Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
The Courts Government News Your Rights Online

One for the Kids 261

Brock Meeks, and recently, Lewis Z. Koch, have been writing an email newsletter called CyberWire Dispatch since, well, since all I had was a Fidonet dialup, anyway. For the 99.44% of you who don't subscribe, we're pleased to bring you the most recent issue. Click to read it.

Reprinted with permission.

CyberWire Dispatch // copyright © October 8, 1999 // All rights reserved

Jacking in from the "Mr. Rodgers" port:

By Lewis Z. Koch
CWD Special Correspondent

The Department of Justice has either lost its collective mind, lost all sense of its own history or is just too damned busy trying to figure out who really gave the order to waste a couple dozen kids in the Waco debacle.

The DOJ has produced a "Hacking Story" kids web page and on it they have a cartoon woman holding "the scales of justice" - only she's not blindfolded.

The page also has a bewigged judge, peering over his glasses, looking stern, squinting down approvingly as perhaps the thumb screws are tightened on another hapless hacker who has fallen into the clutches of a Justice Department searching for another "teachable moment."

Now -- and I am not making this up - there is an "Internet Do's and Don'ts" on this kids page subtitled "Think about it."

Think about this: your tax dollars paid for this.

The "Think About It" section starts off, "People who break into computers ('hackers') destroy property and records and invade privacy. What's privacy worth to you?"

That's a very good question boys and girls. To understand it, how about a bit of a history lesson first.

Perhaps we should we ask what privacy is worth of the family of Dr. Martin Luther King Jr. whose privacy the FBI invaded for years, bugging his bedrooms and his phone conversations. What was Dr. King's privacy worth? Or the other people whose privacy was invaded as they interacted with Dr. King?

Or are there two standards of privacy, boys and girls - one for the government rule-breakers and one for hacker rule-breakers?

This is called a "double standard" boys and girls. Can we spell "hypocritical?" Perhaps we should do an Internet search with the key words "black bag jobs" and "FBI." (And for extra credit, try "Iran-Contra.")

The page goes on to ask, "What information about you (or your parents) do you think is private: medical information?..."

Good question. But perhaps an even better one to ask, boys and girls, is why is all that medical data available in the first place? Why isn't it encrypted? You know, in code, so no one can read it? We'll come back to that, later.

It might be that the insurance companies want the data to be open, so they can easily read it as it goes from Internet site to Internet site, medical data traveling across the Internet, just as carefree as can be. The insurance companies want to make it easy for themselves, so they can keep track of all the medical records.

Precautions to keep it out of the hands of, say, the FBI or private detectives, or people who can monitor all those records speeding about the Net would cost money, and insurance companies need lots of money, so they can give part of it to politicians. The insurance companies like to share and we all know sharing is a good thing, isn't it, boys and girls?

Yes, Jenny, you have a question? What, Aetna doesn't share with you? Shame on them. Maybe you should run for Congress. Yes, you'll get extra credit.

Maybe the DOJ should put up a web page for insurance companies, asking them all kinds of fun questions. Inquiring little minds want to know.

The DOJ kids page would have children worry about hackers knowing what grade you got in English or Math or how much money you have and how much money you owe and your letters to a friend and a boyfriend or girlfriend. Are those good questions boys and girls?

Well, on the one hand, most fifth graders, frankly, don't give a shit (oops, sorry about that boys and girls) -- aren't all that concerned about grades or how much freaking money an eleven year old is making. And as to the money they owe... please, let's not get carried away boys and girls.

The DOJ kids page goes on like some blithering 3rd grade teacher in Kansas set to make a fulsome argument for creationism, "When you write something, how important is it to be able to find it again...How important is it that data in computers not be altered...[like] grades?..."

Maybe next week, boys and girls, we can all sit down and write a Freedom of Information request and find out how many people worked the wonderful prose on the kids page. And then we can total up how much they make a year in our special math class! I'll bet it goes way, way, way over $100,000. You think that is a lot of money, don't you? Do you know the expression "chump change" boys and girls?

Time to write another letter, boys and girls. This one goes to the Secretary of Commerce William M. Daley. You know him from your fun history books, the son of Richard J. Daley, who had his Red Squad break into peoples' homes, bug their bedrooms and offices phones looking for information for decades until a Federal Judge had to tell them to stop.

Mayor Daley wanted to know all about people who disagreed with him. And that's the same Richard J. Daley whose handpicked State's Attorney's police murdered two Black Panther members while they slept in their beds.

Well, Richard J's son, William M., is the man who, along with lots and lots of FBI agents and CIA agents and NSA agents, has been fighting for weak encryption rather than strong encryption. Strong encryption, boys and girls, prevents people from reading your personal correspondence or records. Now the Department of Justice wants to bug your computers to prevent you from utilizing strong encryption the way it is supposed to work. Weak encryption makes it so much easier to read your grades.

Let's have a show of hands. Who wants the government to know everything about us and for us to not know anything about the government? Anyone? Anyone? Later, let's all look up "data mining" on the Internet. We can probably find out lots of cool things about your parents that they don't want you to know.

Now let's talk about the best part of the "Think About it" page:

"Some hackers think that if they 'don't alter anything' or 'don't mean to alter anything' they haven't done any harm. But they are stealing telephone and computer time. They also crash systems so they won't work. How do we use information systems today? What would happen if systems like the air traffic control system or the 911 system suddenly stopped working?"

Now, let's be real good students, boys and girls. What's real strange about those ideas? Remember when we learned that word "stereotype?" It's bad to stereotype, isn't it boys and girls? Rachel or Brian, can you tell me what the stereotype is here? Riiiiighht. Good. Both of you! You want to know who, exactly, are those "some hackers" the page refers to. Do they have names? The kids page seems to be telling us that all hackers are bad.

Well, one group of hackers calls themselves L0pht. And they have cool names like Silicosis, Brian Oblivion, John Tan, Dr. Mudge, Kingpin, Space Rogue, Weld Pond and Dildog. Some of them also belong to a hacker group called "Cult of the Dead Cow." Isn't that a great name to scare a U.S. Attorney! Almost makes you want to be a hacker, doesn't it?

You get to testify before the United States Senate and describe how thoughtless the United States government is when it tries to hide software vulnerabilities. You know what? United States Senators were so impressed they even autographed their own pictures for them! Isn't that cool? Tomorrow we'll look up the words "duplicity" and "stupidity."

So I guess the lesson is "some hackers" can be good hackers, unless the DOJ kids page authors or the DOJ itself wants to challenge the United States Senate. What do you think? Maybe MTV would even do a celebrity death match segment DOJ v. the Senate.

How about those last ideas boys and girls, about systems crashing? Why is it some people have become centa-billionaires or just plain billionaires by making computer software full of flaws and mistakes and bugs, causing the programs to crash all by themselves or to be crashed by some silly 16-year-old script kiddie? Are these very rich men ever asked why a multitude of software users is made to endure their bug-ridden products?

No, Rebecca, no need to answer, that was what we call a "rhetorical" question.

What do you think your parents would do to General Motors or Ford if their car or truck totally self destructed by itself or fell apart at the slightest fender bump?

Yes, Brian? Oh, I see, well I am sorry about your father's Yugo...

You know the concept of "bankruptcy?" Don't you think it's only fair, boys and girls, that the software billionaires should shoulder some of the responsibility for the flaws in their product rather than putting the blame on the heads of "some hackers?" Maybe the Justice lady should put her blindfold back on and administer justice without fear or favor. What do you think, children?

Tomorrow's assignment, boys and girls, is to read the latest issue of Phrack, write a synflood script and wear your "Free Kevin Mitnick" T-shirts at assembly.

Yes, Brian? Of course you get extra credit for your creative use of "Back Orifice," but tomorrow, please restore the school's network to its rightful owner. Thank you. Class dismissed.

[To subscribe to CWD, send a message to:

Majordomo@vorlon.mit.edu

In the first line of the message put:

Subscribe CWD]

This discussion has been archived. No new comments can be posted.

One for the Kids

Comments Filter:
  • by Zurk ( 37028 )
    Is this a rant or a newsletter ?
    The "couple of kids" at Waco were armed not only with semi-automatic rifles but also with full auto mods to their weapons and grenades..i may not support the notion of what the government did was correct, but i'd stop from stating they were a coupla kids.
    And since when was routing script kiddie sniffing and cracking ok ? The government doesnt do that, either.
  • This is why I read /. . Thank you for bringing this to our attention! It's important for us all to be reminded that we're not the only group fighting for the future of the Net.

  • That says it very nicely.

    Maybe one of those evil hackers could modify the DOJ's kids web page to include a link to this article--just so the inquiring fifth grader could get both sides of the story.

  • by Otter ( 3800 ) on Wednesday October 13, 1999 @10:03AM (#1615537) Journal
    After all the yammering and paranoia here, I was unable to pick out any meaningful point. Tell me:
    • Is breaking into my computer bad or not?
    • Is breaking into my computer illegal or not?
    • Should children be encouraged to respect my privacy, my property and the law, or not?
    • Personally, I think this DOJ project is an utter waste of time, resources and taxpayers' money. But I have zero regard for the mentality that invading my system is cute or harmless. And whatever abuses the government may have committed/is committing don't make it OK for some halfwit kiddie to crack my computer any more than it makes it OK for him to break into my home.
  • by Skyshadow ( 508 ) on Wednesday October 13, 1999 @10:04AM (#1615538) Homepage
    Okay, so maybe in my distant youth I might have broken into a system or two, but I never really hurt anything and never "crashed a system so it [wouldn't] work".

