, just passing through looking for suspicious data... really, we hate the idea of doing this; it's just so much more work for us, but hey! - it's in that damn treaty we signed. Now... your papers, please."
Tools we use (Score:1)
So I guess gcc and modperl will be made illegal? I can't vouch for anyone else, but those are the tools I use to hack.
Wait, I can see it now: "If we made keyboards illegal, then only crackers would be using keyboards." (ala NRA)
Senseless legislation. When will Lars run for Senate?
Re:Devices used for Hacking? (Score:3)
--
Hey, Great! (Score:1)
Anti-campaign? (Score:2)
Easy, now... (Score:1)
For that matter, exactly what "hacking devices" are restricted? I agree that this treaty needs to be handled carefully and has the potential to restrict legitimate uses but I wouldn't file it in the the this-is-really-bad dept just on the basis of this article. Of course, given how people are flying off the handle over the NSA backdoor story which doesn't have a shred of evidence behind it, there's certainly not much chance of perspective here.
Incidentally, I'd note this story as evidence that the cyberpunk mentality so popular here may be fun but isn't having the slightest effect on the rest of the world. I'd propose that people make a clear distiction between legitimate and illicit uses of technology and point out when legislation threatens the valid activities, instead of karma whoring about how Napster isn't a piracy tool because the RIAA is ripping off the musicians. Probably not much chance of that, either.
---------
Great. (Score:1)
No governmental organization should be making this kind of law. Nor should these 'cybercrimes' be prosecuted in any way. What's the worst thing that you can imagine? Your credit card being 'stolen?' Your identity being 'taken?'
There are definitely some very bad things that can be done to and with computers...and they are being done, by governmental organizations. They are trying to put up borders and checkpoints where none are needed, and extracting taxes for the service. Thank you, USA, for arresting me! Now let me pay my taxes so you can enforce your laws.
But it's a good thing they're doing this...if they didn't, people might get the idea that we don't need physical borders and checkpoints either. Then we'd be screwed...and what would happen to the 'criminals' who've broken other 'laws' like drug possession...they might be set free! Uh oh.
Well, it's a good thing that I still have free speech and can say this stuff...hey, where are you taking me...guys...
Frigthening (Score:1)
controversial policy adopted domestically, they
pressure an international group to adopt it,
and then bring it back to the U.S. as an
international treaty - which obliges Congress
to enact it,"
Just look at the thread before, I get frigthened at this combination, subverting software companies (to s**t at their customers), suppressing free information exchange and forbidding the usage and/or information about tools to check your system appears quite systematic to me.
will the next step be an Internet license and an allow list which information is allowed ?
Brave new world
Re:Reminder: treaties supercede constitution (Score:1)
very bad (Score:1)
This treaty is ripe with ways to abuse it. What constitutes a hacking device? A perl script that probes a network? If I run a perl script like that, by this treaty the US will have to provide a way for law enforcement to search my home and confiscate my equipement. How is qualified to judge what exactly is a hacking device.
This is very scary stuff.....
How long does it take to get sued by the MPAA?
solering irons, gdb, multimeters (Score:3)
I can hack a cuecat with a soldering iron, a screwdriver and a multimeter.
I can hack a computer program with Visual Studio (built in debugger and disassembler).
I can hack a network program with ordinary windows (netmon) or unix (tcpdump/ethereal).
I can hack a lock with a paperclip.
I can hack a mixmaster with a pointed stick.
I can hack congress with a lobbyist.
I can take G. Gordon Liddy's advice for dealing with government agents storming my house.
I can move to a free country. Or maybe I can't.
___________________________
Use a debugger - go to jail ... (Score:2)
I don't believe that. (Score:4)
No way do I believe that the Supreme Court would hold that a treaty overrides the Constitution. However, I sure wouldn't mind an amendment which holds the limitations the Constitution places on our government, and the rights and privileges recognized thereunder, override the terms of any and all treaties which are to the contrary. Even freedoms need backups.
--
Build a man a fire, and he's warm for a day.
Re:Easy, now... (Score:1)
---------
Headline: NSA sued! (Score:1)
Does this mean someone in any of the signatory countries can sue the NSA for hacking into communications? Ex-NSA Analyst Warns Of NSA Security Backdoors [slashdot.org]
Obligations to pass laws? Not (Score:1)
I found the statement in the article that the US Congress would be obliged to pass laws in support of this treaty a little disingenuous. This statement would be true if the US Senate approves the treaty. Under the US constitution, no treaty to which we are a signatory becomes legally binding until ratified by the Senate...no Administration can run off to foreign powers and conclude a treaty that gives them legislative powers. So, if they've been unwilling to pass the laws unilaterally, no signed treaty is going to make them do so any faster.
Now could the Senate ratify a treaty requiring these laws be passed? Sure, and they very well might, but they are not under any obligation to do so (look at the Chemical Weapons Convention, the League of Nations, etc...). And that is a different issue than this article implies.
Make illegal those things used in crimes (Score:2)
Re:Reminder: treaties supercede constitution (Score:1)
Thank Goodness!!!
It time that people start to realize that the only option we are going to have to balance the ever-increasing power of the multinational corporations is a ONE WORLD GOVERNMENT. Yes, I said it, and it's true. Unfortunantly, because too many of the people who are concerned for individual liberty have been bamboozled into thinking that government is the direct enemy of those rights, when in fact at least governments have to keep up some form of representation, while corporations, which have just as much ability to squash human rights, have no accountability.
Now, if you care for your own liberty, get off your ass, drop your copy of 1984, and start trying to make a difference where it really matters, in creating and strengthening a strong, corporate-checking, world government.
--
International Treaty Makes Everything Illegal! (Score:3)
This reporter, for one, is glad that he no longer has to worry about breaking the law-- it is with complete certainty that I can now say "No matter what I am doing, it is definitely illegal."
