Please create an account to participate in the Slashdot moderation system


Forgot your password?
The Courts Government News

Chad Davis May Be the Next Kevin Mitnick 281

19-year-old Chad Davis, of Green Bay, Wisconsin, made the front page of The Washington Post today. The story that features him says, "During [a] June 2 search, Davis admitted that he belonged to a notorious hacking gang that calls itself Global Hell, and the FBI agents let him know they were cracking down on the group. On June 28, Davis allegedly struck back: He replaced the Army's Internet home page with the message: 'Global Hell is alive. Global Hell will not die.'" The article reads like a chapter from The Hacker Crackdown, and it looks like Chad Davis may be used as an example of what the feds can do to crackers who mess with government sites. Mainstream news stories about Global Hell started appearing in May. I expect to see many more in upcoming months. Mitnick redux? Could be.
This discussion has been archived. No new comments can be posted.

Chad Davis May Be the Next Kevin Mitnick

Comments Filter:
  • Here's something that comes to mind about the nature of the government and its security policies on their taxpayer bought hardware.

    Why the hell arent they tightening their security up?

    It seems to me that a greater more cost effective solution to costly legal expenditures and questionable police state tactics would be a sturdy security policy.

    With perhaps a horde of these new Information Warfare kids hired as security consultants all dutifully exploring and getting bonus cash for the holes found in the governments "essential information infrastructure" holes could be patched money could be saved and a whole lot of civil liberties can remain untouched by the grubby hands of the justice department.

    Anyone else seem to think there is a conspiracy of lax security luring little hack weenies to attack government websites and get caught so that they can portray the nations data networks as in need of government protection?

    (Free kevin!) but prosecute him for credit card fraud.
  • Look, we all know this kid was in the wrong, but what does worry me is that the govt is using this as an 'example' case. That is plain wrong. The punishment for ONE person committing ONE crime should match the servity of that ONE crime. It should not match the severity of all the other criminals you were unable to catch. I fear that they are going to end up taking out their frustrations at not being able to catch other crackers on this one scapegoat kid.

    Also, the following quote from the article should scare anyone who gives a damn about privacy on the net:

    • "It is not that these are super whiz kids; it is the technology that gives them the ability to cover their tracks enough that you can have a hard time making a criminal case against them," said a senior federal investigator.
    What this guy is trying to imply is that privacy is a tool of crackers, and if only there weren't so much privacy they wouldn't be able to get away with their crimes. Notice how he makes it out to sound as if the technology is going out of its way to make it easy to be anonymous. What a load of crap! If the technology does nothing, then anonymity is the default. The technology has to go out of its way to track people, not the other way around. (The web server has to actively engage in logging activity. It takes *less* effort to forget the accesses than it does to create logs and keep track of them.)
  • eww... packers! *gag*
  • Read the article. He changed the homepage and some other stuff. In this web enabled world defacing a website is tantamount to taking a sledghammer to store front.

    "Who pill da cubby custar?"

  • Erm, how hard is it to firewall all but port 80 (www) on these machines? that limits you to only exploits in apache, which are few and far between.

    I've secured many machines for private organizations, and I admin a shell provider, it's NOT hard.
  • There's a large difference, 'tho.

    There's little gain in cracking/vandalizing a web page (unless you're being hired to do so...), except for reputation, ego or pride. The negative is that conceivably one could gain a felony conviction and jail time, which would probably put a huge damper on one's future -- and that's a pretty poor tradeoff. One could get a reputation by going around and murdering random people with, say, a chainsaw, but the cost-benefit analysis is pretty poor there too (likely endings: life imprisonment, shot by cop, or a years-delayed death sentence. It's not exactly compensated for by a badass reputation.), and it doesn't happen too often.

    On the other hand, it's quite possible to live by robbery, burglary or drug-dealing (at least until you get caught)... and drug abuse tends to have a self-perpetuating psychological bonus, however temporary. That's their gain, and many will take the chance of getting busted.
  • Yeah... prison labor... that's the solution to
    the country's ills.

    Just wait untill more people start thinking that is the way to go and start a mandatory policy of imprisonment. Saves the rest of us money dont you think? What should the ratio be. Hmmmm...

    Anyone who actually thinks that it saves money to society to have someone locked in jail doesnt stop to consider the fees we pay to the correctional institution infrastructure in this country. One of the top growing industries I hear. Someone got some hot tips on stocks?

    Its far more economically sensible to not have to put someone in prison in the first place. The amount of money that person makes (which gets spent by them and gets taxed from them) is far more beneficial than having them operate a drill press in the big house.
  • If all it takes is a "script kiddie" to break into .gov websites then perhaps the government should employ more script kiddies to sort their security out. The guy is a cracker. Also a hacker.
  • It's so strange, all the time I see posts on slashdot discussing the difference between hacker and cracker, yet out of the woodwork comes morons to defend this kid. If you're looking for the difference between hacker and cracker, take Davis as a prime example. Before cr/hacking even became the topic du jour, there was always the pretense that 'information should be free' (Ignore any parallels to some 2-bit movie).

    Thus, early on, you had hackers who, did things because of their enthusiasm for all things electronic. Some of these had a quasi-political agenda, but they did what they did under a loose concept of 'knowledge'.

    Today's crackers aren't of the same mindset, and thus can hardly be considered hackers or not, regardless of their 'computer enthusiast' aura. Any hacker ethos doesn't exist w/in the mind of a cracker.

    This said, there are far more grounds, IMO, to punish Davis than Kevin Mitnick, Robert Morris, or anyone else who has/d even a glimmer of a true ethic. Script kiddiez give nothing to the hacker community, nor do they do anything to further society as a whole. They're just in it for the ego boost, and end up being parasites, dependent on their hosts (i.e., this world, the hacker community) -- and draining them.

    Crackers do nothing that can be considered 'worthwhile' -- not even finding security holes (nevermind that hundreds before them have already 'found' them) -- because everything is still done under an exploitative pretense. If it's not done for the pretenses of knowledge or information, I could care less if the bloody bugger gets time.
  • Here here... this genius uses his own phone line and goes directly from his ISP to the target system. I know script kiddies that are smart enough to bounce around through a few low security elementary school computers first. Oh yea, prooves he has brass ones by showing how eager he is to meet his new boy friend in the state pen. They should make an example of him but I fear that may make him a marter to his script kiddie buddies.
  • someone goes into jail a small time criminal, not really that mentally fucked up, but then... post jail- he/she emerges into the bright happy world a traumatized, (you can imagine what kind of ass candy a 19 y/o kid has to offer to scary "bubbas") hardened, ("here kid, lemme teach you a little something about the tricks of the trade") betrayed, (yes, the gov't betrayed him) wasted, (spending a few years in prison, esp. during those crucial late teen/early adulthood times, can make someone jaded/tired about life) yes, he did a stupid thing, the equivilant of graffiti, but mabye he should pay a fine, obligatory counseling, public/community service, monitored access to the net, anything, but NOT something that is going to excerbate the problem. 8) i'll get off my soapbox/loudspeaker now.
  • I don't think it's terribly hard at all, but what makes you think this machine is used only for the web site? Maybe they do e-mail on it too? All it takes is one exposed vulnerable service.