    IMHO, if the Justice Department wants to start looking into computer crime, how about looking into how a *lot* of computer companies (and by no means do I just mean MS, although they are one of the major perps) put out buggy software and then sell the security or software patches?

    So, you either have to buy the "upgrade" or face having your data deleted or corrupted by a hacker or by a bad bit of code. In the tone of the article, "Can we say 'Blackmail'? I knew we could." Wasting time and resources on crackers is such BS -- maybe one in ten thousand ever get caught or in trouble, and meanwhile these crooked computer software companies are costing the economy billions in wasted money.

    Put a few CEOs in prison and let 'em rot for a few years without a trial. I'm sure that meets with the DOJ's blind-justice-for-all philosophy.

    ----

  • Give that page credit, they are trying to achieve their mission in an intelligent manner...

    Inculcating kids with the "right" behavior is a valid purpose for the department of justice... most of us do stop at red lights late at night when there are no cars nearby...

    Granted the page does not get into the finer points that this article brought up, but telling a 5 year old "programmers are good, hackers are bad" is easier than saying "some hackers are good, some are bad"...

    I doubt the DOJ thinks crackers are anything other than poor white people...

    There is not that much that is highly objectionable there... I think the page did a fairly poor job, but Internet crime is not that page's focus anyway...

    The arguements given are not intelligent, but what do you think a 5-year old will read, a list of do's and don'ts or a long persuasive thesis...

    Don't forget that the main way that kids will come in contact with this page is NOT on their own, but their teachers/parents taking them there, and giving a guided tour... how many of you have been to this site on your own, its the last place I would point my browser, if it had not been for this article...

    Yes the DOJ is trying to indocrinate, but so what? that is what it is there for... that is what the carrot side of crime prevention is all about...

    (I am not saying its pretty, but its prettier than Waco, the stick side of law enforcement...)

    We are all in the gutter, but some of us are looking at the stars --Oscar Wilde
  • leave it to the DOJ to protect americans from themselves. How long before the DEA(Drug Enforcement Agency) is joined by the IEA(Internet Enforcement Agency)? 2 agencies like this could toatlly destroy the concept of personal freedom and the right to privacy. And just like the DEA's DARE program has filled little heads with propaganda in a most nazi-like way. and torn apart famillies buy telling little timmy that 'its okay to turn in your parents if the smoke weed'; so too would this emmerging campaign ingrain a sense of distrust and seperatism as kids are asked to 'take sides' and rat on their prodigal friends. children in their early teens have enourmous potential with computers beacause they thirst for knowledge, that is a great asset, unfortunately, kids will eventually realize the truth behind these programs and these little brainwashed 'frankenstiens' will turn on their masters in the end.
  • by Anonymous Coward
    If you go to the DoJ page, you'll find out that the DoJ thinks highly of New Sports Equipment in your school. It seems that unless you rat out your friend, the school can't buy any New Sports Equipment. That would be a terrible thing if the jocks didn't get their New Sports Equipemnt. [usdoj.gov]
  • I wish I'd known about this newsletter before. This is good stuff.

    What the government does not seem to comprehend is that all the preventative measures in the world won't stop the free nature of the internet. Controlling the internet is similar to the old Sanskrit mental exercise.

    Try to stop your mind from wandering. Attempt to concentrate on one thought and no other. Not too easy is it?

    The old Sanskrit writers described this phenomenon as the 'caged monkey.' The caged monkey will flitter around the cage incessently; attempting it to stop is more difficult than reigning in the horses pulling a runaway chariot.

    The internet is the home of millions of caged monkeys. Try to prevent even one from bouncing and dancing from this place to that. It is an impossiblity internet communications are not centralized and they will not be.

    The government should not attempt to control us on this medium. By doing so, it may find itself an obsolete institution that people no longer need or want because people will have collaborated to obtain the services the government stopped giving. We should put the government in its place.

  • If you look at this DOJ page, it mentions these hackers breaking in to the phone swith and rebooting the machines. Apparently, this brought the machines down for hours. /bullshit/

    don't i clearly recall that when AT&T had their little network problem that resulted from some dumbass not putting some { } in the code that the real issue had to do with the speed of the reboot.

    the machines would crash, because of the aforementioned bug, and then reboot _in about 6 seconds._ And the problem was that when they would come back online they crashed other machines... or something...

  • If your car is prone to breakdowns, that is NOT illegal...

    If your car arbitrarily blows up, that is, but that is only because of Federal safety regulations (and some negligence law, but that is impossible to prove (almost))

    the EULA protects software companies... even if the DOJ wanted to, this is not something they can do anything about, at least until they get rid of the EULA...
    We are all in the gutter, but some of us are looking at the stars --Oscar Wilde
  • The page fails on the #1 criteria: Kids won't buy it.

    Give your average intelligence hacker (with the correct usage), they will take one look at this page and laugh.

    The second point they fail on is the fact that crackers and script kiddies typically don't give a crap about the morality of their actions. This site can't hope to compete with the sites that advocate malicious scripting and cracking. The "Mr. Rodgers" comment in the editorial seems all too apt.

    There is one example of punishment being meted out and it goes to the kid that crashed a phone system by accident. While it certainly is prudent to understand the repercussions of your actions it hardly seems like a good example since it is rare that anybody (let alone a child) believes they don't know what they are doing. A better example would have been something involving a deliberate cracking.

    Mixed in the lame crap is this little paragraph:
    "DON'T try to break into computers. It's not a game. It's a crime and it's an invasion of privacy. Computers often contain sensitive information. How would you feel if someone broke into a computer and changed your grades? Deleted your term paper? Cut off your telephone?"

    Funny, coming from a group that wants to be able to break into your computer at will. Even if you are able to ignore the hypocrisy, it completely ignores the fact that the only way to be (reasonably) sure a system is secure is to try to hack it. But then if you use NT it's supposed to be solid as a rock right?

    Overall, I agree with the editorial. It's phrased a tad more aggresively than I would have done but the points seem to be valid.
  • by Coutal ( 98822 ) on Wednesday October 13, 1999 @10:17AM (#1615549)
    Why not make an equivlent site for the DOJ, Senate and various other Government authorities?

    "Lawmaking: do's and don'ts:"

    1. Do not make stupid cryptography laws.
    2. Do not waste taxpayer's money on stupid sites.
    3. Do not feed our childern with bullshit.
    4. Above all, try not to be hypocrite.

    or,

    "Are you a good Legislator?"

    1. "my friend D. from the FBI and I wanted to bug people, but it cost a lot of money. then joey found out he can use taxpayer money to do this FOR FREE! but i've heard wasting taxpayers money is bad"

    2. "my friend Z from the NSA brags that he can boycott every piece of high-cryptography software from being exported outside of the US. and then, he can toy around with people's basic rights with total disregard to the constitution. he wants me to help him by cancelling the constitution altogether".

    or, how about "Stupid laws hurt Senators, making it harder for them to get re-elected"?

    The possibilities are limitless :) and that is what i call good use of taxpayer money!
  • I know this is a little offtopic but phrasing this whole thing as a "lesson" to a group of fictional students is more than a little annoying. The same information could have just as easily be put down in a better format and I would have been able to conecentrate on it. Instead I have to read the phrase "boys and girls" 78 times and I still don't know who Rachel and Brian are. I'm all for personal writing style but this isn't a story, it's supposed to be a news article.

    Like I said, this is a little offtopic but I felt I had to say it. Other than the form issues I have, excellent job michael.
  • If you like computers, don't use your brains to hack systems, invade other people's privacy, and take away their networks. Hacking can get you in a whole lot more trouble than you think and is a completely creepy thing to do. If you're so smart, use that computer to do great things!

    Okay, kids.... But don't drink caffeine. That might make you even smarter.
    I associate plenty of words when I think of hacker, but "creepy" isn't one of them.
    Enough talk... I've got to go "take away someone's network..."

  • Maybe the DEA and the IEA could be a single agency, then we could put tax dollars behind a half-baked IDEA.
  • Let's back up. Ok, the government spies on me. There's a lot of evidence for and against this idea, but let's assume it to be true. Let's assume the government is the spawn of the devil and does all kinds of evil things to me, my computer, my privacy, my family, and my pets. Does that make it right for kids to break into computers? I think not.

    Two wrongs do NOT (And never have) made a single right. The impression I get from this article is that it's ok to break into computers, because the government does it already. This is one of the most unproductive viewpoints I've ever heard.

