On Wed, Apr 25, 2001 at 12:13:43PM -0500, Mansur, Warren wrote:
> I suppose everyone has a different opinion on this, so I figure I might
> as well share mine :-)
>
> If a thief breaks into my car, and then uses it to run over and kill 10
> people, am I responsible for the death of those 10 people? The police
> may at first suspect me because my car was used, but as soon as they
> find out my car was stolen and someone else did the killing, I will be
> absolved of all charges.
This analogy is nice to a point, but it breaks down because the
governing body of law is not the same.
> Similarly, if someone breaks into my computer, and then uses it to hack
> into other systems, scan other systems, spread viruses, etc . . . , am I
> responible for the hacking, scanning, or viruses?
YES. Or, maybe, depending on the computer crime laws where you live,
or where the victims live, or on the mood of the judge or jury, or the
shade of blue of the suit you wear to the trial. The law is a funny
thing. According to an FBI supervisor who attended the SANS
conference I went to, there are cases where those who have been hacked
have been held responsible.
Do you want to risk it?
> Nothing works this way in life. If I own a hammer, and someone uses my
> hammer to kill somebody, am I a murderer? If I own a crowbar, and
> someone uses my crowbar to break into a house, do I become a thief? If
> I own a computer, and someone uses my computer to hack into other
> systems, do I become a hacker?
A better analogy might be, if a criminal breaks into your house, and
trips over a faulty board in your staircase, might you be found
liable for the burglar's injuries?
The answer, absurd as it may be, is often YES.
And in those cases, you are guilty of negligence or similar. Much as
you are in not taking measures to secure your system.
> Therefore it is my opinion that AT&T cannot say that you are a hacker
> based only on the fact that your computer has been involved in some
> illegal activities, and their policy to permanently turn off your
> service is basically ridiculous.
Except that they don't care if you are a hacker. Their network is
being used for illegal computer crime, and you are the account holder
and owner of the machine in question.
Remember my question about wanting to take the risk? MediaOne has a
LOT more to lose than you do, and they obviously have decided they
don't want to risk it. I like M1 as little as many people here, but
on this I'm on their side 100%. If it were my network, I'd kick you
off too.
--
---------------------------------------------------
Derek Martin | Unix/Linux geek
[EMAIL PROTECTED] | GnuPG Key ID: 0x81CFE75D
Retrieve my public key at http://pgp.mit.edu
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