HAHAHAHAHAHAHA (Score:1)
When asked about privacy concerns with the treaty, Csonka said: "These concerns may be legitimate, but they could be raised in relation to any international treaty. Harmonization of laws is necessary to avoid a legal jungle on the Net."
Right. Keep up the good work, guys, and thank you. Hey, what are those funny red dots, are there snipers around
Importing isn't the problem (Score:1)
-------------
Re:These proposals sound resonable... (Score:3)
This law is like saying "it's illegal to posess any object that could possibly be used to kill someone".
Hint: that's very different from saying "It's illegal to kill someone".
--
Alright! This is cool!!!!! (Score:1)
Screw local or state or even federal...
I can be an INTERNATIONAL criminal!
MUAHAHAHAHAHAHAH!!!!!!
Re:very bad (Score:1)
On the contrary, your Senators are two of the 100 people in the U.S. who do have power over this, since the Senate approves treaties. So don't throw in the towel yet.
This is technological censorship, or the beginning (Score:3)
Hacking is defined as 'unauthorised data-access', what about reverse engeneering, what about writing a compatible protocol. Will 'patent infringement' be hacking? What about Sony Playstation emulators?
This is too bad. Supposedly, (just hypothatically) I find the magical holy grail of factoring primes... is that hacking? Can I publish this?
This is too bad, I thought I'd be safe from US laws here in Europe, reading slashdot I realize that all sorts of laws and lawsuits will deteriate my freedom. So this will change then?
What's next, regulations on internet protocols? Man is allowed to browse and mail, kill IRC, kill Napster, kill Gnutella?
This smells like a tool for technological censorship... will I need a license-to-programm in future?
Hummm... (Score:1)
Sounds a little too vague... very much like the CDA.
~LE
"Evil will always win, because Good is dumb" - Lord Helmet Space Balls
Could be good, could be bad. (Score:1)
A while back at a certain gov't job, we had an attacker break in. We did trace him, found out for the most part who he was and everything.
He was from a EU country, and we couldn't do *anything* about it. It was really frustrating, because what he did went far beyond just the curiosity approach that I advocate to a point.
His intent was damage, and instead of someone being punished for their crime myself and another coworker had to stay late for days digging through logs of other machines to find out how deep the damage went. That's not fair.
However this could be the worst thing that we could come up against. Depending upon how far they want to take the 'device used for hacking'.
I mean.. hell, look back to the young isreali Edin Tenebaum, aka Analyzer. That guy was funny, and aided those kids (by aiding more or less told them information they needed) to break into the pentagon.
Edin in my opinion is completely innocent. Telling someone how to shoot a gun doesn't make them an accessory to murder.
[phpwebhosting.com]
nerdfarm.org
ISP tracking? (Score:2)
The problem comes in the doublestandard that is held between the real and digital worlds, that can quite possibly bring about 1984 in a very real sense; or digital sense, if you prefer
Think about it: We can step onto a bus, get off at a stop, secretly break into a building, and do whatever it is we're doing in this example. OK, it's not the greatest analogy, but lets fly with it for a moment.
Now, for comparison, someone is using XYZ SDSL, breaks into a computer system, and does whatever they want to do. I know all the flaws with this example but just think about it -- it's hard to like the digital world with real life.
In any case, by the new laws that seem OK which are attempting to be passed, XYZ DSL service would be required to keep logs of users, users to identies, and possibly what their users are doing online. This is like the bus driver in the first example being required to take down name, addresses, and phone numbers when you get on the bus, then storing where you got off and when in a notebook. For some strange reason, the very same people who don't react to the digital laws would be screaming murder if a government tried to pass a law like this.
Just because we have the ability to packetsniff, parse, and store potentially illegal info (or notes which can help prosecute) automatically with scripts doesn't mean we should. I maintain a large office over a single T1, and I admit I am almost always sniffing and parsing the data that's going through the pipe. But I do this in a manner that is consistant with the rest of my ethics: I specificlally filter OUT (so I don't see) port 25 and port 110 traffic. I scan port 21 and 23 for the sole purpose of screaming at the people who try to use these ports *grin*. Often I find people viewing porn or whatnot, but IMHO that's there business. Even though it is against company policy I will never notify anyone of this misuse. About the only thing I do crack down on is Napster (only because of the bandwidth issue). Mainly I want an idea of what's going over my network.
What scares me is I know the government won't have such scruples. For some reason intercepting and making photocopies of letters is illegal; yet we're trying to legalize sniffing email...
Shh! Nobody knows I'm gay!
Re:Devices used for Hacking? (Score:3)
Re:Devices used for Hacking? (Score:2)
Sorry Mr. Torvalds/Mr. Johansen/etc. Your brain has been classified by our government as a munition and you are hereby denied entry into our country.
Re:Reminder: treaties supercede constitution (Score:2)
BZZT! Wrong answer. Nothing "supercedes" the constitution. Not in the U.S. nor anywhere else I'm aware of. Rather, treaties are *sanctioned* by the Constitution, and *if ratified* (e.g. signed into law by Congress/President) have the same force as any other law - subject to the same constitutional limits that any other law has.
The original poster should go back and take a remedial course in civics. Either that or go join some random right-wing kook group with their typical habit of making bald assertions that they have no clue about.
What does "device used for hacking" mean? (Score:3)
And in related news today: Axes, hatchets and machetes are now selling like hotcakes on Ebay in anticipation of the ban. (Time for another
Lizzy Bordon took an axe
and sunk it deep into a Vax.