    Perhaps this justice department program could use some re-tooling, but the overall message is correct. Cracking things is bad. It's bad coming from anyone. You do not contribute to the overall solution by doing so yourself.
  • by Anonymous Coward
    Why do certain people like to romantcize [c|h]ackers? if someone breaks into a system, and brings down the phone company, they should be punished. they can cause a lot of harm. if 911 goes down, people can die....i find nothing in that worth defending.

    yes, the government spies on us. yes, they want weak encryption. so how does that make someone stealing credit cards an honorable thing? our government also assisinates people, so should can i go around murdering those who i do not like? just because the government does bad things, that doesn't mean it's ok for anyone else to, either...

    i am not defending the government by any means. but [cr|h]ackers are just as much of a criminal as a thief or a vandal. and trying to say hacking is ok because of "l0pht" or "Cult of the Dead Cow" is poor logic. They do not hack to cause destruction, but to find holes in systems. most [cr|h]ackers and/or script kiddies just want to cause destruction. anyone that breaks into a system, steals info, bring down a system, etc., is a criminal plan a simple. and just because they cost big companies large sums of money, that is in no way "sticking it to the man" or anyhting like that. it accomplishes nothing. you might say it shows the security problems in todays networks, but that does not execuse reckless destruction.
    [H|Cr]ackers but be made into hereos, but wait until the steal your credit card numbers, or you can't call 911 because some script kiddie wants to be elite. what "l0pht" does is a great service, but i don't consider them [cr|h]ackers in the sense the govmt web site was talking about.

    it's takes real skill and intelligence to create and not destroy.
  • You can't believe "the government doesn't do that either" part of your statement. You shouldn't even be on here if you believe that. That was no rant, it was...well, ok, It was a rant. But a rant of genius!!!
  • That Yugo comment was classic. :)

    -Restil
  • by konstant ( 63560 ) on Wednesday October 13, 1999 @10:24AM (#1615557)
    Cracking is a crime. I won't suggest it ought to be a crime. I won't say I'm happy it's a crime. But it is a crime. AKA illegal, breakin de law, no-no, stoppit.

    While cracking is a crime, it is perfectly appropriate for the DOJ to enforce laws against it. One of the most effective measures against criminal activity is preventive education. AKA propaganda, ministry of truth, marketing, flak.

    The activities described on the cited page are illegal. The people most commonly engaged in them are young. The DOJ is using the bully pulpit in a means that is just as effective and admirable as the "Just say No" campaign of the 80's. I don't agree with anti-drug laws, and I don't agree with some anti-cracking laws, but I have complete respect for the men and women who must enforce those laws, regardless of their wisdom.

    -konstant
  • Comment removed based on user account deletion
  • Is breaking into my computer bad or not?

    Good or bad is a value judgement. Value judgements are morals, morals are religion, and church and state are supposed to be seperate (I was going to write "religion is a load of crap" but I'm feeling nice today.)

    The government has no place saying whether anything is "good" or "bad". Period. Otherwise, they are practicing organized religion.

    Is breaking into my computer illegal or not?

    Indeed it is illegal. I don't think their can be much doubt there. Even if the cracker doesn't do anything seriously harmful, he is likely to be tracked down by federal agents, and be tried for comitting a federal crime. He is likely to be accused of terrorism, or worse.

    He is likely to have his property stolen by the state (with little or no chance of getting it back). He even has a good chance of spending a long time in jail, possibly without a trial.

    Its a damn good thing the American government makes it so clear how illegal it is. I think they should just hang crackers in the public square, and have us bring out our kids to watch. Then they would truly understand.

    Should children be encouraged to respect my privacy, my property and the law, or not?

    Kids should be encouraged to think freely, make their own sound desitions on what they consider right and wrong, and to stand by and for those desitions. And, if anybody should be doing anything to form a childs mind, it should be its parents, not its government.

    -
    /. is like a steer's horns, a point here, a point there and a lot of bull in between.
  • 17 times by my count. A bit excessive. But then, CWD has never been known for its august writing style.

    Over the years, CWD, in spite of its kick-your-ass, heavy-boozing style, has scooped the more mainstream media on some important issues. Remember when Brock found a student to reverse-engineer the block list of some crummy censorware, and (surprise surprise!) found sites blocked for pretty obviously political reasons?

    I look forward to CWD being on slashdot. It deserves the wider readership it's going to get.
  • by NatePuri ( 9870 ) on Wednesday October 13, 1999 @10:29AM (#1615563) Homepage

    I agree with you whole-heartedly.

    I've been saying now for while that everyone who has purchased M$ software has a valid claim for fraud, breach of implied warranty, and /or strict product liability.

    I'm almost positive a judge would allow a class action law suit based on these allegations to make it to trial.

    We as a community need to compile a database of testimonials, i.e., 'My computer crashed and I lost 20 hrs of research"; "This virus took our network down for 10 hrs and we had to spend $50/hr on three sys admins to fix it." A database like this would do the ground work for evidence discovery needed to prove a case for fraud and to prove the damages.

    Such a database would be easy to build, I understand. If anyone is interested email me at my email address above. I'm not talking about a bug list. I'm talking about a list of the damage the bugs caused. Specifically how much time and/or money did one spend to remedy the damages that faulty M$ products caused. If nothing else it would force M$ to fix their bugs, and it would be an interesting thing to read.

    Contact me... I have web space and time if you have time...

  • I'll tell you why it's wrong. IT'S NOT THEIR JOB! We pay them to be our checks and balances for the Congress and Prez. Anything else they do with our money (and their time) is beyond scope and wasted. If we need someone to indoctrinate our children, it should be done correctly, through the public schools system like it always has. (yes, that's sarcasm ;)
  • I personally intend to teach my children (should I someday have any, geek stereotypes and all) to detest "the law". but at any rate, I think that the article here was saying something like
    <METAPHOR>
    no one has houses, all of our possessions are piled on our lawns, out in the open. we can all agree that going onto someone else's lawn and taking things is wrong, but maybe the best solutions all around would be to build houses, because as a few dozen people are saying, you can just walk over there and grab stuff. While we're at it, maybe we should be holding the carpenters accountable for charging us for houses, but only building ankle high fences.
    </METAPHOR>
    then again, I may be wrong...
  • Hypocrisy about worrying about "privacy" while at the same time denying privacy to its own citizens, you know, the "government of the people, by the people, and for the people" kind of government.

    The Martin Luther King part is well documented. J Edgar Hoover detested MLK so much that he fabricated tapes from snippets of illegaly tapped conversations and spread them around to make MLK look like a communist dope peddling paedophile wife beater.

    On a personal note, my uncle was wiretapped during the Vietnam war for daring to stop LBJ's "voluntary" $100/month war bond program, and for organizing a union. FBI wiretapped him, asked his neighbors, friends, and co-workers nosy questions, generally intent only on making it obvious he also was a scumbag under investigation.

    That's what this rant is all about. Hypocrisy. It's nothing new. It just needs a good rant once in a while.

    --
  • Breaking into someone else's computer(network) is bad and should be illegal. Yes, children should be encouraged to respect property, privacy and law.

    Just because you break into a home and leave without breaking or taking anything, doesn't mean that you haven't done something wrong. And for those that think that just because you aren't "physically" breaking and entering or aren't doing any "physical" harm, that it's ok, should sign up for a course in ethics. Would you like it done to your system (regardless of how tight your security is or meaningless your data)? Think about the police showing up at your house and entering, looking around making notes, then leaving. Without your knowledge, without your consent, and without breaking anything. Or maybe THEY hack your computer and don't "do any damage?"

    Would you be screaming about rights then? You bet your sweet ass you would. But then to turn around and say it's ok, if you do it to someone else, because "I didn't hurt anything..." is just damned hypocritical.

    Now, I don't agree with the "dumbing down" of security, but hacking/cracking/phreaking should be discouraged as much as possible. The only exception being in the instance of security testing.

    Shaken
  • The activities described on the cited page are illegal. The people most commonly engaged in them are young. The DOJ is using the bully pulpit in a means that is just as effective and admirable as the "Just say No" campaign of the 80's. I don't agree with anti-drug laws, and I don't agree with some anti-cracking laws, but I have complete respect for the men and women who must enforce those laws, regardless of their wisdom.

    Ah, you mean the same "Just say No" campaign that managed to teach youth how bad (thank god we havea governments to tell us what is good and bad huh) drugs really were, managed to curb drug usage among youth completely, ended the drug war, and made the 90's the shiny happy completely drugless decade its been.

    How could I forget...

    -
    /. is like a steer's horns, a point here, a point there and a lot of bull in between.
  • So, it's ok for Joe Hacker to break into my computer, but not the government? I have to say, I'd rather it be the government. They're just looking for evidence to convict me of something, where a hacker could be looking to crash my computer and/or steal my identity.

    Granted, the DOJ should have used the term "cracker" rather than "hacker," but most people associate hacking with criminal activity, and more people are familiar with that word.

    And, yes, the DOJ is being hypocritical. But look at it from their point of view. I don't think they're out to "get" anybody, they honestly believe they're protecting the "American way of life." Their methods are sometimes underhanded, but their intentions are good. The stuff on their website is intended to be a good lesson for children. What we need to do is support laws that force them to apply those same lessons to their methods. That's the way to fight hyprocrisy, not by saying, "since the government does it, you can too."

    human://billy.j.mabray/
  • The "couple of kids" at Waco were armed not only with semi-automatic rifles but also with full auto mods to their weapons and grenades.