    Even if they did split the tasks between servers, all it'd take is one exposed vulnerable service on one exposed system to make everything else behind that firewall exposed.

    If you run some vulnerability scan against an entire subnet, find a system you can get into, it doesn't take much more work to proceed again to a system that you ordinarily wouldn't be able to reach. In many cases, those "firewalled" systems tend NOT to have the latest patches and fixes installed, simply because the admins don't feel that there's much of a risk, since the firewall will protect them.
  • I don't think his point was that technology is the culprit here. I think he was trying to say that they aren't doing all of this investigating and they aren't having such a hard time tracking these guys down because they're GOOD; the suspects simply have access to programs/scripts (written by someone else) that make it difficult to track them.

    He was just pointing out that they're not dealing with super-sleuths, just kids with access to "technology."
  • He might have stolen 20 000 credit card numbers, but never used a single one of them to buy stuff!

    Then, what was the point of stealing 20K of credit card numbers? Did he plan on printing them out and using them as wallpaper? Sounds like he intended to pass them to friends for fun or profit in an act called fencing of stolen goods(Another criminal act).
  • Security holes are more like open doors. Sooner or later, someone's going to venture in and look around (regardless if they steal or not). That's why you lock your windows and door, and it's the same reason you lock your car after you park it. If you leave them open, it's a invitation for people to come in and mess around.

    It is really easy to do and people should make a habit of it. Apply the same logic with computer security, and people should make a habit of securing computers.

    Would the army build a base with a section of the fence missing? Probably not. Would the army arrest a guy who happens to venture in a unfenced section? Probably yes, but at least he won't be in the slammer longer than someone such as Chad or Kelvin.
  • by mattc ( 12417 ) on Wednesday September 01, 1999 @06:52AM (#1711754) Homepage
    A criminal is going to jail? Oh what a shame. I am deeply concerned about the welfare of script kiddies. Yeah, right.
  • according to your beliefs, stealing as a is okay as long as it's just a hobby and the individual has a legitimate job. Yeah...that sounds right to me. Idiot. Where do you people come from?

  • You should rephrase *steal* with *make exact copies of* just a little FYI on your logical analysis organic|quantum submechanics.
  • by Masem ( 1171 ) on Wednesday September 01, 1999 @06:52AM (#1711758)
    IMO, if you are a *cracker*, and go around and maliciously change sites, especially those with the means and ways to prosecute you, you get exactly what you deserve.

    On the other hand, if you are a hacker and find a security loophole on the same sort of sites and quietly let the owners of the site know about that, you should be able to report that without fear of being prosecuted.

    Unfortunately there's a fine line here and it's rather hard to define. Maybe we need to have people join a Hackers Union to allow them ethical hacking privaledges.

  • Don't be comparing this kid to Mitnick, Mitnick had skill, this kid had a bag full of tricks.
  • Mitnick screwed himself over. He waived his right to a speedy trial. I get so sick of seeing people talk about how Mitnick didn't get a speedy trial. He waived his right, it took a while, it's his problem.
  • by rizzo ( 21697 )
    Good to see a local boy in the news. I agree, however, that if you can't do the time, don't do the crime. It IS a premeditated crime, and he deserves to be punished.

    HOWEVER: The fact that he will probably get a stiffer sentece than most violent criminals is at the heart of the issue for most in the tech community, and deeply worries me.
  • It's all about the Pentiums, baby
    Uhh, uh-huh, yeah Uhh, uh-huh, yeah
    It's all about the Pentiums, baby
    It's all about the Pentiums, baby
    It's all about the Pentiums!
    It's all about the Pentiums!

    What y'all wanna do?
    Wanna be hackers? Code crackers? Slackers
    Wastin' time with all the chatroom yakkers?
    9 to 5, chillin' at Hewlett Packard?
    Workin' at a desk with a dumb little placard?
    Yeah, payin' the bills with my mad programming skills
    Defraggin' my hard drive for thrills
    I got me a hundred gigabytes of RAM
    I never feed trolls and I don't read spam
    Installed a T1 line in my house
    Always at my PC, double-clickin' on my mizouse
    Upgrade my system at least twice a day
    I'm strictly plug-and-play, I ain't afraid of Y2K
    I'm down with Bill Gates, I call him Money for short
    I phone him up at home and I make him do my tech support
    It's all about the Pentiums, what?
    You gotta be the dumbest newbie I've ever seen
    You've got white-out all over your screen
    You think your Commodore 64 is really neato
    What kinda chip you got in there, a Dorito?
    You're using a 286? Don't make me laugh
    Your Windows boots up in what, a day and a half?
    You could back up your whole hard drive on a floppy diskette
    You're the biggest joke on the internet
    Your database is a disaster
    You're waxin' your modem tryin' to make it go faster
    Hey fella, I bet you're still livin' in your parents' cellar
    Downloadin' pictures of Sarah Michelle Gellar
    And postin "Me too!" like some brain-dead AOL-er
    I should do the world a favor and cap you like Old Yeller
    You're just about as useless as jpegs to Helen Keller

    It's all about the Pentiums!
    It's all about the Pentiums!
    It's all about the Pentiums!
    It's all about the Pentiums!

    Now, what y'all wanna do?
    Wanna be hackers? Code crackers? Slackers
    Wastin' time with all the chatroom yakkers?
    9 to 5, chillin at Hewlett Packard?

