ACK! -- CONTINUED

[Jonathan Hutchins]

Good, thoughtful reply, Adrian, thanks!  
  
Quoting "L. Adrian Griffis" <adrian at nerds.org>:  
  
> I would say that using a  
> password at all when you have no reason to think you are  
> authorized to do so should be unlawful.  
  
It is in most jurisdictions, I think probably Federal - I don't remember the  
precise terms just now, but accessing a system when you know you do not have  
permission is a specific crime, not just 'theft of services'.  
  
> We also tend, more and more, to keep private information on  
> our computers, and I think we have good reason to value a  
> sense of security on our computers.  I think we have some  
> justification for criminalizing some irresponsible behaviors  
> that tend to undermine our sense of security on our computers.  
  
The reality, though, is that that security is only there if we make it, and  
that a networked computer is an inherently insecure place to keep important,  
secure information.  The contrary illusion, or better the outright ignorance 
of this fact is the problem, and it can't be solved by draconian persecution 
of those who explore the cracks in the system.    
  
To some extent, we need to acknowledge that the people who do non-malicious  
hacking are helping us by finding the weaknesses.  
  
There was a thread right here recently about someone who hacked into some  
wireless connections, and how he should go about letting the responsible  
parties know.  The majority opinion was that because he had violated federal  
law, it was not a good idea to reveal what he'd done in any way.  
  
Yes, what happened to Brad goes beyond this benign exploration, but not by  
much.  The tools that were installed, although potentially malicious, were not  
apparently used to any malicious end.  
  
  

---------------------------------------------------
This mail sent through tarcanfel's horde/imp system