    Er.... no.

    As for the rifles, the government claimed to have found weapons converted to full automatic, but refused to allow non-government experts to verify this evidence. As for the grenades, all that were found were grenade shells that had survived the fire (i.e. were not filled with any active ingredient), and are thus most simply explained as novelty paperweights of the type the Davidians were known to sell as part of their (licensed) firearms business.
    /.

  • by QuMa ( 19440 )
    And how about the "what is privacy worth" stuff?
  • At some point, "computer literacy" is going to have to come to mean more than just knowing how to maneuver around a GUI. Security, encryption, and the like are no longer merely technical issues; they are now issues of public policy, and in order for a democratic republic to function, issues of public policy need to be publicly understood.

    The average user today is woefully uneducated about how computers work -- how information is represented and stored, how it is transmitted over a network, and so forth -- and thus is unable to make reasoned judgments about related issues. A person who does not understand that his love letters, written in Word, are stored on his hard disk as files cannot understand that a security hole that permits a remote cracker to read files off his hard disk would permit that cracker to read his love letters. A person who does not understand that information travels over a network in packets which can be intercepted cannot understand the need for end-to-end encryption.

    I am not sure how to solve this problem. It is clear that the government, and government schools, cannot be expected to educate the populace about those technical issues which have become critical public policy issues. Why? Because government has, time and again, demonstrated that on these issues it prefers an illiterate populace. A computer-illiterate populace will not demand privacy, encryption rights, or other troublesome things.

    Perhaps the industry should get directly involved. I'm not sure how well that would work, considering that the biggest names in the industry (Microsoft, for instance) oppose, through their actions, privacy and literacy for the masses.
  • Hypocrisy is the greatest luxury.

    We all know that our government is hypocritical. That is why we have the whole checks and balances thing. One branch can go completely of its rocker, and the other two are supposed to reel them in (sorry about the mixed metaphor). I know that a lot of us like to rant and rave about buggy software and silly laws, but who are you railing against?

    No one is perfect. Flawed software comes out because no one realized the extent of the problems in testing. Most of the exploits and security holes in software that I have become aware of are due to such arcane circumstances that I can quite easily envision a QA failure. Bad software just means bad QA, not malicious intent to sell patches.

    Maybe MS does put out sloppy code on purpose.
    Maybe CDC is wrong to hack at sloppy code.

    Maybe we are wrong to use bad code...
    How secure is /.?
    Has anyone tried to hack it?

  • The DOJ kids page goes on like some blithering 3rd grade teacher in Kansas

    And this article goes on like some blithering 3rd grader. After about the 5th "boys and girls" I gave up. Is this a feeble attempt at making a point or your writing style? Keep me in the 0.56% who don't subscribe, thanks.

    Lemme get this straight, though. It's okay to hack 'n crack, but not okay to invade privacy. Okay, you explain that to my four year old.

    As for the rest of the so-called article, all I can say is: "Huh?"

    Whatever.

  • IMHO, if the Justice Department wants to start looking into computer crime, how about looking into how a *lot* of computer companies (and by no means do I just mean MS, although they are one of the major perps) put out buggy software and then sell the security or software patches?

    That is a very foolish and partisan sentiment. It is also unsound legal thinking. The moment that it becomes illegal or fiscally dangerous to ship unstable software, you will see exactly one thing: less software will be shipped, and the companies that do ship will be huge megaglomerates like Microsoft that can afford to settle a lawsuit. Small developers will have to join the conglomerates in order to preserve their asse(t)s.

    If you don't believe me, it is very simple to demonstrate I'm right. Medicine has been going down this path ever since "malpractice" entered the vocabulary of people like yourself. How many small-time doctors do you visit these days? They are a dying breed because they can't afford the insurance or the risk of being sued for accidents beyond their control.

    If I could be sued for every bug in every program I have written, I would never publicly release software. It is impossible to track down every bug in software. You are deluded by your hatred for Microsoft if you think otherwise. The greater the complexity, the greater the number of inevitable bugs.

    If software harms somebody, then you can sue the maker. If software is buggy, then the market will take care of it. Unless people don't share your opinion of what is acceptably buggy.

    I say keep software free and clear. Don't introduce parasitic lawyers into what is, despite griping from people like yourself, very nearly a perfect industry.

    -konstant
  • He does. Quentin is my idol.
  • I hope we're talking about the same thing....

    IIRC, from the book Expert C Programming, the AT&T bug was due to a switch-case statement in which a break statement had been left out.

    In the book, it was presented as an illustration of how fall-through in a switch-case statement could really bite you.
  • Doesn't it bother anybody that they imply that it is wrong to publish your term paper?

    check http://www.usdoj.gov/kidspage/do-dont/netizen3.htm

    Are they saying that the scientific comunity is BAD???

    I publish my papers all the time, if people would refrained from publishing stuff for fear of plagiarism the scientific comunity as we know it would not exist!
    personally I think that answer A was the best one!!!
  • "People who break into computers ("hackers") destroy property and records, and invade privacy."

    straight off their 'teach the kids how not to crack/pirate' website. and here we go once again, into the definitions.. hmm, perhaps real dicionaries should have def'ns for cracker and hacker, if they already dont

    *shrug*
  • Its nice to know that the art of missing the point completely is not lost. Sort of a can't see the forest for the trees.

    I think a meaningful point (there was more than one) might best be summed up as "Let he who is without sin cast the first stone", eh?

    Yes, children, imho, should be encouraged to respect privacy and property. The law is another matter. Children should be taught to respect good laws, how to fight bad ones and most importantly the critical thinking process that allows them to determine for themselves, based on their own set of values, which are which.

    Blind respect for law is too much like faith, and while faith might be fine for succor from fear of death, when you use it to relate to your government, you instantly abdicate your right to freedom.


    Jherico
    All zealots must be found and shot! :)
  • Good or bad is a value judgement. Value judgements are morals, morals are religion, and church and state are supposed to be seperate (I was going to write "religion is a load of crap" but I'm feeling nice today.)

    The government has no place saying whether anything is "good" or "bad". Period. Otherwise, they are practicing organized religion.


    That's just silly. Of course government has to make some judgements as to what's good or bad. Right and wrong might be better terms here.) Otherwise there'd be no laws at all.

    Which isn't to say the government does a very good job of it...
  • First off, I completely agree that two wrongs don't make a right.

    I don't think that was the point. I think the authors were attempting, in a humorous fashsion, to point out that the government is guilty of these same things, and at a much more serious level.

    Thus they weren't saying to the kids it's ok to do this stuff, the target audience of the web page will probably never see this piece. No, they were telling the DOJ to practice what they preach.

    Steve M
  • Good or bad is a value judgement. Value judgements are morals, morals are religion, and church and state are supposed to be seperate (I was going to write "religion is a load of crap" but I'm feeling nice today.)

    Valuing human life is a moral too, but I doubt you'd object to the illegality of murder. While I am averse to legislating morality in general, there are some morals that you have to accept in order to take part in an organized society. The fact is, any time you choose one thing over an other you are making a value judgemnet.

    Its a damn good thing the American government makes it so clear how illegal it is. I think they should just hang crackers in the public square, and have us bring out our kids to watch. Then they would truly understand.

    I hope you weren't being literal here. While I agree that it should be illegal, there is no need to go to such extreme ends. When the perpatrator is simply attempting to expose a security hole without doing any damage, it'd be nice if judges treated this as a mitigating circumstance should the owner of the compromised system choose to press charges.

    Peace,
    Dom

  • The only thing I can think to say is, "I'm sorry."
    Further clarification should not be needed
  • 2*0=1*0; 2=1?

    Give it up -- it's not all that cute, man...

    --

  • Morals != religion. Many athiests are moral people. Causes quite the conundrum with your theory, eh? Governments are in the business of saying what's right and wrong. They don't call them morals; they call them laws. Law == morality. Doesn't matter if that morality has a religious basis or not. When you boil it down, laws define acceptable behavior - what's good and bad.
  • "TOLERANCE: The recognition of and acceptance
    of the beliefs, practices or behaviors of
    other people that differ from your own."

    be tolerent until those that are different are
    all dead.

    we should not put people in jail for "being
    different".
  • Ok, here in the USA, we have a Republic.

    The way a republic works is that the people elect representitives to make decisions for them.

    The problem with this is that the elected officials make stupid decisions.

    When the elected officials make stupid decisions, the people have to complain about it -- otherwise the stupid decisions stay.

    Democracy, even in the limited form of a Republic, just doesn't work if people don't participate and express their opinions about any relevent issue.

  • Hey, man, let's actually do it! Unfortunately, I wouldn't have time to set up a page, but I would surely contribute some lines


    The word "woman" is no longer politically correct.
  • Bad software just means bad QA, not malicious intent to sell patches.

    I manage a QA department and have worked in QA for over ten years. There are methods to prevent bad code from getting out. It takes effort to do so, and most suits don't understand why processes and procedures are important, to say nothing of testing. I don't know many times I was told that even though the code got to QA x months late, the QA deadline is still the same.

    Any company that does this is intentionally selling bad software, and should be held accountable.