When she saw what she had done
she turned and hacked apart a Sun. -author unknown
Council of Europe (Score:3)
Albania (address) Mr Paskal Milo, Minister for Foreign Affairs
Andorra (address) Mr Albert Pintat Santolaria, Minister for External Relations of the Principality of Andorra
Austria (address) Mrs Benita Ferrero-Waldner, Federal Minister for Foreign Affairs
Belgium (address) Mr Louis Michel, Minister for Foreign Affairs
Bulgaria (address) Mrs Nadezhda Mihailova, Minister for Foreign Affairs
Croatia (address) Mr. Tonino Picula, Minister for Foreign Affairs
Cyprus (address) Mr Ioannis Kasoulides, Minister for Foreign Affairs
Czech Republic (address) Mr Jan Kavan, Minister for Foreign Affairs
Denmark (address) Mr Niels Helveg Petersen, Minister for Foreign Affairs
Estonia (address) Mr Toomas Hendrik Ílves, Minister for Foreign Affairs
Finland (address) Mr Erkki Tuomioja, Minister for Foreign Affairs
France (address) Mr Hubert Védrine, Minister for Foreign Affairs
Georgia (address) Mr Irakli Menagarishvili, Minister for Foreign Affairs
Germany (address) Mr Joschka Fischer, Minister for Foreign Affairs
Greece (address) Mr Giorgos Papandreou, Minister for Foreign Affairs
Hungary (address) Mr János Martonyi, Minister for Foreign Affairs
Iceland (address) Mr Halldor Asgrimsson, Minister for Foreign Affairs
Ireland (address) Mr Brian Cowen, Minister for Foreign Affairs
Italy (address) Mr Lamberto Dini, Minister for Foreign Affairs
Latvia (address) Mr Indulis Berzins, Minister for Foreign Affairs
Liechtenstein (address) Mrs Andrea Willi, Minister for Foreign Affairs
Lithuania (address) Mr Algirdas Saudargas, Minister for Foreign Affairs
Luxembourg (address) Mrs Lydie Polfer, Deputy Prime Minister, Minister for Foreign Affairs, External trade.
Malta (address) Mr Joe Borg, Minister for Foreign Affairs
Moldova (address) Mr Nicolae Tabacaru, Minister for Foreign Affairs
Netherlands (address) Mr Jozias van Aartsen, Minister for Foreign Affairs
Norway (address) Mr Thorbjørn Jagland, Minister for Foreign Affairs
Poland (address) Mr Bronislaw Geremek, Minister for Foreign Affairs
Portugal (address) Mr Jaime José Matos Gama, Minister for Foreign Affairs
Romania (address) Mr Petre Roman, Minister for Foreign Affairs
Russian Federation (address) Mr Igor Ivanov, Minister for Foreign Affairs
San Marino (address) Mr Gabriele Gatti, Minister for Foreign and Political Affairs
Slovak Republic (address) Mr Eduard Kukan, Minister for Foreign Affairs
Slovenia (address) Mr Dimitrij Rupel, Minister for Foreign Affairs
Spain (address) Mr Josep Pique i Camps, Minister for Foreign Affairs
Sweden (address) Ms Anna Lindh, Minister for Foreign Affairs
Switzerland (address) Mr Joseph Deiss, Head of the Federal Department of Foreign Affairs
"the former Yugoslav Republic of Macedonia" (address) Mr Aleksandar Dimitrov, Minister for Foreign Affairs
Turkey (address) Mr Ismail Cem, Minister for Foreign Affairs
Ukraine (address) Mr Borys Tarasiuk, Minister for Foreign Affairs
United Kingdom (address) The Rt. Hon. Robin Cook, MP, Secretary of State for Foreign and Commonwealth Affairs
___________________________
goodbye (Score:2)
right?
FluX
After 16 years, MTV has finally completed its deevolution into the shiny things network
Re:Reminder: treaties supercede constitution (Score:2)
- This Constitution, and the laws of the United States which shall be made in pursuance thereof; and all treaties made, or which shall be made, under the authority of the United States, shall be the supreme law of the land; and the judges in every state shall be bound thereby, anything in the Constitution or laws of any State to the contrary notwithstanding.
I think that means: constitution first, state laws second, treaties third? That hurts my head to read.--
Knock Knock... (Score:2)
Re:I don't believe that. (Score:2)
The consitution WAS supposed to be a backup to the freedom provided by democracy, IIRC. A way to prevent the servants of the people from taking over. Unfortunately, the Republicans and Democrats have shown repeatedly that they don't care what it says, they're going to do WTF they want.
-RickHunter
Re:Reminder: treaties supercede constitution NOT (Score:5)
Article 1, Section. 10,Clause 1: No State shall enter into any Treaty, Alliance, or Confederation; grant Letters of Marque and Reprisal; coin Money; emit Bills of Credit; make any Thing but gold and silver Coin a Tender in Payment of Debts; pass any Bill of Attainder, ex post facto Law, or Law impairing the Obligation of Contracts, or grant any Title of Nobility.
Article 2, Section 2, Clause 2: He shall have Power, by and with the Advice and Consent of the Senate, to make Treaties, provided two thirds of the Senators present concur; and he shall nominate, and by and with the Advice and Consent of the Senate, shall appoint Ambassadors, other public Ministers and Consuls, Judges of the supreme Court, and all other Officers of the United States, whose Appointments are not herein otherwise provided for, and which shall be established by Law: but the Congress may by Law vest the Appointment of such inferior Officers, as they think proper, in the President alone, in the Courts of Law, or in the Heads of Departments.
Article 3, Section 2, Clause 1: The judicial Power shall extend to all Cases, in Law and Equity, arising under this Constitution, the Laws of the United States, and Treaties made, or which shall be made, under their Authority;--to all Cases affecting Ambassadors, other public Ministers and Consuls;--to all Cases of admiralty and maritime Jurisdiction;--to Controversies to which the United States shall be a Party;--to Controversies between two or more States;--between a State and Citizens of another State; (See Note 10)--between Citizens of different States, --between Citizens of the same State claiming Lands under Grants of different States, and between a State, or the Citizens thereof, and foreign States, Citizens or Subjects.
