Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Electronic Frontier Foundation Crime Government The Courts United States

EFF Warns of Harsher CFAA (eff.org) 44

Posted by EditorDavid from the 30-year-old-laws dept.
An anonymous reader writes: The Computer Fraud and Abuse Act is "vague, draconian, and notoriously out of touch with how we use computers today," warns the EFF. But instead of reforming it, two U.S. Senators "are on a mission to make things worse..." The senators' proposed Botnet Prevention Act of 2016 "could make criminals of paid researchers who test access in order to identify, disclose, and fix vulnerabilities," according to the EFF. And the bill would also make it a felony to damage "critical infrastructure," which may include software companies and ISPs (since they're apparently using the Department of Homeland Security's definition).

The harsher penalties would ultimately give prosecutors much more leverage for plea deals. But worst of all, the proposed bill even "empowers government officials to obtain court orders to force companies to hack computer users for a wide range of activity completely unrelated to botnets. What's worse is that the bill allows the government to do this without any requirement of notice to non-suspect or innocent customers or companies, including botnet victims... These changes would only increase -- not alleviate -- the CFAA's harshness, overbreadth, and confusion."
The CFAA was originally written in 1986, and was partly inspired by the 1983 movie "WarGames".
This discussion has been archived. No new comments can be posted.

EFF Warns of Harsher CFAA More

EFF Warns of Harsher CFAA

Comments Filter:

  • The Senators in question are (Score:4, Informative)

    by Kobun ( 668169 ) on Saturday May 28, 2016 @08:39AM (#52200927)
    Sens. Sheldon Whitehouse (D) and Lindsey Graham (R). Remember that "bipartisanship" is a Newspeak term that roughly translates to "Two sides of the same coin double plus good".

  • You all know what needs to be done.

    • Yes, but I think it's still illegal to blow up large parts of Washington D.C.

      • We can purge the entire House of Representatives perfectly legally without blowing anything up. The choice is ours.

        • Cute. He believes elections can change anything.

          If they could, they'd have been outlawed by now.

          • Nobody can win without your votes. If you want to vote for big money, that is your choice. Same goes for everybody.

            • Oh yeah, and if we all stop shopping at $company to show them we hate them for $policy_change we can make them take it back!

              Keep on dreaming.

              • Just just defeatist. Best not to do anything I guess, right? Oh well, as long as you aren't one of the crybabies out there complaining about the big bad government/corporation....

                ...The world continues to deteriorate.
                Give up!


  • Registration of security researchers
    Security researchers provides a valuable service. Why not establish a professional association, establish codes of conduct, and a method to register professionals. These professionals could submit proposals for pen testing, security scans, etc. to the professional organization and they would be held in private from others. In the event an incident comes up the government would contact the professional association and they would check if a registered professional is

    • Question for 100: How would you become such a professional? It's not like you're born a hacker, ya know...

    • Because going "we don't do X' means there are, automatically swaths of vulnerabilities that are ignored.

      These researchers' jobs are to think like bad guys. An sure ad shit, bad guys have no such limits.

    • Re: (Score:2)

      by Clomer ( 644284 )
      The problem I see with this is that sometimes security vulnerabilities are accidentally found by people that aren't even looking for them. Such a person should be able to report the vulnerability without fear of legal reprisal, but the current legal landscape makes that impossible.

  • This is just another tool to use against people that the authorities don't like. This gives them another peg on which to hang you.

    Perhaps your fiddling around on the net probing stuff or finding a vulnerability on a website wasn't explicitly a crime before, but now....now it is. And the penalties will be harsh, count on it. Expect the word "terrorism" to be in there somewhere as well.

  • Systematic subversion of the rule of law (Score:5, Insightful)

    by karlandtanya ( 601084 ) on Saturday May 28, 2016 @11:21AM (#52201457)

    TLDR: You can't control an innocent man.

    "...much more leverage for plea deals..."