    Steve M
  • I guess if one had to pick the kernel of truth out of this article its that centralized government (you can't pin any one office down) likes to maintain control & the status quo. And on the surface it makes perfect sense.

    "But gee, Harold, what if this fella is a commie? We won't be able to read his strong crytpo emails!"

    That kind of sentiment is the killer. It's innocent enough on the surface, but absolute power corrupts absolutely, I'm told.

    Dirk
  • First of all this Justice Department site is hilarious primarily because it is so hypocritical.

    As to the page you refer to, however, since most schools don't have employees who really understand the computer systems they use fixing problems can be very expensive. A student at a school near where I live managed to hack his school's network and screw it up real good -- the final bill for the consultants who came in to fix it was in the tens of thousands of dollars.
  • Leaving aside the "do as I say not as I do" arguments (valid as they are) this is only really in that they say

    DON'T try to break into computers
    instead of
    DON'T try to break into other people's computers
    Trying to break into your own computer
    is just educational. If it had been proposed
    to whatever non technical person wrote this
    they probably would have even modified it thus.

    second they say essentially "do use chat rooms" and then followup with things not to do there.
    This is, IMNSHO, bad advice. Chat room are basically a toilet. Always have been and I don't know a way to fix them. I have small children and let them do most anything they want on the net (no net.nanny crap) but they don't need to know IRC exists. The chat areas on the game servers like battlenet and WON are bad enough, though the kids don't hang out there - they play games.

    IRC is where the (very few) pederasts lurk and all the other things parents worry about tend to occur. Put that against the fact that 99.99% of everything there is crap and you've got it. They can chat with their friends via things like ICQ that are less public. IRC is occasionally useful enough for an adult or older kid to wade through the "what sex RU" crap that invades even #perl or #c++ - or even for teens to learn to flirt in a semi-safe place (A 16 year old that can be lured by a loony on IRC has more fundamental problems than IRC itself). For the age range these pages are aimed for it is just lose/lose.

    Alright I found one more that boils me. On the
    "reckless driving" page they say

    Lots of kids know enough about computers to hack into big networks, but so what?

    AHHHHHHHG! I knew there had to be something here that would 'out' them as the totally freaking stupid DOJ we know and love.

    garyr
  • When I was about 12, my parents upgraded their will, and I got to meet a lawyer for the first time. He had the seal of the state of New York on his wall, and I asked him why the lady was in the blindfold. He said he didn't know.

    Later on, I found out why Justice was blindfolded, and have always wondered if he really didn't know, or if he just didn't want to explain it to me.

    The worst part was that he had been, at one time, a congressman.

    >>>>>>>>> Kvort
  • by jd ( 1658 ) <imipak&yahoo,com> on Wednesday October 13, 1999 @11:10AM (#1615602) Homepage Journal
    Two wrongs NEVER, EVER make a right. (Although three rights do make a left.:)

    Just because some members of the Government style themselves above the law does NOT mean that it's Open Season on the world's data resources.

    Encryption - that's a sounder argument. Prevention of abuse is, IMHO, superior to an eye-for-an-eye attitude. Strong Encryption is the equivalent of handing out portable force-field generators to everyone. If you can set, and enforce, your own boundaries, you don't need to break other people's, out of fear, vengence, or spite.

    Yes, I agree that the web page being ripped to shreds is a paranoid rag that demeans it's audience and discredits children's intelligence. On the other hand, most of the counter-arguments fall in the same category. Doing the exact opposite can sometimes be really doing the same.

    IMHO, cracking won't be a problem, once IPv6 is FULLY implemented (with flow control labels!) over the Internet, along with a strong flavour of IPSEC and QOS algorithms such as RED, CBQ and ECN, and Windows is replaced with fortified Linux or fortified flavors of BSD (such as OpenBSD).

    How so? IPSEC prevents attackers knowing what data is important and what isn't. Sniffing passwords or data becomes impossible. (Funny how the article didn't mention this. If you only encrypt the important stuff, then everyone knows where the important stuff is.)

    IPSEC also makes port scanning more complex, for private sites. Simply have the stack reject packets from a source not on a list of known OK sites.

    Then there's IPv6, with flow control and packet prioritisation, and all those lovely QOS algorithms. DOS attacks, say by SYN flooding, become impossible. The priority of the packets would drop, and the packets discarded, by the network itself. If the culprit failed to respond to an ECN request to turn the noise down, the net would be capable of automatically locking out the offender.

    A fortified OS, such as Linux with the International patches and the various security patches that are floating around, provides you with a solid fortress. Breaking past the prior barriers would be hard enough, but defeating a strong OS, with secure applications, would be next to impossible.

    If you want to put crackers out of business, don't invest in slings and arrows. A hilltop fortress, equipt with a Romulin cloaking device, a battery of sensors and early-warning devices, granite walls fifty feet thick and a hundred feet high, with interlocking blocks, and titanium gates, will serve you much better. What's more, the fort turns out to be cheaper.

  • "...I don't agree with anti-drug laws, and I don't agree with some anti-cracking laws, but I have complete respect for the men and women who must enforce those laws, regardless of their wisdom."

    Me, too, as long as it doesn't become a witch hunt. And propaganda, while neccesary, also spreads a lot of FUD.
  • by ai0524 ( 1952 ) <ai@wher e t o c y c l e . c om> on Wednesday October 13, 1999 @11:15AM (#1615605) Homepage
    Can someone please explain the American obsession with privacy? I cannot recall any enlightenment thinkers who explicit mention privacy as a natural right of man. It would seem to me that privacy cannot be a natural right of man. If all my actions were private then the contract I have with society (i.e. Locke's social contract) would be unenforcible. If society cannot determine that I have committed a crime because it violates my right to privacy then how can any crime be punished?

    It seems that privacy is not a natural right. Locke didn't mention it and, consequently, Jefferson didn't mention it.

    If privacy is not a natural right, then privacy is a priviledge granted by the society only when appropriate. As such, one does not have the right to absolute privacy.


    However, just because absolute privacy is not a natural right doesn't mean that privacy is not a good thing.


    Therefore, making an argument with the assumption that the right to absolute privacy is guaranteed is incorrect.

    Andrej
  • The Cracker can only screw up your data,

    The government can screw up your life.

  • by Maledictus ( 52013 ) on Wednesday October 13, 1999 @11:17AM (#1615607)
    Did anyone read the rest of the Internet Dos and Don'ts page? Did the "reviewer?"

    That article abosolutely reams one lousy page and one lousy "Don't" on another page and then implies that it's okay to copy materials including term papers.

    As a parent of two future "netizens" (god, how I hate that word), I saw the DOJ's page a little differently.

    Oh yeah, it's as hokey as hell and my kids will probably never see it. But what about the warning not to talk to strangers on the internet? What about alerting an adult if you get a suspicious email? Those aren't good ideas? Does the "reviewer" have kids? Is the "reviewer" old enough to have kids?

    There also happens to be information on how to surf, how to use the internet as a library and what kinds of cautionary procedures a child needs to know. Setting my children loose on the internet is like setting them loose on the streets with a bike. I can't and don't want certain things regulated -- like I wouldn't want it regulated that large trucks are not allowed on *any* street at *any* time. That would seriously impair deliveries and commerce -- not to mention my paycheck -- relies on such things as deliveries. Heck, I work across the highway from a GM plant that is my city's largest employer. So "yay big trucks!" But you can be damn sure I'm going to tell my children to be cautious where they ride their bikes -- watch out for big trucks or stay off of major streets until you're more certain.

    Same with the 'net.

    I'm not saying we need to regulate the hell out of privacy and computing and the net and all the things the under-25 crowd thinks will seriously impair their abilities to get ahead. But I am going to arm my kids with common sense and even, gasp, techo-ethics.

    And all the DOJ is doing is being an advisor. MacGruff the internet crime dog or something. I don't know how useful that page really is, but I don't think it's *harmful.* Geeze. It's up to me as a parent to be there for my kids anyway.

    And somehow, in the apparently childless (not to mention child-like) "reviewer's" mind, this ends up being a highly-charged political issue about privacy and your rights on-line.

    As in my previous post, all I can say is:

    "Huh?"

  • Oh goody. An old-school capitalist....

    Anyhow. Your right, its not possible to remove all bugs in large software, and increasing complexity increases bug counts. Maybe if software makers are held responsible for a significant effort (Yes, that is vague. Vague legal terms like this are what we have judges for, to set the precedent on what constitutes significant effort.) to fix any bugs in released software, they would be encouraged to improve their code and perform real quality testing before release, rather than bloating it with new (and mostly unwanted/unnecessary) features.

    Since everyone seems to be using the auto industry as a comparison: The car companies issue recalls whenever they find a defect in the design. They often do this before the Federal government forces them too. If data/time/money loss caused by bad code design was comparable to injury/damage caused by bad auto design, perhaps software would reach a point where patching is rare, and things work as advertised in the first place, similar to the auto industry?