And the kicker:
Article 6, Clause 2: This Constitution, and the Laws of the United States which shall be made in Pursuance thereof; and all Treaties made, or which shall be made, under the Authority of the United States, shall be the supreme Law of the Land; and the Judges in every State shall be bound thereby, any Thing in the Constitution or Laws of any State to the Contrary notwithstanding.
___________________________
Re:Devices used for Hacking? (Score:2)
Will computers be illegal? No
Will encryption tools be illegal? Maybe, or restricted
Will security tools that can be used for hacking be illegal? Most likely
This is one of the worst laws I have heard of...
We need to let our government know that it is not OK with us!
Another problem is what they consider hacking. Is ping flooding someone hacking? Maybe cracking a box? How about modifying an executable file... No more hex editors, they are a "hacking tool"
This could be the loss of freedom on the net as we are used to it now.
Re:Drawing the line (Score:3)
a. the production, sale, procurement for use, import, distribution or otherwise making available of:
1. a device, including a computer program, designed or adapted [specifically] [primarily] [particularly] for the purpose of committing any of the offences established in accordance with Article 2 - 5;
2. a computer password, access code, or similar data by which the whole or any part of a computer system is capable of being accessed with intent that it be used for the purpose of committing the offences established in Articles 2 - 5;
a. the possession of an item referred to in paragraphs (a)(1) and (2) above, with intent that it be used for the purpose of committing the offenses established in Articles 2 - 5. A party may require by law that a number of such items be possessed before criminal liability attaches.
Sounds just like the DMCA's defintion [cornell.edu] about what a copyright infringement device is. So this type of law now will extend from only covering copyrights to covering anything that was intentionally locked. Which would probably cover the CueCat (keep those articles coming!)
(please note: offline lockpicks are not illegal. online ones will be illegal soon.)
--
Re:More than just the US and EU (Score:3)
--
-Why- this is bad... (Score:4)
People with access to information must make all reasonable effort to provide it to the authorities. Ie, 'We need to see all your server logs because we think the cracker routed through your network' or 'We need your entire anonymous remailer database so we can do traffic analysis to determine which 17 accounts belong to the cracker'; With a warrant... without... ? Will it be a 'crime' to not turn over this information on request? (Well, not for long in the USA but who knows about other countries; the courts will make sure warrants and/or subpoenas are still required to coerce information, but it could take time if the law isn't written that way.)
'Cracker Tools' being outlawed; to draw an analogy, 'lets outlaw drills because they can be used to drill out lock cylinders and gain entry into people's houses!' Uhm. What's a 'computer hacking tool' anyway? Netcat? I'm using it right now to test ftp protocols by hand. nmap? I use it to check that I didn't miss any ports when locking down a box. Nessus? Satan? They'll tell you exactly where a machine is vulnerable. Your machine, somebody else's machine, how are they supposed to know? (Actually, with Nessus you already have to be inside the target to use it, though I'm sure it could be used as a codebase to start a dedicated cracking tool.) My point is, run a security 'auditor' in combination with a 'stealth' portscan and compile a handful of 'demonstration' exploits from securityfocus and you've got yourself a handy-dandy skr1pt k1ddy level cracking-kit built out of security admin tools. Never mind the prior restraint/free speech issues implied since code is text is speech, dammit.
'Illegal to do unauthorized access'
If you ask me, the only 'computer crime' law we need is to make it illegal to destroy or alter information on a computer that you don't have authorized access too, (where 'alter' does not include doing things that generate log entries, etc, etc, long list of exceptions to describe normal behaviour). Yeah, this means if someone cracks your computer without overwriting files or anything nasty like that (like, maybe they sniff your in-the-clear telnet or ftp password transmission...) that you can't do jack about it in court, but so what?
Everyone always wants to draw parallels to the real world: In the real world you don't arrest people for walking into the lobby; you don't arrest people for using the bathroom without buying anything even though it says 'customers only'; you don't arrest people for looking in through the window of a jewelry store or even rattling the cage over the windows. You -do- arrest people for spray painting on the walls of the bathroom or for throwing a brick through the window of the jewelry store and running off with a pocketful of diamonds. Where the access lines between 'use' and 'abuse' are is entirely too vague and if we're not careful the government(s) will write up a set of laws that making any new network protocol illegal - not by intent, but because they're politicians and lawyers, not engineers, and won't know the implications of what they're writing! (Presumably they have enough technical advisors to know the -explicit- meaning of what they're writing, but long term implications are another matter.)
Any-way. The article is very vague; maybe safeguards are being built in to prevent the worries I describe; maybe they aren't; maybe they're penciled in but maybe they'll get erased; keep an eye on it, anyway, because it is -not- 'mostly harmless'.
--Parity
Re:These proposals sound resonable... (Score:2)
A problem right now with internet crime is jurisdiction. Without treaties, it's unclear how international unauthorized access should get handled -- especially since different nations have different ideas on what is or is not illegal, let alone different judicial systems and standards. It's probably a good idea to formalize guidelines...
Re:These proposals sound resonable... (Score:2)
Computer security isn't developed very much yet, and this law will probably encourage admins to be lazier. And the only people who will have hacking skills worth mentioning will be the criminals.
If hacking were allowed to go on for a few more years, most of it would be innocent. During that time, defense strategies would be refined, allowing our overall security to be actually stronger, rather than legally stronger (which isn't worth much).
--
US Treaties supercede STATE not US constitutions! (Score:2)
Article 6, Clause 2: This Constitution, and the Laws of the United States which shall be made in Pursuance thereof; and all Treaties made, or which
shall be made, under the Authority of the United States, shall be the supreme Law of the Land; and the Judges in every State shall be bound thereby,
any Thing in the Constitution or Laws of any State
^^^^^^^^^^^^^^^^^^^^
to the Contrary notwithstanding.