    Uh, uh, loggin' in now
    Wanna run wit my crew, hah?
    Rule cyberspace and crunch numbers like I do?
    They call me the king of the spreadsheets
    Got em all printed out on my bedsheets
    My new computer's got the clocks, it rocks
    But it was obsolete before I opened the box
    You say you've had your desktop for over a week?
    Throw that junk away, man, it's an antique!
    Your laptop is a month old? Well, that's great
    If you could use a nice, heavy paperweight
    My digital media is write-protected
    Every file inspected, no viruses detected
    I beta tested every operating system
    Gave props to some, and others? I dissed 'em
    While your computer's crashin', mine's multitaskin'
    It does all my work without me even askin'
    Got a flat-screen monitor, 40" wide
    I believe that yours says "Etch-A-Sketch" on the side
    In a 32-bit world, you're a 2-bit user
    You've got your own newsgroup,
    Your mother board melts when you try to send a fax
    Where'd you get your CPU, in a box of Cracker Jacks?
    Play me online? Well, you know that I'll beat you
    If I ever meet you I'll control-alt-delete you

    It's all about the Pentiums!
    It's all about the Pentiums!
    It's all about the Pentiums!
    It's all about the Pentiums!
    What y'all wanna do?
    Wanna be hackers? Code crackers? Slackers
    Wastin' time with all the chatroom yakkers?
    9 to 5, chillin' at Hewlett Packard?
  • If you just keep your system up to date with patches and updates, it will take somebody with serious skills to get in.

    Serious skills or an early release of whatever exploit-of-the-week that ends up getting developed. Quite a few of these advisories come out after an exploit has been written and demonstrated, or at the same time. There's always a window of vulnerability in these cases.

    As far as firewalls go, all it takes is one exposed vulnerable service to allow a script kiddie to get behind it. At that point, machines ordinarily shielded by the firewall (thus more likely to have complacent admins) become easier targets.

    But yah, I do agree that if you keep up with the latest patches and fixes it makes things significantly harder for script kiddies. That still doesn't mean the script kiddies should get off the hook, though.
  • He's also a moron. Cracking your school's website, or some little ISPs site is one thing. Cracking the army is plain stupid. The guy was told he was under investigation, so he did something to get bragging rights. He'll get what he deserves. Even if they execute him it will be fair, we don't need morons like this polluting the gene pool.
  • This guy is from Green Bay? I thought that the only thing we had in this state was beer and football... Makes me wonder if people from out of state will soon start pronouncing Wisconsin right.
  • You really think that a little script kiddie can be compare to Kevin.... what a shame for you!

    Now get a clue!

  • On the other hand, crackers inhibit the government's ability to propogate its world view when they deface a web page, with the (unspoken?) threat of possibly doing much more (such as compromizing their databases and whatnot).

    A cracker who breaks into a government Web server and changes content is a threat worthy of federal investigation and prosecution.

    Allegedly, this guy just did some obvious defacement of the site. He could have made more subtle changes and removed restrictions on confidential data that's available on the server.

    For instance, what if a cracker breaks into CPSC.GOV and removes links to a product recall he doesn't agree with? Thousands of consumers might not find out about an unsafe product and the means to get it fixed.

    As another example, what if a cracker jacked with the IRS site so that taxpayers thought they owed lower taxes than they really do? The immediate gratification would be replaced with audits, late fees, and other tax boom-lowering.

    The offense allegedly committed by Chad Davis is trivial, and that should be considered in his sentencing if he is found guilty. Breaking into a government Web site and changing information is a crime the feds should be taking seriously, though. (They also should be creating content-verification systems that prevent subtle changes from escaping notice.)

  • How 'bout we add him to the "Free Mumia...the cop killer" bumper sticker?
  • Sorry just had to say that out loud.
    (for those scratching their head, think football....)


  • So you think that no-one should ever break a law, just because it's the law. What about all the non-violent protests of the civil rights era? They were breaking the law to show how the law was wrong and to make a political stance.

    is this wrong? no. if the law is a bad law, it is up to the people to protest it so that i will be changed.

    as for finding a hole, and then informing the sysadmin, what the hell is wrong with that? if the sysadmin isn't notified, then someone else could break in. if someone could break into my site, i would welcome them to inform me so that i could fix the problem.

  • Now THAT's funny (in a sick sort of way). You just made my day.
  • the big news today is that someone got caught accessing a computer which he was not authorized to access, and now the federal government is going to aggressively prosecute him both as a penalty and as a high-profile deterrent to other hackers.

    is this surprising? no. is this a problem? no. as we move into the future, the feds are goign to get better and better at catching and prosecuting those who chose to trespass in computers that they are not supposed to access. good for them.
  • Nevertheless, when you signed the "thing" (ticket) you were agreeing to waive your rights. If you look carefully at the ticket, it says something along the lines of "By signing this form, I hereby waive my rights..."

    In many states, you sign the ticket and if you pay the summons you are considered guilty. If you sign the ticket, but you believe you are not guilty- then you go to court on the date that the friendly police officer gave you. Signing the ticket does not say that you are guilty, but simply allows you to waive your rights. As the previous poster said, don't sign the ticket next time and be arrested, have your car impounded, etc...

    As for our script kiddie Chad here, if he does not waive his rights, he and his attornies have a month or so to prepare their case. If he wishes to have more time to prepare, then he will have to waive his right to a speedy trial and perhaps stay in jail for years waiting for a trial.

  • Who cares about these scum? You should, whether your own system is secure or not. The fact that cracking systems requires such low technical competence indicates that we need to do something.

    The problem is analogous to the in-band signalling that telephone switches formerly used. An outside agent should not be able to hijack a cpu's execution flow any more than an outside agent should be able to hijack the routing of a phone call. Until we universally implement mechanisms, preferably in hardware, to protect this data, for example by separating an execution stack from the general data stack and placing them in memory correctly, ridiculous problems such as this will persist. Patching holes like we currently do is not enough.

  • I think the old precedents apply just fine in this case. Kids are stupid sometimes and do stupid things. It's a combination of lack of good parenting, natural curiosity, lack of real-world experience and rebelliousness. They don't need to spend 4-10 years of their lives in prison for it. I did stupid things as a kid. I got punished for it and after a couple times I learned my lesson. I don't see why they should be punished so severely for such a minor thing just because the government is afraid because its systems aren't secure. Maybe if the government would actually do something useful for once instead of just declaring a "war" on any activities they don't like, we might have a better society.

  • The kids deserve what they get,


    and their parents deserve to be held accountable for the monetary damages.

    Um, not quite.

    Well, they will be held accountable, because it's their kid(s). But you say the kids aren't supervised enough by their parents. I don't know this particular kid's parents, but I think I can make a pretty safe assumption that they are not computer experts. So they can supervise all they like, and the kids will do what they want anyway. And if the parent asks what the kid is doing...

    "I'm playing a game."

    And whether it's true or not, the parent probably won't ever know the difference. That is, until the police starts showing up. It's still their responsibility, but not really their fault.

  • I'd answer this, but it was already answered here [].

  • However, I as an individual am hardly harmed. If the IRS gets their facts wrong and I underpay, the IRS is at fault, not me. I may have to hire a good lawyer and go to court, but no lasting harm is done.