    Kinda messy, but I think I got my point across....
  • by Tau Zero ( 75868 ) on Wednesday October 13, 1999 @11:19AM (#1615609) Journal
    Children should be taught to respect good laws, how to fight bad ones and most importantly the critical thinking process that allows them to determine for themselves, based on their own set of values, which are which.
    The older I get the more I realize that it is pretty rare for a child to have the kind of vision that lets them see the ramifications of these decisions. This usually requires experience to develop, and experience takes time. The critical thinking and moral grounding is crucial, but it is not sufficient.
    --
    Deja Moo: The feeling that
  • by drox ( 18559 ) on Wednesday October 13, 1999 @11:21AM (#1615610)
    ...is good for the gander.

    Is breaking into my computer bad or not?
    Is breaking into my computer illegal or not?


    Whether those things are bad or not isn't really the point. The point is that if it's bad for you or me or "evil hackers" to do, then it's also bad for our democratically-elected government to do. If it's illegal for one, it's illegal for the other. Or should be. The fact that it isn't - that there are separate rules in play for governments and wealthy corporate interests - is what this article is illuminating. And it needs to be illuminated. The DOJ is doing its best to keep that information from becoming widely known.

    Should children be encouraged to respect my privacy, my property and the law, or not?

    That one's easy - of course they should. As should the government. The latter has a less-than-stellar record in that department tho'. The law should be respected, at least in as far as the law is fair and just, and fairly and justly enforced. Where the law is unfair and unjust, it deserves no respect, from children or anyone else.
  • Same campaign that Nitrous Oxide users got such a kick out of? Just say NO is funny as he11 when your sucking lauging gas.
  • The cracker can do both.

    The government has a system for me to work within to protect myself.

    The cracker doesn't.

    human://billy.j.mabray/
  • Sale of used games have been banned in Japan for reasons stated. Here's hopeing they can't find a way to do that here.
  • I publish my papers all the time, if people would refrained from publishing stuff for fear of plagiarism the scientific comunity as we know it would not exist!

    Pssst! The DOJ site was designed for kindergartners. How many 6 year olds do you see in the "scientific community?"

    My kid's bright, but he probably isn't stealing your papers -- just reading the abstracts.

  • The moment that it becomes illegal or fiscally dangerous to ship unstable software, you will see exactly one thing: less software will be shipped...

    Do you understand what you just said, and all of the implications? In other words, you believe that a manufacturer shouldn't bear responsibility for defective goods?

    If you don't believe me, it is very simple to demonstrate I'm right. Medicine has been going down this path ever since "malpractice" entered the vocabulary of people like yourself.

    My wife is a surgeon, so I feel a bit qualified to talk about this. Malpractice suits themselves are not necessarily the evil party. The intent was to provide compensation for people who were legitimately wronged by the actions of someone who should've known better. The real culprit is a legal system that rewards people for getting hurt in the guise of "punitive damages".

    If I could be sued for every bug in every program I have written, I would never publicly release software. It is impossible to track down every bug in software. You are deluded by your hatred for Microsoft if you think otherwise.

    I bet, instead, that you'd make damn sure that you checked for error conditions, follow programming guidelines, examine function return values, and generally watch what you're doing. Know what? Some of us (read: myself) are held responsible for mistakes in their code already. No, it's not fun, but it's made me a better coder.

  • hell, i'da thought waco'd be mor'n happy to have *anything* attributed to 'em. i'm sorry, but i run from college station to fort worth on a regular basis, and i think i can say, with some authority, that *mexia* is more interesting than waco. hell, *corsicana* is....ummmm.....never mind that one...

  • The fun kind of nitrous oxide is actually NO2. I guess it should be called nitrous dioxide. Maybe you can think about that next time you're sucking down some hippie crack.
  • I'm really sick of all these new laws. The sad thing is that I doubt they will ever stop, some of them seem to just protect the ignorant computer users while hurting the rest of us.

    -chain
  • I think that the DOJ just needs to back up a little bit. I am looking at a copy of the Constitution, and I don't see anything about telling children what is right and wrong in Article III(the Judicial Branch Part). What I do see, in terms of responsibilities for the judicial branch, is the ability to interpret the law and the constitution, and apply it to cases which are presented. The only place they don't decide is impeachments really. They can also tell congress or the president to stop doing something because it is unconstitutional. I find what the DOJ is currently doing to be pretty unconstitutional. I dont know where they found the power to do this, but I guess they did(or maybe the just don't care about the Constitution anymore). Anyway, maybe I'm crazy(and thats possible), but almost everything the US Gov't does anymore makes me mad.
  • do you REALLY think those laws are a bad thing?

    personally, I want the ability to sue someone who breaks into my computer. I won't do it, esp if they were benign, but that is besides the point.

    If I break into my university's secure areas, I will face criminal sanction... why the hell should I not if I break into the secure computer systems that this campus has?

    Too much parochialism here...
    We are all in the gutter, but some of us are looking at the stars --Oscar Wilde
  • by ajs ( 35943 ) <ajs@ajs . c om> on Wednesday October 13, 1999 @11:37AM (#1615623) Homepage Journal
    "how about looking into how a *lot* of computer companies [...] put out buggy software and then sell the security or software patches?"

    If I could be sued for every bug in every program I have written [...]

    Ah. This is what we call a straw-man argument. The statement centered around the buggy software and selling the fixes. Your response focuses on an imagined scenario where you get sued for every bug. The original author never introduced such a scenario, of course, but that does not seem to trouble you.

    The likely scenario to develop from a re-evaluation of such extortion tactics is that software firms would have to start shipping updates to their users (or making them readily available) without being able to make more money from the sale of these "fixes".

    What you have now is more like a protection racket where MS can demand that you pay 100s of dollars to upgrade to a new version of their software because, of course, they're not going to continue supporting Word 97. Hell, that's two years old! Same deal with just about all software nowadays.

    Open Source may eventually end up addressing this, we'll see. What I would expect to happen is to see lots of little project forks, not to go off an support different functionality, but to support old versions with their existing functionality. For example, some people just can't upgrade to perl 5 (yes, perl 4 was last touched years and years ago, but how long do you expect to have your car?)

    Someone could take over bug-fixing of the old perl 4 source, starting their own project to do so.

    Same with Linux 2.0. Or Red Hat 4.2!

    This could become a booming business, but not one that most companies would want to burden themselves with.

    I say keep software free and clear. Don't introduce parasitic lawyers into what is, despite griping from people like yourself, very nearly a perfect industry.

    Wow. So, you think that the problems with crypto, privacy, predatory market practices (for which MS is not the world's worst offender, but tries quite hard) and so on, are right in line with what we should expect and accept? Or, do you consider these to be part of the "very nearly" in "very nearly perfect"? In that case, what would be "bad"?

    I really don't think that you and I are in the same industry.
  • by ToastyKen ( 10169 ) on Wednesday October 13, 1999 @12:00PM (#1615640) Homepage Journal
    I completely agree.
    I think criticial thinking is something that's not emphasized nearly enough (if at all) in the US education system today.
    Whether it's laws or science, we need to teach kids more about free speech and the scientific method.

    What do we do instead? Teach them what's good and what's bad.. and what the "correct" answer on a science exam is. Why do we do this? My guess is that it's because it's far easier to tell a kid things in clear black and white so they don't talk back to you. Adults don't want kids talking back to them.

    Imagine a kid challenging your commands or telling the science teacher that he thinks his exam was graded incorrectly.

    In the long run, these kids grow up to be credulous and apathetic as adults.
  • Take a moment and remember Salem.
    The wonderful place that it was with quaint shops and farmlands.
    Throw in some people who were slightly different than everybody else. We now have a witch hunt.
    To me it seems as though the DoJ amongst other government agencies is attempting to not educate the children about the proper use of computers and the internet, but to plant a subliminal message that the ultimate enemy is the /(cr)|h/acker.
    As time goes on, those who walk around with proud "Linux is the shit" stickers on their laptop they will be identified as hackers. C'Mon.. how many real hackers (including standard code-jockey, mis-interpreted crackers) run windows anyway?
    All of this can be analyzed through a bit of comparisons
    It is our right to have private conversations
    The government is directly violating that right as I type this

    It is not illegal to exploit a computer. Assuming that you are authorized to do so.Through decent software and bug-fixes, this should be irrelevant
    Instead of attempting to find a way to put the skills of people to good use, they attempt to break them.

    We're turning into the witches and warlocks of Salem. The communists of the cold war. As this attitude progresses, as our children get a horrible taste in their mouth when the word "hack" is mentioned, the true nerds will be the targets of unfair persecution
    I don't want this to happen. I like my linux box, I like finding security holes for my company -- and they like me doing it. Instead of bashing a particular site bash the entire ideology between the proper etiquete they are pushing, and the reality. We are the software world. We are the strongest force on earth, our software powers everything that matters in our civilization. Now they want to turn us into targets if we even slightly derivate from the choosen path. Maybe I'm just paranoid, but I don't want to live in a world without the freedoms I've grown so accustomed to.
    If you have children, please inform them that hackers are what push the industry. Hackers find the bugs that should have never been released in the first place. If you are a child -- understand the difference between benefiting society, and harming it. As far as cDc and L0pht go, they did wonderful things, they've proven without a doubt that micrsoft products should have never left Redmond.
    Keep it up.
    -= Making the world a better place =-

  • Hey, anyone out there who was a kid in the 70's? Remember the Carter administration's "Energy Ant" cards? Well, I sort of remember them, it seems that there was an evil Queen Ant who liked to drive over 55 miles per hour and leave lights on when she wasn't in the room, and an energy ant who always did the right thing (i.e. lived in the lovely, quiet darkness.)