The obvious interpretation of this is that a
treaty supercedes a STATE law or STATE constitution. Any other inerpretation simply makes no sense.
PeterM
Re:Reminder: treaties supercede constitution (Score:3)
'The constitution, and laws made by the rules of the constitution, and treaties made by the USA, together make up the supreme law, and all judges are bound by it, no matter what the state laws and state constitutions of the individual states may say.'
Or in other words, the constitution + federal law + treaties are bigger and badder than state laws and state constitutions; it doesn't say where treaties are relative to the federal constitution... though since the only thing that gives treaties power is the constitution -saying- they have power, there's a certain implication there...
--Parity
Re:Drawing the line (Score:2)
Additional clauses were added for forgery, fraud, kiddie porn, and copyright infringement on a computer.
--
Re:I don't believe that. (Score:2)
Which, by your thesis, will also be ignored. If 'they' are using the original one for toilet paper, what's going to make 'them' respect a new one? If a new constitution is enforceable, why don't we just enforce the one we have?
Re:Scary point - I have to say it... (Score:2)
2) this law = can't sell/make/link-to debugers or compilers if they're primarily advertised as cracking devices.
--
Re:I like it! (Score:2)
--
Who is "He"? (Score:2)
You left out Article II section 1, which specified that "He" is the president. Out of context and coupled with the constitution's peculiar capitalization, it reads like we're talking about the Divine One, who's free to enter into any damn treaties He pleases, I suppose. Perhaps that's what's missing from this treaty: a little divine intervention. I wouldn't want to be in Brussels or Washington when the helfire and brimstone comes a-raining down like on Sodom and Gomorrah of yore, smiting the corrupt tribes of Europe and USiA for this latest of ther abominations.
Re:Reminder: treaties supercede constitution (Score:2)
Yes, those kooky right-winger cut-ups. With their assertions about being the inspiration of Love Story, their mothers-in-law paying more for health care than their dogs, being lulled to sleep at age 27 by the "Look for the Union Label" song, and Clinton being the one of our "greatest Presidents." What a bunch of idiots.
The UK is a great example of this in action (Score:2)
Spaf's Comments (Score:2)
As leading security practitioners, educators, vendors, and users of information security, we wish to register our misgivings about portions of the Council of Europe draft treaty on Crime in Cyberspace.
We are concerned that some portions of the proposed treaty may inadvertently result in criminalizing techniques and software commonly used to make computer systems resistant to attack. Signatory states passing legislation to implement the treaty may endanger the security of their computer systems, because computer users in those countries will not be able to adequately protect their computer systems and the education of information protection specialists will be hindered.
Critical to the protection of computer systems and infrastructure is the ability to
System administrators, researchers, consultants, and companies all routinely develop, use, and share software designed to exercise known and suspected vulnerabilities. Academic institutions use these tools to educate students and in research to develop improved defenses. Our combined experience suggests that it is impossible to reliably distinguish software used in computer crime from that used for these legitimate purposes. In fact, they are often identical.
Currently, the draft treaty as written may be misinterpreted regarding the use, distribution, and possession of software that could be used to violate the security of computer systems. We agree that damaging or breaking into computer systems is wrong and we unequivocally support laws against such inappropriate behavior. We affirm that a goal of the treaty and resulting legislation should be to permit the development and application of good security measures. However, legislation that criminalizes security software development, distribution, and use is counter to that goal, as it would adversely impact security practitioners, researchers, and educators.
Please do not hesitate to call on us for technical advice in your future deliberations.
I guess the treaty would, at the very least, make a significant part of the Bugtraq mailing list illegal.
Also note that I don't think they're only asking for an academic exclusion. If corporations want to do internal testing, they would need exceptions also. And individuals... and...
--
No, treaties DON'T override the constitution. (Score:3)
That is incorrect. It's a very common error, and comes from misparsing the sentence. The same misparsing could be used to say that federal law overrides the constitution, or that the constitution overrides itself.
What it REALLY says is that the (federal constitution, federal laws, and treaties) override state (constitutions and laws).
Re:Drawing the line (Score:3)
This depends on where you are. In the U.S. the common case seems to be that it is legal to carry potential "burglar tools" such as keys, picks, crowbars, jacks, bricks, etc., but use of such tools to commit a crime is a crime in itself. Call your local library, district attorney, police department, or your own attorney to be sure. Possession of potential "burglar tools" can be be used as evidence against you if you are found in incriminating circumstances. An example of a state law can be found in the Viginia State Code: Section 18.2-94 _Possession of burglarious tools, etc._ "If any person have in his possession any tools, implements or outfit, with intent to commit burglary, robbery or larceny, upon conviction thereof he shall be guilty of a Class 5 felony."
Note that the prosecution has to prove "intent". However, the law continues: "The possession of such burglarious tools, implements or outfit by any person other than a licensed dealer, shall be prima facie evidence of an intent to commit burglary, robbery or larceny." This means that the possessor can have a bit of an uphill battle and has to convince the jury that this 'prima facie evidence' is misleading.
Places where it *is* illegal to carry lock picks: The District of Columbia, New York State and Illinois. New Jersey law appears to make these illegal if they can work motor vehicle locks. There may be many other places as well (such as Canada, Maryland and California.) It can be hard to tell since the relevant laws can be dealing with burglary, motor vehicles or locksmith regulation, etc. This emphasizes the importance of finding out for *your* area - and determining the applicability to *your* circumstances (e.g., locksmith, full or part-time), repo worker, building maintenance worker, ...
--
Almost... (Score:2)
I don't believe it for a minute. The Constitution holds that treaty law should be held as equal to itself.
Close, but no seegar. The section you're referring to actually says that any of (the federal constitution, the federal laws, treaties) trumps any of (state constitutions, state laws) in any court case.
THAT section doesn't say anything about the relative strength of the federal constitution, the federal laws, and treaties.