    I think most people who have hired a lawyer to defend themselves and go to court would define that as "lasting harm." Lawyers and trials are expensive, both in money and time. The IRS Web site is just one of many that publishes information that could be harmful to people if altered or removed.

    If my only source of information for a recall is a government web page I have to take the trouble to find and dig through, then there are more serious problems with the recall notification procedure than a petty vandal's mucking with the web page.

    Access to accurate information from the government is essential to the democratic process. I think it's a serious problem when crackers alter this information, despite the fact that most of these break-ins have been trivial to date.

    If you don't hear about a product recall from the media, the only place that information is made available is the CPSC Web site. It serves a vital need, and it's important for that information to be reliable.

    As more people rely on the Web for information, the necessity of accuracy on government Web sites becomes more important to this country. That's why I think it is important to investigate and prosecute people who break into government Web sites and alter them.

    I am at most inconvenienced by such things. The government, on the other hand, has its power to govern more seriously hampered.

    I think the feds prosecute crackers for the same reasons many local prosecuters do. It's a sexy crime with non-violent perpetrators that gets media attention and can help justify bigger budgets. No conspiracy there, aside from the most popular conspiracy on Earth -- making easy money.

  • I tried the white hat dealie once when a sysadmin offered me $100 if I could break into his ISP. 30 seconds later when I /msg'd him the contents of a file which only root could read he backed down on his offer because "we never made it official." I should have rm -rf'd the system, but I was a good little boy and for some ungodly reason patched the whole myself.
  • You moron.

    In what way is copying files back to a directory tantamount to having to buy a new store window and installing it after you sweep up lots of dangerous glass ?

  • by Anonymous Coward
    If I spray paint your garage door, is that the real world equivalent? Not quite. However, if I break into your house by smashing a window and then start defacing things, then it becomes the equivalent.

    Cracking somebody's system is breaking and entering, not vandalism.

    Anyway, I don't think this kid deserves jail time, but I do think he deserves a 3 year probation and a nice fine that takes a couple years to pay off.

  • I agree

    This guy deserves community service. They should force these kids to make the webservers they hack secure if they get caught. :)
  • Mitnick waived his right to a speedy trial. It's his own damned fault he was in jail for so long.
  • You know your in for a self promoting reply when they start off with "Whatever", and half the message is filled with their own achievements (LOL). Seems to be a need to pat yourself on the back around here and tell the world how good you are, while at the same time, not really adding any substance to the thread.

    **Whatever. If you don't want someone in, make it so they can't get in.** Excuse my ignorance (seriously), but isn't that impossible?

    Anyway, your wrong, and obviously mentally challenged to make this argument. Whether you were commended or arrested, it is irrelevant. You are not supposed to be there, and it is illegal for you to do so (why were you not arrested... were they were embarrassed and wanted to avoid the publicity?). I don't believe for a minute that they were happy you broke in, just because you helped them.

    Also, I am not quite sure what your point is in your "real world" example. What does "noticing" have to do with anything? If you can break into a home undetected or by yourself, it's ok? Help me here :)

    That's it, nothing else to say. If it's illegal, it's illegal no matter your intentions or whether or not you were noticed.

  • The point is why are people already comparing him to Mitnick? I fail to see any similarities in the two cases.
  • Two million dead Africans seems infintely more important to me than Global Hell.
  • Why has mitnick become a god in the (h,cr)acking community? He had no skill. He could social engineer, but IMHO social engineering isn't that great of a skill.
  • Aren't there sentencing standards?

    Wasn't Mitnick a "repeat" offender? Wasn't he a fugitive? Shouldn't these factor into the sentence? Tyson did neither and his case bordered on date rape. -bad example-

    In the case of physical crime, the gov't does have a somewhat effective response, put more police on the streets. It usually has a very clear impact on crime. They don't have an effective response to increased hacking. Perhaps *you* have an answer?
  • Let me understand -- you are saying that causing 20K of credit card damage, plus the inconvenience of correcting credit histories, is a worse crime than a child or person being physically and mentally assulted? Because more people are affected? I doubt many would agree with you.

    No. That is not what I am saying. What I said is that crimes against the population on the whole are dealt with more stearnly because they affect the general masses and, as such, errode the fabric of society.

    I did not and will not downplay the viciousness of murder or rape, they are horrible crimes. But, these crimes are against individuals and not the community at large. Why do you think that an embezzler gets 20 years while your typical rapist seems to get 7? Why do you think counterfeiters get 20 to life? These are crimes committed against the "state".

    $20K worth of damage? I think not. He stole 20,000+ credit card numbers. Let's see...most credit cards carry, say a $5K limit. That means, potentially, he could have done over $100M worth of immediate damage PLUS the effects of ruining a credit rating and the ability to steal an identity. Most people don't know their credit rating or have not requested a copy to even know if they have been compromised.

    I have friends who have had their identity "stolen" by credit card theives. Every couple of months, they have to PROVE they didn't by $5K worth of goods. And, while they are waiting for their credit history to clear, they can't do much of anything. They have three kids. Yeah..victimless crime.

    Perhaps, (and I'm not wishing it) if such a crime is committed against you, you would realize the significance of it. Imagine not being able to pay your bills because your accounts are frozen. You are late for work and can't pay for gas. You're hungry and can't buy any food because your accounts are frozen (hence no ATM). All this because some little punk thinks its okay to hack into somebody elses computer system for fun or profit. Get the picture?

    This does not mean that murder or rape are any less significant or horrendous. I firmly believe such perpetrators should suffer a fate as worse (if not more) than what they caused their victims. It's just these crimes are perceived differently by the lawmakers in this country.

    These are the types of crimes that Mitnick was accused of having committed. This little punk, Davis, while only defacing the Army's website committed a similar crime in that he is erroding the foundations of privacy and security people are starting to formulate regarding the internet.

    Billions (if not trillions) of dollars (or equivalent) flow through the internet everyday. How can people trust their finances or privacy on the internet if we have to worry about some little script kiddie?

    What could potentially happen is that all those companies that fund the internet backbone say enough is enough. What then? Or, they start charging such horrendous fees for access and monitor every packet that is sent? In this litegous society, that is what could eventually happen (severe..but a possibility).

    Someone mentioned about my comment or grafitti and how I said it errodes peoples perceptions of a community. Sadly, it does. It was not meant to be a racist statement but some have taken it that way. Think about it. If you knew your site was probably going to be targetted and you're not a security expert with the skills to stop it, would YOU put up a site and have to deal it and the potential PR issues that stem from it (Especially a business).

    Cracking is fundamentally wrong and is a criminal act simply because of its impact on so many people. Please recognize it as such.

  • So now all bets are off if you happen to 'provoke' the FBI? She must have been asking for it, eh?