    Of course, my Dad and Mom hated the energy ant cards (which I thought were kind of cool, I mean, how often do schools give out trading cards... I was a kid for cripes sake!) because they were convinced it was Jimmy Carter's fault that everyone was waiting in gas lines. My Dad would make comments about US Navy oil reserves and my Mom (& Dad) both believed that the government was suppressing alternative fuel sources.

    Of course, it does seem, to me, that there were indeed enough fossil fuel reserves available to run cars. I still believe in alternative fuel source research, but mostly to improve emissions without sacrificing speed and performance.

    In fact, my Dad is convinced of the following scenario: A government scientist develops an alternative energy source that works. He shows it to his masters at the Department of Energy, and, horrified, they make sure to suppress the finding. Actually, I think they made a movie about it called The Formula.

    As to the hacker thing... the government hates all hackers that aren't working for it. Hackers (and crackers, let's not forget) working in the CIA, FBI, etc... are just fine, as long as they're hacking & cracking for the government. It's only when an independent person has this power, that they get nervous.

    Actually, having the DoJ put up a site against hacking would sure make hacking uncool when I was a kid. I mean really, a bunch of out of touch, patronizing authority figures telling you stuff like this... it sure doesn't make you want to draw eyeglasses and a big mustache on their pictures, does it? If anyone out there collects Babylon Five comics, you might remember the one that was packaged as a fake government propaganda handout for the Psi Core. (If not, you missed one funny comic ;) You know, everything about this Website, reminds me of that comic! The patronizing tone, the massively evil organization behind the comic, everything...

  • Yes the DOJ is trying to indocrinate, but so what? that is what it is there for...

    Excuse me, sir, but you seem to have large amounts of wool on your face, particularly over your eyes...

    It's canned the Deaprtment of Justice for a reason. Its job is justice. That means law enforcement. It doesn't mean indoctrination. It means that the extent of the DoJ's role in education is to be "this is against the law," not "this is bad." What's more, it has to be this way. Education and indoctrination are two different things. Education -the teaching of facts- is something the government ought to have a hand in, especially as pertains to the law. People need to know certain things to survive in this world, and governments have the resources to allow for this.

    Indoctrination -the teaching of values- is another matter entirely, and not one which we can allow the government to interfere with. Governments have a nasty habit of twisting things to their own advantage regardless of the cost. That's rather hard to do with facts (twist 2+2 around all you want; you'll still get 4). Values, however, are different. That's why, in order to be truly free, in the end each individual must decide his values for himself. Ideally, along the way a person will have guidance from parents, friends, and such, but the last step has to be taken alone, something governments hate (too much randomness, meaning too hard to control).
  • I think the reviewer was trying to point out the inconsistency and hypocrisy displayed by the DOJ, not question the text of their WWW page. And you have to admit, they are very hypocritical. "Don't share your password with anyone ... you wouldn't just give anyone your house key!"
    Sound familiar? Governmental Key Escrow, asked for by JR herself ...

    I have two children of my own, and I do not appreciate the government using my tax dollars to try and brainwash them. I am a much better teacher to my kids than they can ever be. This is NOT THEIR JOB. Their job is (theoretically, anyway) restricted to very few things outside of interstate commerce and providing for the common defense. I see nothing in the Constitution that says they should be a nursemaid to my children. Just another example of the Feds overstepping their bounds with MY MONEY.

    Also, in the future, people might take you more seriously if you left the personal attacks out of your messages. Especially if they are not based in fact.
  • by drox ( 18559 ) on Wednesday October 13, 1999 @12:49PM (#1615659)
    One complaint I have with the article (no, not the overall point; I largely agree with that) is the way it seems to link unrelated or superficially-related events as if there were a kind of cause-and-effect relationship between them. Yeah, sure, Richard Daley did dishonorable, even illegal things. But that has no bearing on whether the things his son William M. are dishonorable or illegal. It sounds to me like William M. Daley is indeed doing dishonorable, possibly illegal things. They'd be dishonorable and possibly illegal even if daddy had been a saint. So why bring up "the sins of the father?" It only makes an otherwise good argument look bad.

  • I don't see what all of the fuss is about.. It's an obscure government-sponsored anti-computer crime campaign. It's obviously low-budget and if it hadn't been posted here on Slashdot I doubt many people would have ever heard about it.

    So it's dumbing stuff down. So what? The target audience is children, not us. If you really think they need to mention some other stuff on the site, why don't you try writing them an e-mail instead of whining on Slashdot and bashing the "evil government". Or is that all these YRO pieces are about nowadays?

    The constant repetition of "boys and girls" was annoying as hell, too.
  • Obviously, some of the things the DOJ put there are obvious. Don't break into other people's computers. Don't copy commercial software, blah, blah. Things that SHOULD be illegal anyway. Unfortunately, the Government has crackers working for it to break into computers, and MS even gave the NSA a nifty little key in Windows.

    As others have already said, Justice needs to put her blindfold back on.

    However, The most concerning thing to me is that the Government seems not to want kids to learn about their computers. They seem to be taking the attitude of "You should only do things on your computers that your teachers and parents say you should." The government doesn't want too many people to become too familiar with the actual workings of computers, because then they might actually value their privacy online!

  • I found this [usdoj.gov] a couple links away from link in the story.

    It's the "Official Word on Drugs."

    Anyway, remember when a couple senators tried to pass a law that would make it illegal to have or link to pages that have information on illegal substances? Take a look at the above link.

    I wonder if there are any other government web sites or institutions that break laws. Either potential, obscure, or existing laws? Anybody know of some?
  • (from http://www.usdoj.gov/kidspage/bias-k-5/index.htm)

    "Hi, I'm Attorney General Janet Reno. Welcome to the Department of Justice Web Page for Congressional Members!

    "In this part of the Page, we will be reading about citizens of different political parties, religious views, and cultures who don't meausure up to our standards, and how we will respond with force.

    "As you read about the experiences of these lesser citizens, think about what you would do if you found yourself lobbied by them. Think about what you would do to stop them.

    How might you respond? "By manipulation of the popular press, slanted polls, and blackballing those who fall outside the lines of our administration, we can learn ways to point out differences that make these people look fanatical or dangerous. We can also learn how we can treat ourselves outside the scope of laws we define for the citizens.

    "Together, we can help stop these hateful opinions that hurt political careers just like yours. "

    INFO for Lechers / Mobsters

  • Don't forget about cigarettes and beer. Combined with the drug companies they would love to see a "Drug Free America!"!
  • I'll reply to my own post since I got six replies saying more or less the same thing.

    My answer boils down to: Your wrong.

    Governments pass laws that tell us what we can and cannot do. That is their nature. However, they should be making laws based on pragmatic and democratic reasons: not morals.

    As a citizen of a country I have to accept that the government tells me what is legal. But I will never accept that the government tells me what is good and bad. When a government does that, then it is telling me what to think, and my brain is off limits to it.

    You don't have to be religious to hold your own morals (I am not religious, and btw, I was deeply sarcastic about the public hanging part). But you do have to be religious to believe that morals should be mandated and preached to us from above. And you have to believe in government and church as one if you believe such preaching should come from the state.

    -
    /. is like a steer's horns, a point here, a point there and a lot of bull in between.
  • Well, it *doth* say that, for instance, it is legal to refuse to quarter troops in your home...

    It's mostly prohibitions (either the citizen shouldn't do something, or certain laws shouldn't be made), but some of it does have the effect of explicitly noting rights (for the latter purpose).
  • Selling games would be theft if you kept a copy.

    Simple, no, when you think?

    You've paid for it once, and if you sell it *once* AND DON'T KEEP A COPY, the publisher still got it's price-per-copy.

    Got a clue now?
  • Should any old schmo be allowed to preside over a trial, or test-fly a prototype jet, or declare war on a major country? Or decide to scribble all over the federal budget?

    The law establishes structure. Part of that is enforcement, since no matter what the law is, somebody's almost certainly going to violate it. That means the long arm of the law has to be able to investigate.
  • Griping from people like myself... You really have to look outside of the Industry sometime -- you're obviously so used to having software makers walk all over you that you can't even concieve of not having boot tracks on your back anyhow.

    While I agree that it's near-impossible to track down and squash every bug in a piece of modern software, there are a lot (and by this I mean a majority) of software makers who don't even really try. If this isn't obvious to you, you've never been involved in a software release. Why: The software makers know that, quite simply, they can get away with it. Since there is no prescident of software makers being held liable for their defective products, they feel safe in rushing a product to market at the expense of beta testing or any level of ethical programming.

    I guarantee, however, that this will change. There is no other industry that can get away with this sort of carelessness and not be held liable, despite what you might be willing to forgive or put up with.