However: laws, treaties, and constitutional amendments are authorized, and their manner prescribed, by the constitution. And the bar is much higher for amending the constitution than it is for either making a treaty or making a law. So it should be pretty clear that treaties, like laws, haven't qualified as constitutional amendments and thus neither treaties nor (federal) law trumps the (federal) constitution.
Rape! (Score:2)
Re:Reminder: treaties supercede constitution (Score:2)
Actually, it is not equal to the constition. It's just that it's a member of the set of federal things (constitution, laws, treaties) that override state things (constitutions, laws).
Here is the copy.... (Score:2)
Re:-Why- this is good... (Score:2)
Because it outlaws pretty much every OS Microsoft have ever produced and, for that matter, Novell prior to (if memory serves) 4.11.
They're perfect cracking tools. You just have to persuade your target to install them, and the poor fools are wiiiiiide open.
Re:"when committed intentionally" (Score:2)
Okay. Let's say they recorded traffic at a backbone. An OC-48. 5Gbps. That's 52TB of data in one day. I guess that's not terrribly prohibitive...?
--
Re:hmmm... (Score:3)
Owning computers, compilers, debuggers, and the like will be legal - until you do something with them that some government agency or big company doesn't like. Then they will call it "hacking" and the fact that you have those tools will be proof that you are a criminal.
Under a law like this, the people that reverse engineered CueCat could be charged with possession of hacking tools - the same software that millions of other people have - but their knowlege and application of those tools will magically make the tools themselves illegal.
I figure it will be time to leave the US and move to a free country in about 5 years at the rate things are going. Hope there are some free countries left by then.
Torrey Hoffman (Azog)
Well, that's fucked up the Federal Reserve Bank .. (Score:2)
(Hint: The Federal Reserve Bank is a privately held organization...)
...but not quite... (Score:2)
Actually, read it again. The way I look at it, it seems as though it provides a clear hierarchy. State constitutions trump state laws. Federal law trumps state laws. Treaties trump federal law. And finally, the Constitution trumps everything else, at least as far as the US is concerned.
Of course, technically the government is forbidden to ratify any treaty that would conflict with the Constitution, but go figure; that provision has been ignored for how many years?
----------
"Hacking" is not in the proposed treaty. (Score:4)
The treaty explicitly defines the classes of crimes in question.
There's some bad stuff in there. But it's not QUITE as bad as the article makes it sound.
(One example is the section on seizure, which includes deliberatly denying access to the siezed data.
In the US, seizure as part of a search is supposed to be only to preserve evidence. Denial or disruption of access to the seized material is only authorized when it's an unavoidable consequence of preserving the evidence, and copies of the data siezed must usually be made available to the data's owner at some point in the proceedings.)
I'm scared, please don't take... (Score:2)
(Offtopic) - Banning Raping equipment (Score:2)
Nah, you don't do that sort of thing all at once.
You start small, like being required to 'register' the equipment. Hmmmm....looks like my birth certificate already takes care of that part.
The next step then, is to ban "assault" versions of the equipment. In this context, I suppose this means either equipment over a certain length, or equipment that produces or can handle "assault" concentrations of testosterone....
Once that's in place, we just institute a "buy-back" program which allows owners of the equipment to sell it to the Government (presumably this means taxes go up to pay for nationwide 'sexual reassignment' surgery....) Those who hold out on this will have their equipment taken by force later on.
Okay, I'll stop. I'm starting to scare myself, and I don't want my legislators to think I'm serious and start getting ideas...
Joe Sixpack is dead!
Re:No, treaties DON'T override the constitution. (Score:4)
Reid v. Covert (1957) Supreme Court [puertorico51.org]
- When the United States acts against its citizens abroad, it can do so only in accordance with all the limitations imposed by the Constitution, including Art. III, 2, and the Fifth and Sixth Amendments. Pp. 5-14. [354 U.S. 2]
Commentary on the case here [pitt.edu].--
Re:Reminder: treaties supercede constitution (Score:2)
You are obvously a member of one of those completely utterly clueless rightwing groups.
It's rather off-topic to the original article, but in the general interest of Slashdot's "News for Nerds, Stuff that Matters", allow me to grant you some small fraction of a clue you so desperately desperately need.
To wit: Al Gore once said he was the model for the main characters in Erich Segal's 1970 romance novel Love Story. The truth: Al Gore based his account on an article in the Nashville Tennessean. Segal says the newspaper "exaggerated" the connection to the Gores. He says the protagonist was a combination of Gore and his college roommate, actor Tommy Lee Jones.
The song Gore actually heard as a bedroom lullaby: "Don't Forget the Union Label". He got the titles confused.
Clinton being one of our greatest president? That's a judgement call. But he didn't get us in any wars, and wasn't suffering early Alzheimers in office either.
We now return to our regularly scheduled clueless whining.
Re:equal != supercedes (Score:2)
The President could not enter into a treaty to revoke the 1st amendment.
___________________________
Re:I don't believe that. (Score:2)
Re:equal != supercedes (Score:2)
Come on guys, I know the style is a little archaic, but it's not like it's Middle English...
Argh! Please, no loophole! (Score:2)
However, I'm not not so sure that that means what I thought it meant, either way, due to the "notwithstanding." That word means "in spite of." Essentially, the constitution can be repealed via treaty if that's what it means, which scares me and pisses me off. People like Clinton study COnstitutional Law just to find loopholes in it and ways around it. Treaty would be the mother of all loopholes.
The idea that nothing supercedes the U.S. Constitution is familiar; here's a couple of links I just dug up:
http://citizens.reagan.com/rig ht/ no-irs/helms.htm [reagan.com]
http://www.aei.org/past_event/conf12 09b
Can you provide an explanation of how treaties can supercede the U.S. Constitition as the supreme law of the land? Could the fifth amendment, for example, be nullified by treaty? Wouldn't that constitute a change to the consitution which the states would have to ratify?
