Here within DC the ITAA serves as a great group to help get the message out about these issues. If you are a member, or know one, have them send the message to their reps and deliver a common voice from the IT community. -----Original Message----- From: Dorning, Kevin E - DI-3 [mailto:kedorning@private] Sent: Thursday, June 19, 2003 4:38 PM To: 'Justin Kurynny'; Christiansen, John (SEA); crime@private Subject: RE: CRIME Senator Hatch - Destroy file swappers' computers So, I guess the bottom line is - Write to our legislators and educate them on a really really dumb idea. Maybe they can take him aside and say, "Look Oran, You need to get a new perspective on this." What do you think? KD -----Original Message----- From: Justin Kurynny [mailto:justink@private] Sent: Thursday, June 19, 2003 1:04 PM To: Christiansen, John (SEA); crime@private Subject: RE: CRIME Senator Hatch - Destroy file swappers' computers okay, fair enough. analogies aren't much good for developing real solutions to real problems, but if we avoid analogies altogether, then we blind ourselves to a potentially wider perspective of the issue at hand. when we say that we should learn from our mistakes, i don't take that to mean that the lessons of historical mistakes are only relevant if the present situation we face is *exactly* like the one in which the mistake is made. in this sense, looking at how we deal with individuals and theft and the value of the goods is important. i agree with many of your points, so why would we destroy a computer if someone downloads a copyrighted song? to better fit the crime, why wouldn't we simply render the file inoperable or some other less extreme protection of the property in question? self defense and property (read: profit) protection are two entirely different topics and the two should not be mixed as loosely as they have been in this thread. by downloading or storing copies of copyrighted material on a computer, an individual is by no stretch putting the safety of another individual in danger. therefore, launching a hack-back-to-destroy attack on a supposed violator is, in my opinion, an invalid argument when done so on the premise of self defense. justin justin kurynny manager of network engineering waggener edstrom, inc. * -----Original Message----- From: Christiansen, John (SEA) [mailto:JohnC@private] Sent: Thursday, June 19, 2003 12:36 PM To: crime@private Serious response: In most states the store owner would have the right to use force to prevent harm to property, but the degree of force would have to be in some sense proportionate to the harm to be prevented. Shooting a burglar who's coming at you with a tire iron is probably going to be accepted; shooting a shoplifter in the back is probably way out of bounds (at least in the relatively pacific Northwest, if not everywhere); breaking a thief's fingers with a bat when you are trying to stop him from grabbing the cash drawer probably won't get you prosecuted or subject you to civil liability (though there are some pretty nervy perps out there); burning up the getaway car is probably too potentially dangerous to third parties and yourself, not to mention the thief, to be acceptable. The valid point being that there is precedent out there which might support hack back self-help - the problem being avoidance of seductive but misleading analogies, when all you have to work from is analogy. -----Original Message----- From: Justin Kurynny [mailto:justink@private] Sent: Thursday, June 19, 2003 12:08 PM To: crime@private Subject: RE: CRIME Senator Hatch - Destroy file swappers' computers serious, sarcasm-free questions for the group: if a shop owner catches someone stealing something from her store, should she have the right to destroy the tools of the thief's vocation? in other words, should we grant her the right to break his hands and legs? maybe even amputate them? less drastically and humanly injurious, should she have the right to drop a lit match into the thief's getaway car as a means of destroying it? justin justin kurynny manager of network engineering waggener edstrom, inc. * -----Original Message----- From: Christiansen, John (SEA) [mailto:JohnC@private] Sent: Thursday, June 19, 2003 11:42 AM To: 'Crispin Cowan' Cc: crime@private If the ISP is responsive and the rules of engagement say you don't escalate if the ISP is responsive, then hacking back isn't legit. But that doesn't suggest you should avoid figuring out what the rules should be - seems to me it suggests you should figure out the rules. We didn't have this one before, did we? But now we have a consensus on this point. So all we need to do is make sure sysadmins are appropriately responsive and the rules around escalation become moot. So, following this alternative branch, what are the rules for sysadmin responsiveness? In other words, when can I hold an ISP liable for failing to cut off hostile activity?
This archive was generated by hypermail 2b30 : Fri Jun 20 2003 - 05:16:13 PDT