    Like it or not even three-letter agencies are still supposed to uphold the law.

    That means they have to follow it- even if criminals (by definition) do not.

  • The problem with represenative democracy in our country is that it is lacking one essential element - informed voters. Intelligent votes are literally washed away by a tidal wave of ignorance.
  • All of the points you mention undoubtable put the fear of into the hearts of government beaurocrats everywhere. However, I as an individual am hardly harmed. If the IRS gets their facts wrong and I underpay, the IRS is at fault, not me. I may have to hire a good lawyer and go to court, but no lasting harm is done. If my only source of information for a recall is a government web page I have to take the trouble to find and dig through, then there are more serious problems with the recall notification procedure than a petty vandal's mucking with the web page.

    I am at most inconvenienced by such things. The government, on the other hand, has its power to govern more seriously hampered. Which is why the FBI et. al. are so enthusiastic when the vilify and imprison crackers. It isn't to protect you or I, it is to protect their own base of power. What matter that some clever, foolish children get destroyed by their actions? Intelligent people don't make good (read: docile) citizens anyway.
  • by dirty ( 13560 ) <dirtymatt@g m a i l .com> on Wednesday September 01, 1999 @10:16AM (#1711810)
    I do not know of this football of which you speak.
  • hello i am a script kiddie (i even got in my jr high school newspaper!!!) and i would like to tell you how to crack into a system in these 8 simple steps

    1. spend lots of time on IRC! cuz its fun and l33t! i talk to all of my k00L hacker friends all the time in our password-protected IRC channel. sure i get bad grades in school but thats ok cuz i will just find a job doing tech support where i can IRC from work too!
    2. download all of the exploits people mention on IRC
    3. download all of the volnurability scannerZ people mention on IRC
    5. pick a bunch of systems (or just pick IP's randomly!) and run all of your scanner softwares on it. if everything just times out then their probably behind a firewall cuz they are LAME#!! just move on and use another IP.. or if you want to hit a government sites just download this file GOVT.TXT that lists a tonZ of hi profile government web server IP's and plug it into your scanners
    6. when u find a system that has a hole, run the exploits on them! they will give u a root shell!!!!! then u can uze your other l33t scripts to set up trojins and back doors but if u dont know how to do that then just find the web space and mess up they're web page!!!
    7. dont worry about getting caught or anything cause everyone running systems is just DUM like they dont know how to fix there security holes so they surly wont be able to track you!!!


    And you honestly think it takes skill to do this sort of thing? It's nearly impossible for any system administrator to be 100% up to date on all vulnerabilities and patches. Frequently exploits are discovered and released a little while before it's been made aware to the security community. There ARE windows of opportunity there, and they don't necessarily arise out of negligence on the part of the administrator.
  • I think that crackers ( whether talented or stupid ) should be punished, but I do not think it is right to place them in the same row with vandals or terorists or any other type of real world criminals because the value systems of net and real world are very different. A terorist blowing up a building or a vandal spray painting some kind of national treasure do actual ( often irrepairable or just plain very costly ) damage to real items. A cracker defacing a web site does not do any REAL damage ( unless the sysadmins were so stupid that they do not have backups, in which case they deserve it ). All it takes to put the site back is a restore, and unless the cracker was very persistent it is only a few relatively small files so it doesn't take too much time. The crime in this case would be the disruption of service that he caused. This is another major difference between RW and the Net. The time on the Net is MUCH faster and more valuable then time of RW. A store closed for a day is nothing or not much. A popular web site down for a day is a lot of nuisance/trouble and maybe real damage to people. This guy is not supposed to be tried as a plain criminal. There should be a separate set of laws concerning cyber-crime. Maybe even a separate organization should be handling this instead of standard govermental mechanisms, much like IRS handles tax related issues and INS handles immigration related stuff.

    Just my .02$
  • No. Cracking is considered a serious crime because of the nature of the crime. It has more ability to affect the general population (i.e let's steal 20K worth of credit card numbers and ruin those peoples credit histories).

    Cracking exposes vulnerabilies in systems that people trust implicitly. These systems are often the basis for our way of life. This creates chaos. Murder, rape and other violent crimes affect relatively few (but those it does imparts immeasurable impact). Thus, while they are terrible (I say burn the buggers), most of us still feel safe.

    Can't say that's the case when I have to wonder who might be stealing my credit card and making my life a living hell as I try to resolve it.

    People liken the crime of cracking to grafitti. Grafitti has been shown to degrade property values in an area. This makes it difficult for people to leave the area without taking a significant hit in the pocketbook. It leaves people with an impression that the area isn't safe or becoming. Only when the communities come together and clean up their neighboorhoods (not always possible), do they regain their sense of pride and safety. So, in my mind, grafitists should be severely punished as well.

  • One would expect the local sheriff to go after vandals.. but no, we have the FBI. There are real crackers out there who have no morals and lots of skillz. They invade privacy and threaten liberty. These are the guys who rm -rf your root directory because they were bored sniffing your box. If the FBI believes that crackers are a threat to national security then they should go after them, not a bunch of punk kids who hack web pages.
  • ' is the technology that gives them the ability to cover their tracks enough that you can have a hard time making a criminal case against them," said a senior federal investigator.'

    Here we go--blame the technology. There is no personal responsibility anymore, is there? Pretty soon we'll have another 20,000 laws limiting access to technology. Start sending in your donations to the NTA.

    I can hear the soccermoms of the world now:

    "It's this, easy access to technology, that causes this kind of tragedy..."

    "We must put a stop to those evil computer shows!"

    "You don't need a computer with 700 mhz!"

    "Our children are raised in a culture of technology."

    Of course you could replace "technology" with whatever software this punk was using and these quotes might be more plausible. Replace "technology" with "guns" and you see how stupid our government and Sarah Brady really are.

    Bring on the bans!
  • Well, did you vomit?

    (I realize a subject line isn't a web banner or tag, but it is disturbingly close to your post)
  • How about four years in the Army for this one?
  • "Yea, screwing with a web site should be punished, at about the same level as littering. NOT to the same level as murder."

    Out of the mouths of babes.....

    So basically you're saying I can walk into your house uninvited, deface something in your house, like say, the report you've been working on for the boss for the last six weeks, or that homework paper thats due midterm, and then expect a slap on the wrist for such actions?
    Have you no respect for the personal property of

    I'm not suggesting "murder" level prosecution, but most CERTAINLY not the slap on the wrist a littering charge would engender.
  • Defacing a web site, like grafitti on a wall is hardly a major offence.