___________________________
Re:I don't believe that. (Score:2)
Take the Strict Construction Cure! Make the government stop doing anything not authorized explicitly by the Constitution!
___________________________
Re:Reminder: treaties supercede constitution (Score:2)
Um... yes he has. Quite a number, actually.
___________________________
Ethnic Gang Rape of Imprisoned "Hackers" (Score:2)
U.S. Supreme Court Justice Harry A. Blackmun,
Farmer v. Brennan
This statement by a United States Supreme Court judge was made before prisons had become a primary breeding ground for AIDS, not to mention Hepatitis-C (which is at 40% of inmates in California prisons).
There is a false myth being promulgated by a woman named Carolyn Meinel, "the Happy Hacker" [dis.org] that young hackers are not subject to sexual exploitation in Federal prisons. Carolyn Meinel has been published as lead author for such establishment magazines as "Scientific American" concerning computer security, makes frequent use of the FBI's services and is rumored to have been in the pay of the FBI on more than one occasion.
The truth is, rape of young men in Federal prisons is not as frequent as it is in some of the worst state prisons, but is more directly targeted by US Government authorities themselves.
Assistant U.S. attorney Gordon Zubrod from Harrisburg, PA made the following public statement to 3 suspects who fled to Canada (this statement was captured for the public record during a Canadian Broadcasting Corporation interview):
"You're going to be the boyfriend of a very bad man if you wait out your extradition."
Here are a couple of letters written by young men to the late Steven Donaldson, the dead founder of Stop Prisoner Rape [spr.org]:
I was raped by an inmate that was assisted by an federal correctional officer [at FCI Memphis, Tennessee]. I have attempted to file a law suit in the matter, but with no money and without the legal knowledge to pursue a legal confrontation, I was simply forced to accept what happened to me as if it was the normal thing to do/or happen.
The incident was also investigated by the Office of Internal Affairs. The officer was then fired and I was simply transfered.
It is hard for alot of rape victims to seek help from the prison law assistance without the other inmates becoming aware of the fact that a male has been raped. Once this information has been set out there, the rape victims become victims of another type. This could be the reason that many cases such as min[e] never even reaches a court of law, simply becasue we can not initiate this kind of legal process without the help of other inmates. There are some inmates that have been raped in prison that cant even read. Not to mention the mere shame that comes with having your manhood stripped away as concieved by other male prisoners, so it becomes something that is hidden in your past if you are transfered to an institution where it is not known.-Valgene Royal, San Pedro, California
From Royal's BP-10 administrative appeal: "On July 3, 1991 I was laying in my bed sleeping in disciplinary segregation, when I was awakened by my door being unlocked, at which time an inmate entered my room and appeared at my bedside. The officer that let the inmate into the room left and locked the door before I could identify him. The inmate forced himself on me and proceeded to rape me....Eventually an officer whom I was able to identify...let the inmate out of the room and locked the door back and they left together.
[Royal reported the rape and was moved to the prison hospital.] I remained in the hospital cell from July 3th until July 9th, 1991 without being allowed to shower or exercise....On a few occasions I was only fed once a day....A F.B.I. polygraph examiner verified my claim `via' polygraph examine." [Royal was kept in segregation involuntarily even after his disciplinary time expired and both the attacker and the officer involved had been transferred from the institution.]
And another:
In 1986, at the age of 20...I pleaded guilty to one count of bank fraud....On March 14, 1987, while sun-tanning on a hill away from [the federal prison camp at Lompoc, Calif.], [Tony] Armstrong and his two friends approached me. I was tackled and punched in my gut. I couldn't scream for help because I had the wind knocked out of me. I struggled and twisted, trying to get free, then I was hit and almost became unconscious. They raped me. After they were through, they said that, if I complained to the authorities, I would be killed. No matter where I went, they, or their gang members, would be able to kill me. Later, at dinner, Armstrong and his friends came over to my table and warned that they wanted to rape me again that night. I believed them because we lived in dorms and could move freely. The rape resulted in a large triangular piece of skin being torn off near the base of my tail bone. I still have a scar.
At 5:30 a.m., on March 15, 1987, I escaped by walking away from Camp. There were no fences around the camp.
Three months after I was raped [having been rearrested May 4 or 5 and incarcerated at VCI Terminal Island] I tested positive for HIV in a routine medical check up. This test was the first test among other routine ones in which I tested positive.
While at FCI Terminal Island, I wrote to...the Bureau of Prisons...My letter contained complaints about the amount of protection given to inmates from other inmates....[2 ½ weeks later] prison authroities asked if I had written the letter. I said that I did. The guard, Lieutenant Webb, at that point (and other times) mocked me and said that I should stop complaining and that I "should take it like a man." Other prison guards also made derogatory remarks. I was immediately placed in solitary confinement for over 100 days (January to April) "for my own protection."-Kevin Borkowski, California
Obscene are the arguments about whether any of the things the government does: treaties, taxes, etc., are "constitutional". Clearly it is well beyond the stage where the US Government gives your rat's ass to one of their civil sodomites whether or not anything they do is "constitutional" in the slightest. The only thing they care about is whether they can get away with what they want to do -- and, since their authority is based on criminal conduct at its very root, this has much more to do with who has the power than who has the law on their side.
The message the US Government is sending via its well-targetd prisoner rapes in Federal "corrections" institutions is clear:
Acquire power now.
Acquire power before they come and batter your door down and take you off to be gang raped by their alpha disease vectors "just to show you who's boss". You should be prepared to defend yourself from these murderous sexual sadists posing as "law" enforcement officers by whatever means necessary.
Since the US Government has taken to pitting ethnic groups against each other in prisons as a means of enhancing the degree of torment and control of prisoners, the primary means of defense, if you are black, Hispanic, Asian, Jewish or Italian, is to make sure you have friends who are connected with gangs of your ethnicity so that when you enter prison you can be protected from the other ethnic gangs. Be sure you have access to lots of money in the bank to provide insurance payments [geocities.com] to your ethnicity's gang.