    The 'rule of law' means that the law is supreme. Not the guy wearing the uniform that week or the guy sitting in the oval office that year or the guy wearing the robe. The rule of law is meant to keep the *person* charged with the duty to serve the public from abusing the power they were given along with that duty.

    This is the point, right here. Making 'hacking' 'security research' or even ordinary computer use illegal is not the point. The point is to make *everything* illegal. Nobody, including law enforcement, gives a rat's butt whether you abused or frauded a computer or if you botted a net.

    Law enforcement knows who the bad guys are, they always have--it's their job. The problem is all these civil liberties and protections for the accused make their jobs--protecting you--damned near impossible.

    Solution--you're all criminals. We've got a job to do, and we understand you don't like part of it. Maybe part of it is you paying a fine, turning over some information, or even going to jail. You're going to do it because we--the people who protect you from the bad guys--have fucking told you to do it.

    Now--if you want to challenge our lawful orders or appeal to a higher authority, call a lawyer, stand in front of a judge, or whatnot, let us show you what you're guilty of. Here's a *long* list we just put together without even trying. And here's the time you're going to get behind bars if you DO push the issue.

    You're guilty. If you want to stay out of jail, just let us take what we need in order to do our jobs protecting you. When we're done you can get back to your life. And you can keep your mouth shut if you don't want to see us again.

    Because we're just here to protect you.

    • TLDR: You can't control an innocent man.

      "...much more leverage for plea deals..."

      This has all been foretold.

      "Did you really think we want those laws observed?" said Dr. Ferris. "We want them to be broken. You'd better get it straight that it's not a bunch of boy scouts you're up against... We're after power and we mean it... There's no way to rule innocent men. The only power any government has is the power to crack down on criminals. Well, when there aren't enough criminals one makes them. One declares so many things to be a crime that it becomes impossible for men to live without brea

      • Re: (Score:2)

        by Megol ( 3135005 )

        Quoting Ayn Rand means having read her work - having read her work can lead to a serious case of mushy brain. Don't do that.

        Her works are illogical, unrealistic paintings of a terrifying world where psychopaths are the ideal. She never followed those ideals herself BTW instead choosing to be a leach on so many levels...

        • Quoting Ayn Rand means having read her work - having read her work can lead to a serious case of mushy brain. Don't do that.

          Her works are illogical, unrealistic paintings of a terrifying world where psychopaths are the ideal. She never followed those ideals herself BTW instead choosing to be a leach on so many levels...

          [Runs text through BS-to-truth translator]

          "Pay no attention to the principles and concepts presented here! Don't think about them! Only think about the messenger, *do not* consider or think about the message! That person is a dirty [insert derogatory term/ad hominem] and is probably insane and doesn't even take their dog for a walk...they probably beat their spouse and children, too!"

          Thanks for your input, Dr. Ferris! Didn't know you actually existed as a real person, never mind also posting on /.!

          Strat

          • tldr: don't feed the trolls.

            The primary function of BS in a debate is not to convince the audience (the fear the opponent's BS will convince the audience is bait for the primary purpose). The primary function is to get you to waste your attention and the audience's patience with you.

            It's just rope-a-dope.

            • Holy crap you have a bs-to-truth translator?

              tldr: don't feed the trolls.

              The primary function of BS in a debate is not to convince the audience (the fear the opponent's BS will convince the audience is bait for the primary purpose). The primary function is to get you to waste your attention and the audience's patience with you.

              It's just rope-a-dope.

              Yes, I have a BS-to-truth translator. It's called a brain capable of logical, critical thought.

              Look, I know you're just trying to help and I appreciate the effort you took. I know that was a troll post I replied to. Most people who are capable of understanding what was being said also know. I turned it around and used it to illustrate the lack of logic and to highlight the concepts that are vital for people who wish to live in a free & open society to understand.

              That's the one thing Statists fear most..

Slashdot Top Deals

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Close