    But it isn't "like grafitti [sic] on a wall". It's more akin to screwing up traffic lights. You remove links from a web page, you're denying access to resources. Carving your initials in a tree is one thing, dropping that tree across a major highway is another.
  • now im not entirely sure about this but wouldnt an effective response to increased hacking be maybe *gasp* better security
  • Uh, that's Weird Al, right? Some attribution would be a nice thing....
  • There is no "fabric of society". America has become a land of sociopaths who only care when it inconveniences them.

    Cracking is wrong, fine. But killing and stealing are quite different. Protecting the Status-quo is the problem. Money protects its own interests (docile, subservient, workers). Anyone who is not their lapdog is a meat by-product.

    Uh huh. Read your own words again. It appears that you may be part of the problem. You are right, the problem is that we are all to self absorbed to worry about each other. Why is that?

    To many people are taking the phrase "life, liberty and the pursuit of happiness" just a bit too far. If I remember correctly, this is from our Declaration of Independence and not the Constitution of the United States.. I also believe there is a phrase in there "to form a more perfect union" there not?

    You say that cracking is wrong. But killing and stealing are different? How? Are they not all crimes in our society? By saying cracking is just wrong and not criminal, you are setting precedent.

    Next, we'll say burglary isn't a crime, they were just passing through your house to get to the other back yard and picked up a few trinkets on the way.

    When I was a kid, burglary was a felony that would get you twenty years. Now, that same crime will net you six months to two years in most cases. So, we've gone from a twenty years to less two for the same crime in less than a generation. What's next? Six months for murder? A slap on the wrist for rape? Hmmmm.

    By not giving a damn about the society you are contributing to its futher degradation nevertheless and regardless of whether that society is built upon bedrock of common beliefs or a foundation of lies. Like it or not, you are a member of that society. It is what you are.

    Congratulations! You have become a contributing member of the status quo.

    There are still those in this country that believe in the so called "American Dream". At some point you have to trust in those around you to do the right thing. That's why we have government and laws (no matter how innane some of them might be). They are (in principle anyway), designed to protect the society as a whole and dictate acceptable behavior for all members of that society. For those who deviate outside the acceptable behavior, there are "corrective" actions that can be applied.

    If you don't like the way things are working, then take the time out and do something constructive about it rather than whining about how it's not fair or how messed up it is. If you don't like the laws, then lobby to get them changed. Aspire to political office and show the world you really do give a damn and change the law (unlike the majority of the politicians in office). Fight for what you believe in by working to change the system rather than going outside and destroying it. (I am not an advocate for revolution but rather evolution).

    Sit on your ass and you're no better than the "meat by-product" that you call everyone else.

  • One of the first of these stories to gain national attention way back when, including a cover of Newsweek, was that of the 414's, a group from Milwaukee, Wisconsin. Now there's this guy up in Green Bay, Wisconsin, and he couldn't look any dumber if he had one of those big foam hunks of cheese on his head with a picket sign sticking out saying, "BUST ME: I'M AN IDIOT!!"

    So there I think you have it: In honor of these Northern intellectual behemoths, I hereby dub a new eponym upon all who aspire to emulate them - not script kiddies, for scripts say very little about these people and demean an otherwise useful thing; not crackers, which is actually a derogotory name for white folks; no, I think these Wisconsin boys stand for them all: cheese heads. That is what I shall call them henceforth, and I would love to see them immortalized as such in the jargon file someday.

  • There needs to be a web site / message forum like Slashdot but dealing entirely with local/regional political matters. Something your state and federal representatives wouldn't be afraid to visit and contribute to. Organize the board by geographical area (or whatever political boundaries) and organize threads by issues, complete with informal polls.

    Even without a congressperson's presence, it could be a great place to learn about your congressmen, about potential candidates in your area (all we ever hear about is what's on TV -- and that's usually at a national level). WITH a congressperson's presence, it could be an invaluable tool for communication/virtual *conversation* between your representatives and constituents.

    Does anything like this exist?
  • c'mon you know we can't sentince our celebrities to the same extent as regulat people, they are better than us
  • The difference between this kind of crime and graffiti is that it is a new kind of crime. That means that we can set a new precedence. I think they would try the same thing against people doing graffiti if they could. It is the same reason why beer and cigarretes are legal and marrijuana (sp?) is not.
  • I think sublime put it best, "Even though he now takes it in the behind, I have no sympathy for men of his kind."
  • Hrm...last time I got a ticket, I signed the thing, plead not guilty, went to court, was found not guilty in under 30 seconds (a minute if you count the lecture from the judge about being careful), and went home. All before about 10am. Sure I had to wait about 2 months before the trial happened, but during that two months I was not inconvienced in the slightest bit.
  • I'm sorry, but that is just sad. You don't attack the government after they explicitly tell you they are watching. Come to think of it, you don't attack the government at all, unless you happen to be a founding father revolutionary... Rebel without a cause? nah, Rebel without a clue...

    "What is now proved was once only imagin'd"
  • Okay... kid is careless, arrogant and stupid, gets his hands on some scripts, finds some security holes, and intentionally pisses off the FBI.

    And this is news that he's going to be prosecuted? He might as well have walked into their DC headquarters waving a shotgun around. It'll be news when he *is* the next Mitnick.
  • Hi there,

    >A script kiddies is someone who uses programs and >scripts that they have not written to exploit >security and privacy holes in commonly used >systems, such as Unix, windows, IIS, Apache, AIM, >Hotmail, etc. the list is long and includes >anything you've ever heard of, more then likely. >script kiddies are generally disliked because >they:

    Oh, and how does everyone automatically know that this guy used a script off r00tshell instead of coding it himself?

    >script kiddies are really just the natural >extension and inevitable outcome to an >information based society that depends on >exploitable electronic systems and I feel are >equivalent to rampant disease in that the help to >keep the immune system (system security) on it's >toes, although most people seem to think they're >just pieces of shit.

    Well, i'm a sysadmin and I don't know how to code anything that can crack a system. I sure have the knowledge to download a C/Perl script, edit a few variables and make it workable. Does that mean i'm a script kiddie?

  • Why are so many posters defending the government?

    Our government is evil and needs replacing.

    Whatever we can do to place more strain on it we should until it collapses. I support rioters in LA and David Karesh's. Just keep on task, dont' destroy your fellow citizens and stick it to the man :-)

    This argument is entirely in keeping with FC's manifesto, also known as the Unabomber, read it sometime, its very interesting.
  • "Most of us still feel safe"?
    You're kidding, right?
  • The problem with represenative democracy in our country is that it is lacking one essential element - informed voters. Intelligent votes are literally washed away by a tidal wave of ignorance.