Unfortunately, most young "hackers" are Protestant heritage men who, as a result of that ethnicity, have an even bigger problem in prison:
With the encouragement of the prison system, young Protestant men (especially ones with light-hair color) are considered "prime chicken meat" by other ethnic gangs and the only gangs you can seek out for protection are those targeted by legislation as "terrorist hate groups" and receive correspondingly intense scrutiny, infiltration and even covert control by Federal authorities. Get anywhere near one of those groups and you are almost certainly going to run directly into an FBI operative as one of your first contacts within the group. Some of these under cover FBI operatives pad their reports out to make it look like they are doing some "good" for their civil sodomite paycheck. Furthermore, those Protestant ethnicity gangs are singled out in the prison system for suppression of their activities. In many prisons you can't even get a copy of the Poetic Eddas (a pre-Christian book of religious mythology from tribes that later became Protestant) because it is deemed "hate literature" by the government. Political asylum in other countries is a possibility, but once you have been labeled a "neoNazi" or "white supremacist" by any western country, you effectively lose your rights to political asylum anywhere in the West -- unlike those who are declared by the US Government to be members of gangs of ethnicities other than Protestant heritage.
PS: Setting up alternative monetary systems like DBarter [dbarter.com] can't hurt either. If they want to back their money with protection from the very threats they create [geocities.com], then it is high time to dispense with their monetary system.
Don't panic Mr Mainwaring (Score:2)
The US and UK (and probably other countries) already have laws banning trade in devices used for hacking and other criminal purposes. AIUI in the US the usual test is lack of "substantial lawful purpose" or something along those lines. The treaty doesn't set down detailed rules for this, it just commits the countries in question to have some law on the books which covers that subject.
Similarly for the provision of information. The treaty doesn't set out criteria for warrants: that is a domestic matter. It merely requires the signatory countries to have some kind of law on the books which enables the police to get at computer data.
Recall the problem with the virus author in the Phillipines who couldn't be prosecuted because the Phillipines didn't happen to have an anti-virus law on the books? This treaty is intended to avoid that kind of situation.
Paul.
(BTW "Mainwaring" is pronounced "Mannering", as every Dad's Army fan will know)
That's not the law -- Constitution uber alles! (Score:2)
The constitution doesn't say so, and neither does the most applicable case law. The Supremacy Clause reads as follows:
Thus, a treaty is no more immune from Constitutional scrutiny than is any other "law[] of the United States which shall be made." While treaties (and federal law) are CLEARLY given special treatment as supreme law over that of states, the Constitution has special overriding status, and the Supreme Court has stated so clearly in several cases. See, e.g., Missouri v. Holland, 252 US 416 (1920) ("a treaty cannot be valid if it infringes the Constitution").
Re:Don't panic Mr Mainwaring (Score:2)
It's the act of crime that's illegal, not the weapon itself. What's wrong with that?
I don't know, maybe they scale things back to allowing people to be licensed virus carriers, since viruses do have ligitimate uses. There are very few of them (eg. making sure your antivirus tool actually works, studying viruses, making an antivirus tool...), but they aren't insignificant uses. Especially the antivirus tester.
--
Re:Reminder: treaties supercede constitution (Score:2)
Re:The UK is a great example of this in action (Score:2)
Re:Devices used for Hacking? (Score:2)
Still, Ma and Pa Piddioit are out there..
Re:SOMEONE BETTER READ THIS!!! When In the course. (Score:2)
http://www.censorthis.net/cybercrime.html [censorthis.net].
Re:Yeah, but.... (Score:2)
Actually, no; I'd make sure we kept the curtains drawn (my online journal encrypted); unless you mean he was in the yard right up at the window? Then yell at him to get the hell away (kill the process of the intruder and change the passwords he/she got).
Now, if the peeping time broke into the house and planted a camera and 'fixed' the locks so he could get in any time, then I'd call the police; and in the analogy, damage would have been done to the computer system - software 'damaged' with insertion of backdoors, etc.
In the real world we don't have a law against looking in through somebody's window, though we do have laws against stomping across the yard and climbing into the azalea bushes to peer through the cracks in the curtains...
People behave reasonably in the real world; they -don't- call the cops because someone looks out their bedroom window and into yours, or because somebody walked across the corner of the yard and happened to glance into the living room window (even though you could technically say it's trespassing, maybe... sort of...); people want to make the analagous behaviours in the online world felonies, and people are -not- reasonable about it. There are people out there who would (And even try to with current laws!) try to take someone to court for ftping to their machine. (Kinda like insisting the police arrest someone for 'trespassing' when they pulled into your driveway by accident mistaking it for their friend Bill's house... )
Anyway; if ten years from now, we see that certain loopholes have been left in the legislation, we can close them, but remember - tampering with logs to hide your presence would count as damaging the machine, adding accounts and backdoors makes the machine less secure and is damaging the machine... just about any conceivable 'cracking' attack will at some point 'damage' the machine... a portscan or an attempt to ftp in or whatever are harmless and shouldn't be criminalized, -that's- what I'm saying. (And if someone cracks your machine without fixing the logs you can just block their host forevermore since you know exactly who they are!)
Anyway. It's much easier to -add- legislation to solve a problem and it's much -harder- to undo draconian legislation, so it's much, much better to add laws for 'digital crimes' slowly and carefully and without any sweeping gestures that might outlaw lots of legitimate activity.
--Parity
Re:-Why- this is bad... (Score:2)
In the online-world we have no such agreements. So what I'm saying is, don't make 'trespassing' or 'entering' a crime, only make 'breaking' a crime; at least so long as we -don't- have a society-wide agreement about where the lines are.
--Parity