Thought a subject change was in line....
There is a different concept that people are not mentioning as much
(Crispin touched on it), and that is crime prevention.
If I see someone about to murder somebody I have a right, and some might
say an obligation to attempt to prevent it. Some people would say "Call
911," others "Shoot them." In the middle would be "Do something to
prevent harm to the 'victim.'"
The "Shoot Them" argument gives rise to an interesting issue. If a box
is being actively used to attack me, or other systems, do I have the
right or duty to prevent that box from attacking me or others? This
does not ask "Is the box rooted, or otherwise under control of an
unauthorized user." If a car is careening down a hill, and I can push
it off the cliff before it hits the crowd of photogenic pitiable
children ,my rights and obligations do not ask is the car stolen,
runaway, drunk-driven, or sleep-driven. I have the right (obligation)
to protect the children.
So if a box is actively attacking me, or others, I can
Email the owner of the box.
Call 911
Call a tech savvy Law Agency
Track down can call the Owner of the box.
Track down can call the ISP.
Block me from the attacking box (firewall)
Attempt to shut down the offending activity.
Log onto the box and disable the offending activity.
Log onto the box and disable the box.
Attempt to block the box from getting out by attacking the network.
DoS the network at some point.
Fly to the location of the box and pull the plug.
Shoot the owner of the box.
I see these in a progressing order of intrusiveness and effectiveness
(last item notwithstanding).
Obviously if the box is in the Ukraine most of the early steps are
useless, but if the box is in a responsive company, then the early ones
might work (they have for me).
So this is a case dependent list.
If the hostile activity is putting you out of business, and no bodily
harm is done to the owner of the box, then one might make a clean
self-defence argument:
The box was initiating hostile behavior that negatively impacted
my business. My response negatively impacted theirs in the same
way (Network, not precise attack method).
Now, to loop back to the RIAA comments, you can make an argument that
RIAA and it clients are losing money, and a criminal activity is going
on. Since the first steps are ineffective, partially due to numbers,
and the time factor, they could make an preventive argument. Now I
doubt they would fly or shoot, but I could see them attempting to
disable the file sharing, removing the "stolen" material, or blocking
access to the server....
----
I know what you are thinking, OH MY GOD Zot is advocating RIAA backed
vigilantism!
Yes, in a way I am. The 'net used to be self policing and it was pretty
damn effective. SPAMmers were shut down and hounded. Bad networks were
isolated. People had accounts terminated with no chance of getting
another one. Behavior was modified.
While some of these things are not possible any more, or desirable,
self-policing is much more effective than relying on laws and law
enforcement.
We all make the police's job easier: We buy cars with door locks, and
use them (and test them). We lock our houses. We buy alarm systems.
We call the police when we suspicious or criminal behavior. Many of us
go to lengths for crime prevention, some detection, and some of us
interdiction, and a fewer, criminal apprehension/identification (i.e. we
chase that bastard driver down and give him the finger).
So if we saw someone breaking into a neighbors house, we would likely
use similar steps listed above, depending on current factors: Is anyone
in physical danger, are they stealing small stupid things, do I really
*like* this neighbor, if I run over there, will they shoot at me, or
run, does this neighbor have any of my stuff still, does this neighbor
have any cool stuff I want, etc.
So, yes, I can perceive times when hack back is not only allowable, not
only favorable, but even expected as an obligation.
--
Zot O'Connor
http://www.ZotConsulting.com
http://www.WhiteKnightHackers.com
This archive was generated by hypermail 2b30 : Thu Jul 10 2003 - 14:44:51 PDT