    While the USA has certainly had its share of dumbing down, have you even entertained the thought that withdrawal from the system might be rational behavior?

    It is very, very difficult to effect change without

    • large gobs of $$$$$
    • massive investments of time
    It can be done. But it is painstakingly difficult. And the results can be wiped out with the next election, or by simply turning your back on the rat-fink who is supposed to be "representing" you for too long.

    Both the characteristic modern parties believed in a government by the few; the only difference is whether it is the Conservative few or Progressive few. It might be put, somewhat coarsely perhaps, by saying that one believes in any minority that is rich and the other in any minority that is mad.
    -- G. K. Chesterton, What's Wrong With The World Today []

  • "In the case of physical crime, the gov't does have a somewhat effective response, put more police on the streets. It usually has a very clear impact on crime. They don't have an effective response to increased hacking. Perhaps *you* have an answer?"

    How about better security? Even just for my little home network here I use a firewall/gateway system with packet filtering and network rules setup, just so that I can dial into the internet (and share the dial up with a few other computers).

    All internal ip addresses are on a private ip range, I use a 5port switch instead of a hub, all incoming ports are blocked etc etc.

    It may not be impossible for someone to break into my network or one of my workstations, but it'd be a hell of alot harder than the public sites that are getting cracked all the time.

    Simple things like using switches on your network, portforwarding access to public services instead of just sticking a box right on the unsecured connection to the internet, using secure operating systems and services (i.e. not using IIS with frontpage extensions), monitoring sites like Security Focus to keep up on the latest exploits and patches etc.

    If I can invest a little time and energy into securing my home dialup connection, there's no excuse for public businesses, and govt. agencys with public servers on the internet to not do the same.
  • why do so many people worship mitnick? because he got caught? because he spent a lot of time in jail? because he's a chronic repeat offender and parole violator?

    I don't understand why noone gets behind murderers or burglars like they're getting behind mitnick.
  • You're right. The feds will, theoretically, get better at catching these sort of "criminals." Of course, we might also assume that these same sort of "criminals" will get better at the criminal activities that they are participating in. Therefore, the feds will not only have to "catch-up" (i.e., improve their crime-fighting skills enough to catch criminals of the "caliber" that is present now), they'll also have to push themselves far enough so that they are capable and ready for future, more advanced, and "harder" attacks.

    I'd say the feds have got a bunch of work to do. "Go get 'em, boys"
    (cliche, I realize, but I felt the __urge__... oooo... be frightened)
  • As long as the punishment is in proportion to the crime....defacing a website like this is more akin to spraying grafitti than to robbing a bank. So the guy should be getting a fine or a similar slap on the wrist.
    What he will get is the same as Kevin Mitnick - several years locked up waiting for a trial.
  • Why are crackers spending more time incarcerated than many murderers, rapists, and child molestors? I'm not saying crackers should not be prosecuted, but something is bass ackwards in the justice system.

    Murder, rape, and child molestation are far more serious crimes, and deserving of far more punishment than fscking up someone's web page.

    Crackers should be treated more like kids who spraypaint their crap on walls. For messing things up, their punishment is to clean things up. Give crackers shovels and put 'em out to clean up the subway walls, or interstate embankments.

  • by supz ( 77173 )
    just reading the comments on this article is like really [mind expanding?]. there are mainly two totally different perspectives on this subject, that are both totally legit, but go contradict each other so much.

    #1 being that you believe that the kids should get what they deserve for being stupid
    #2 being that the server's are stupid for not checking

    alot of educated-looking people have posted stuff supporting both of these view points.

    just felt like sharing that
  • I thought the guy was 19, around my age.

    The guy was warned by the FBI that they where cracking down on their group.
    But what does he do, he lash's out and hacks a web site.

    I agree with your last point, but isn't that just what Chad did. He declared war on a group he didn't like.

    I don't dig crackers who try and boost their own ego by defacing other peoples property.
  • Is Chad going to be placed in solitary confinement until he "voluntarily waives" his rights to preliminary hearings, like Kevin?

    Is Chad going to be charged in the farthest point away from WI, in the continental US, like Bill Cheek?

    Is Chad going to have to rot in a "pre-trial" facility for 4.25 years until he "voluntairly pleads" to some of the charges?

    Have the Feds created $multimillion in damages yet?

    Yea, screwing with a web site should be punished, at about the same level as littering. NOT to the same level as murder.
  • Let me understand -- you are saying that causing 20K of credit card damage, plus the inconvenience of correcting credit histories, is a worse crime than a child or person being physically and mentally assulted? Because more people are affected? I doubt many would agree with you.

    Even if that rather dubious judgement is accepted, lets punish according to the damage done, rather than the worst case damage possible. If someone falls asleep at the wheel and safely drifts to rest at the side of the road do we threaten them with manslaughter penalties because they *could* have killed someone?

    If someone were to crack and break critical life support software and people died, I'd be all for the maximum penalty. But to say that someone who caused a government web site to cease functioning for a few hours is worse than a molester or rapist is ridiculous, until you specifically list the severe damage they *actually* caused.

  • So in other words if you happen to forget to lock the door to your abode I can feel free to walk out with your computer, tv set or anything else that catches my eye? What was your address?

  • by Sun Tzu ( 41522 ) on Wednesday September 01, 1999 @07:59AM (#1711903) Homepage Journal
    Agreed. Violent criminals should rank higher on the FBI's lists than mere vandals, even computerized ones.

    And, your suggestion for punishment is a good one, IMO. The ego-driven cracker/vandal would be appropriately punished in a way that diminishes their prestige and matches the crime.

    Meanwhile, there would be room in the prisons for longer sentences for murderers and rapists... Unfortunately, those evil pot-smokers are sucking up so many cells as to make this cracker problem vanishingly small.
  • I agree. Script kiddies should not be compared with anything except pond scum. What Kevin did was not right, but at least it took some intelligence to do it. Now a 9 year old who found out about the 'net a week ago can download the crap to become a script kiddie. Would they be compared to Kevin too?

  • by Signal 11 ( 7608 ) on Wednesday September 01, 1999 @08:08AM (#1711913)
    Before everybody goes off with the "you get what you deserve" rant.. I would like to make a few points, and why if the government does what I think it's going to do .. it wouldn't be good for anybody.

    First, defacing websites is a crime - duh. But it shouldn't be a felony to do so - it should be a misdemeanor just like the realworld equivalents of "damage to property" and "vandalism". The government is deathly afraid of a medium that it can't control - which neatly explains the outrageous legislation being passed right now.

    Second, this story will get sensationalized. Again, another obvious "duh!". The media loves scaring people - and the idea of some guy involved in a hacker crime ring hell bent on overthrowing the evil capitalistic system will be raised no less than 2^32 times. Jesse Burst may even comment on it.

