OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: [ISN] Hacker "Coolio" to work on jail PC's

From: InfoSec News (isnC4I.ORG)
Date: Sat Mar 17 2001 - 18:07:10 CST

Forwarded by: "Jordan" <findlermanyahoo.com>

> While I agree that web defacement is a juvenile and pointless
> activity, you have missed the point: Prison sentences are
> completely inappropriate punishment. How does sending a child to
> prison help increase security?

...and I bet you don't support capitol punishment either, do you?

The death penalty is not used because law-makers have deluded
themselves enough to think that this makes things right in the
universe - but if our only threat for violent offenders is to box them
up and feed them for 25 years or until they die at a ripe old age,
they have little DETERRANCE (or so the argument goes....). And
deterrence is exactly the message that the case of the hacker 'Coolio'
tries to convey.

Quite simply the kid broke the law. And it's really easy to do. If
they don't give the script kiddies something to stop and think about
before they hack, the problem will grow, possibly beyond their ability
to control it. Either they take 'extreme' measures now to curtail it
now, or they eventually make meaningless the laws which protect sites.

> Solve the *PROBLEM* (a lack of security) instead of attacking the
> messengers. Kids should not be locked up in cages. How does that
> help anyone? Whose security is actually improved - perhaps the
> prison industry's? People who think like you are screwing the
> world and imprisoning our children! Thanks a lot!

The kids *ARE* the problem - immature little kiddies who get their
hands on scripts that they didn't write, and whom have no respect for
the geniuses whose heads they are standing upon as they go about
having their immature fun, defacing anyone's site that they care to
(who hasn't had time to kept up with all the patches from the
distributor).

You look at the problem as the site admins not doing a good enough job
of defending themselves. They should patch up their server and then
they wouldn't have this mess. ....That is like saying that a mugging
victim is to blame for not doing an adequate job of defending himself
from his assailants.

When law enforcement officials look at it, the *PROBLEM* comes before
that - why should they NEED to defend themselves? The law should be
there to prevent their need to.

Whether jail time and $5K/victim is justified as the amount owed is
irrelevant. The fact that this sets a precedence for real consequences
for breaking these laws is what counts in this case.

If you get caught hacking and being naughty, you now serve time.
Even if all you did was to deface the site. And if that gives
'hackers' reason to think about what they do, and perhaps deter them
from hacking, then it increases security for everyone. ....At least in
theory. The other argument is that this ruling will make them simply
try harder not to get caught.

;)

--Jordan

_________________________________________________________
Do You Yahoo!?
Get your free yahoo.com address at http://mail.yahoo.com

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERVSecurityFocus.com with a message body of
"SIGNOFF ISN".