    Here's how I see it unfolding: A major release of an important piece of software will be installed by a fairly major business. After a few months, a known software bug will corrupt some sort of very expensive data and cause some very expensive downtime. Clients will be lost and important data gathered since the last backup will be destroyed forever. The firm will do some poking around, and find out that this bug was known about before the release. A few private investigators will interview a few ex-employees of the software company in question and discover that a deliberate decision was made to ship without fixing the bug in order to meet deadlines.

    The firm will hire an expensive law firm and will take the software company to court. The case will be tried in the media a dozen times over before the opening statements even begin. The firm will present documentation of both their losses and the negligance of the software company in causing those losses. The software company will present an argument like yours, claiming that their EULA protects them.

    The software company might win, if the appeals court upholds the status of their EULA and if they aren't found to be grossly negligent (which no EULA can protect them against). It won't matter, however, since the public outcry created by this high-profile case will lead to new legislation. The public will be so incredibly sick of their own computers constantly crashing that they'll support a shocking amount of regulatory effort. EULAs will probably be outlawed, and software makers will likely be held to a "reasonable effort" bug test.

    In any event, the field day will be over, and it will be a Good Thing(tm). Despite what you seem to think, holding companies legally responsible is the only safeguard against corporate bullying -- your "invisible hand" idea was discredited in the 1920's. If you have any question about this, ask yourself: the next time you're wheeled into the hospital, are you glad that the docs have the added incentive of avoiding malpractice, or would you rather trust that they won't skip a test because they have a "gut feeling" that you probably don't need it? Me, I'd rather be sure they cover their ass by protecting me.

    ----

  • Um, the implication there is that it's wrong to TAKE somebody else's work and claim it as your own.

    That's wrong in the scientific community, too -- it's called plagiarism.
  • I think he was refering to the fact that many "hackers/crackers" (whatever) break into many sites, mainly governmental to make a point, and express their views. It would be a wonderful society if our government could properly represent our views, but when government breaks down to the point it has, people often feel a need ot take action. The rightness of such action is left to the individual critic, but I would be careful about implying such actions are simply an attempt to break the law and nothing more.
  • Accually laws help to stabilize society. It just happends that the things we consider morally wrong, and generally the most likly to instabilize society, therefor against the law. For instance why do you think abortion is tolerated while murder is not, simply because having an abortion doesn't tend to destabilize society and cause people to commit other crime (GENERALLY) (also note I am against abortion, but I'm also rational and realize you can't legislate morality, and only believe in laws which exist to "stabilize society", though I guess society occasionally does need destabilizing)
  • by MillMan ( 85400 ) on Wednesday October 13, 1999 @04:48PM (#1615711)
    Of ourse this is true, no one argues with this, usually. My problem with the government, having committed more crimes than I can ever imagine, has NO CREDABILITY.

    Our leaders in this country should be the most moral and intelligent people in the country, and the most commited to improving the lives of the average population. But no, they're commited to the most childlike philosophy of all...money. Token concern for the poor and the environment, education, the list goes on.

    "Mommy, I want some candy right now or I'm gunna kick and scream!" So EXCUSE ME if I have no respect for the government who isn't much more mature than a child.

    Don't get me wrong, there are some great things about this country. We have more freedom than people in most countries. What most people don't realize, is that this is because of the common man DEMANDING our basic rights as laid out in the constitution. Those in power never made a difference for social justice compared to the average citizens who tried to make a difference. Our government tries to make a stable society, but stable for who? The elite.

    When slavery ended, it wasn't because Abraham Lincoln wanted it to, it was because people wrote anti-slavery papers/newsletters, educated the poulation, and DEMANDED it.

    We don't have 40 hour work weeks and safe work conditions because rich company owners wanted it, it's because people unionized in the early 1900's and DEMANDED it.

    When women were finally allowed to vote, it wasn't bacause the men in power wanted to share that power, it's because average women organized and DEMANDED it.

    When civil rights bills were passed, it wasn't because Kennedy/LBJ/other presidents wanted it, it's because the civil rights movement DEMANDED it.

    Many people who have been forgotten by history died for these causes, these are the people I have respect for, not the power elite.

    So when the department of justice spouts off to kids about not causing trouble, this is what I think. When the government uses technology to subvert and control the population, I won't apologize for having no respect for them. Their track record gives them no moral authority to tell me whats right and wrong. No one has that authority because no is perfect. The government's track record just gives them a whole lot less that everyone else.
  • routing script kiddie sniffing and cracking ok ? The government doesnt do that, either.

    Please see recent news where U.S. government has admitted to cyberattacks. In some cases breeching innocent third party systems in the process.

  • I agree with everything you said with just one caveat: what constitutes a "reasonable effort"?

    I've been involved with a lot of software, and I know that the amount of QA that software goes through can vary greatly, but there are certain kinds of bugs that only the most maniacal QA will find, and these bugs would slip through anything that I could possibly consider a "reasonable effort".

    I personally think that "reasonable effort" would consist of a group of QA people working on a product from the time the first architecture is drawn up until the product is retired. This team should be 0.5 to 1.0 times the size of the development team, and put in the same hours as the dev team. Any bugs they find should be fixed ASAP and included in the next update of the software (if the bug is found after the software has shipped), and bug based updates should be free.

    Now, that is what I think is reasonable, but I know (and have met some of them) people are out there who think that reasonable effort consists of full ISO 9000-9001 compliance and full adherence to every hare-brained software engineering scheme known to man. Some of the software engineering approaches that I have read call for 60+ pages of documentation for every 1000 lines of code. This is okay for a company like IBM (who, at least in the past) have done that much documentation per code, but a lot of small (i.e. startup) companies couldn't even dream of this kind of load. On top of that, from my experience, a lot of the software engineering approaches that I have seen (and some that I have used) add no overall value, but rather cost a lot of time and effort, and result in poorer overall code.

    Legally forcing developers to use a lot of the software engineering practices out there is the wrong answer (it would be highly counter productive), yet I fear that a legally codified "reasonable effort" clause would do just that. I think having a good (intelligent/knowledgeable) team of coders and QA people who know what they are doing will always turn out a better product than a team of mediocre coders weighed down with 10 hours of engineering practices to follow for every hour of actual coding.

    If I felt assured that a reasonable effort clause wouldn't force people into using some of the horrific software engineering practices out there, then I would completely agree, but until reasonable effort is precisely spelled out I will remain highly skeptical.
  • Hm. DOJ. That strikes a decidedly ominous tome...Rules determining hacking/justice? For a bunch of little kids? I am a Christian, but I'm not here to have a theology fight. The age-old question: Is it really wrong to break into a system?

    1. First thing here, there is really no such thing as an anarchy. For short periods, yes, but whoever is most powerful gains control eventually.

    2. Those who would stay in control establish rules with punishments and rewards for infringement and obedience, accordingly.

    Therefore, whether we all want to break into everyone else's system or not, there are rules that, in order to have a strong society (where people aren't dying, starving, going mad, etc) must be kept. Sorry, all you h4x0r 31337 anarchists.

    So, now comes the more complicated realm of "good" (nice coders, the true hackers) and "evil" (nasty warez cracker code kiddies). "Good" hackers want to write good software, tinker, geek about, and generally better mankind. "Crackers" are bad and like to take names like BL00D13 T4L0N and things like that, break things, damage things, etc. Hackers are good when they break in. They patch things. Crackers just like to suck down your bandwidth and spread virii. Right?

    No. We can't ascertain motive. So where do we draw the line? Can someone break into a system to cause good will to the admin and users? Can it really be legal?

    Until we re-establish in this nation that there is absolute truth, we're not going to get anywhere with this...

  • Most of them think its either a "holy war" or "justice". I can sorta understand the justice part, aka sentencing someone to death for killing someone else, but sorry to say, mob rule is so ... passé (hehehe). And you know trial by jury is always a good idea :)
    But anyways abortion was just an example, not my main point. I was trying to show how I see law as it should be, existing to stabilize society. And yes your right, some people do say that abortion destabilizes society. But most of the destabilization is caused by the people who kill doctors cause of it or what not. And the destabilition that the act itself might cause isn't much difference upon society as a whole as the the effects of having it illigal. Its kinda like the war on drugs, causes more problems then it makes. Though my view of drugs differs greatly from my view on abortion, as drugs only tend to hurt one's self when used within the frame of law, and can hurt others when used outside of the frame of law, (aka drunk driver/violence is getting a drug that is declared "illigal")
    WHOA I just went even farther off topic than you did :)
    But anyhow one last question, as someone who is "pro-choice" why are laws forcing a minor to atleast get counceling in order to have an abortion considered a "bad thing" (tm). As I see it, it seems to be a law that promoted stability and forces people to think, which in my humble opinion is a "good thing" (tm). :)
  • Isn't it obvious, simply put, Canadian's government isn't nearly as currupt. Any government that would support encryption (non government controled, aka governmnet not having its own key) I would naturally trust. Basically our government doesn't trust us, as we don't trust them. The only problem with this model is that we're no longer the ones in control.. no matter what our initial setup was supposed to be.
    I know this is horribly late, but I was metamoderating, and ran across this comment, hopefully you'll notice it in your user comments list.

How many QA engineers does it take to screw in a lightbulb? 3: 1 to screw it in and 2 to say "I told you so" when it doesn't work.

Working...