    Third, the you're-guilty-otherwise-they-wouldn't-have-arreste d-you dogma will also come to bear in the next few hours on slashdot. May I remind you that unless you disagree with the constitution - it's guilty until proven innocent.

    I would also like to point out that the "setting an example" method of enforcing laws has been proven to be ineffective. We legislated the death penalty.. and the murder rate didn't change. We took it away.. the murder rate didn't change. That is one example, but their are case studies replete with more.

    So what does this accomplish? It gives law enforcement good publicity (makes them look like they're doing their job instead of snacking down donuts and violating people's civil liberties), and it gives everybody the shaft because it's one less right that you have in our legal system.

    constructive criticism appreciated - flames to /dev/null.


  • Sorry, I meant to say "innocent until proven guilty". A freudian slip, perhaps?

  • by Fastolfe ( 1470 ) on Wednesday September 01, 1999 @08:22AM (#1711936)
    "It is not that these are super whiz kids; it is the technology that gives them the ability to cover their tracks enough that you can have a hard time making a criminal case against them," said a senior federal investigator.

    It's about time the media started relaying this crucial bit of information. These gimps are nothing more than IRC script/packet kiddies that were shown how to use a few of those l33t exploits that appear every week or two.

    They're not smart (obviously in this case); they aren't "skilled members of the hacker community." They're CHILDREN that aren't supervised enough by their parents.

    The kids deserve what they get, and their parents deserve to be held accountable for the monetary damages.

    I mean how stupid can you be? If you're going to break into a government system, don't do it straight from your dialup account! Again, he deserved it. I have no sympathy. In fact, I just wish the number of arrests for this type of thing (including more of the DoS-type of attacks) increased by an order of magnitude.
  • by um... Lucas ( 13147 ) on Wednesday September 01, 1999 @08:47AM (#1711938) Journal
    Based on what I know, briefly... The FBI told him they were on to him & his group. He went out of his way to taunt them by defacing a military site. For that, HE'S NOT GONNA GET JUST A SLAP ON THE WRIST.

    Simply defacing a site, who cares? I mean, anyone in the world should have a tape backup somewhere that they can grab and restore. When you start talking gov't & military sites, though, the action is taken much more seriously. Just like if you spray paint something on a building, that's vandalism, but if someone spraypainted something on the Vietnam Memorial, they'ed be lynched either in or out of jail...
  • by Fastolfe ( 1470 ) on Wednesday September 01, 1999 @08:49AM (#1711940)
    For those that invariably keep repeating that punishments for computer crimes seem excessive compared to other violent crimes, WRITE YOUR CONGRESSMEN.

    If you folks would spend HALF the time actually writing letters as you do whining on Slashdot, I'm tempted to say we'd see a difference in the behaviors of some of our congressmen and thus, our nation.

    I bring this up every once in a great while, and every time I get somebody responding that says I'm naive, that our government isn't OUR government at all, but acts in its own best interests (which, "obviously," aren't our own). Do you have any idea how many letters your congressmen get? I know my state representatives somehow find time to individually read and respond to my letters in just a few days. My national representatives usually have somebody else going through the mail first, but each of my letters have been hand-signed and written *by* the person I wrote (and yes, I can tell the difference between an aide-written letter and one written by The Man himself). If these guys can find the time to do this sort of thing in addition to their duties as our state and nation's lawmakers, perhaps they aren't hearing enough from their constituents? Hell, most (all?) of them now have e-mail addresses that are given just as much priority as postal messages.

    I wish you doomsayers would stop sulking under this dark cloud of opression and figure out that this is YOUR government. These are YOUR elected leaders. Do you guys honestly believe that each of your elected leaders just somehow automatically get inducted into some secret club hell-bent on destroying the lives of the citizens that elected them in the first place?
  • I didn't realized he'd already been found guilty and sentenced yet.

    In the future, wait until the guy's actually been SENTENCED before you go comparing his sentence to that of other types of criminals, and remember: Just because the law provides a MAXIMUM penalty of "..." rarely means the offender will actually get that sentence.
  • Whether or not a person takes adequate measures to secure their belongings, whether physical goods like my tidy pile of gold coins or the company network, has no bearing on the legality of the intrusion. If you abscond or destroy my personal belongings I expect you to be prosecuted to the fullest extend of the law. Whether or not the security measures (Did I lock the doors? Are the security patches up to date on the external computers on my network?) satisfy my insurance company is another matter. I'm not arguing that at all.

    If the legal system takes the stance that unless you take adequate precautions any theft or damage done to your property is not a crime chaos will ensue. Any legal prohibitions against theft or intrusion will be moot since by definition if you've been intruded on you didn't take adequate precautions against that particular intruder.

    You put a dead bolt on your door and religiously lock it, you make sure all your windows are closed and locked. I throw a brick through your window and steal your prized lint collection. Since you had the audacity to have windows on your dwelling you are therefore not worthy of being protected by the law. I walk away without a blemish on my record.

    The truth is just about all computers exposed to the internet at large take adequate precautions to justify protection. Unless they leave the site up without password protection and post notices that intrusion is explicitly allowed they're afforded protection by the law.

    Insurance companies and the stock holders are of course entitled to more stringent measures. If a lack of these more stringent measures results in theft of services and intellectual property or a loss of service then they are entitled to make the company pay. They do this by either not honouring their insurance policy or dumping their stock and deflating the value of the company. The company is still entitled to seeing any criminals rot in jail.

    To borrow and extend a rather colourful phrase from Neal Stephenson's Cryptonomicon: If you don't want to be the wife of the convict with the most cigarettes, don't do the crime.

    Cann your home insurance and file a theft claim. And tell them you left the front door unlocked. See what they say. Sane with auto insurance companies. If you're ripped off for being stupid, they'll compensate you less, if at all. Blame is not something that rests all on you or all on the thief, but a question of who bears what percentage of the blame. What would you expect to happen if your wife parked your new convertible Ferrari on the street in the middle of Watts and left it there over the weekend. Would you feel 100% relaxed and not worry because 'the law' says the theifs bear all of the guilt? Would you place zero blame on your wife? I wonder.
  • That's really odd, because we discussed this in our state & local politics class - and it was that exact example used to prove that "setting examples" didn't work for law enforcement - ie: had a negligible effect.

    Maybe the study you read made the mistake of going by total murders rather than per capita? I don't know.. but I'd love to see anything you can dig up on the topic.


The Force is what holds everything together. It has its dark side, and it has its light side. It's sort of like cosmic duct tape.