OK, I'm ready for the flames, but this is just getting silly & I really have to put my (belated) 2 cents in ... re - Putting a price on attacks. (1) Most people are used to sites having technical glitches, and generally will blame their own service provider. Therefore, most people who frequent certain sites (& especially those who use major ISPs like AOL) are probably on occassion used to having to go back to sites to access them - which means sales would not be affected, unless you brake it down by the hours rather then the normal weekly gross. (2) The publicity that the attack generated sent more people to the sites to check them out, then a lot of their advertising ever would have. re-"hacker kiddies screaming "not fair", etc." & pissing off the media. Ummmm, yeah, and the media EVER treated them realistically or fairly to begin with. These are the people who created the Kevin Mitnick mytique; tend to lump virus writes, worm creators, defacers, & true hackers into cyber-terrorism whenever they can; and every so often a "news show" will allow 15 year olds to rant on air about "wars" with the FBI ... now while it might be great entertainment and 15 year olds may think they're cool, let's think about this for a moment - these are 15 year olds. Remember some of the fantasies and thoughts you had at 15? Imagine if someone told you that you could be famous for spouting them onTV - how long would it have taken for you to start saying some assanine things to a national audience? My question is how grownups can be allowed to use young people and in some ways to coerce them into doing certain things (like defacements or just cracking into systems) on national TV. OK, they may be a little more gifted on computers (or not) then the average 15 year old, but these are STILL teenagers, with childish behaviors and emotional needs. re- the law is the law. Ummm, no. There are 2 sets of laws (& the divider is growing steadily).There are laws for crimes in the real world and laws for cyber crimes. Think about the shopkeeper who comes to work in the morning and finds his shop TP'd and egged after a big game. Now, generally, every one in town knows who did it, but 99% of the time there is no case - nor do the perpitrators generally come back & offer to clean it up - & I'm damn sure that it takes way longer then 2 hours for them to clean up some of the better messes. That shopkeeper (& usually it's a lot more then just 1) could loose $200-$300 (if not more) in those hours, so why do the police never go after those kids who are generally the same age group as the 15 - 16 year old defacers, (who we all must admit we assume - with no concurrent proof - to be responsible). OK, I'm done venting, and you all may think I'm completely wrong - but I do think that the Service Providers should be held accountable for not having stronger security (if any) to block spoofed packets & I think we shuld really consider why we have 100,000 defacers in the world (many of them in the USA) & why Alan Greenspan had to note that tech companies are begging us to open visa restrictions for PhDs to come into this country ... & all we want to do are lock a lot of misguided children away rather then first see if we can correct their behavior & send them to a decent school and get them into the marketplace. (Just a thought - ok, I have a mothering complex, but still ...) Elyn > >> >> "Fair"?? >> >> Actually, it is entirely reasonable to sue for damages based >> on lost business. Especially if you can demonstrate a track >> record in a business area. Let's say I run a site that >> consistently generates revenues of $1m/day, at the average. >> On one day, because of something someone did, I only am able >> to generate revenues of $100,000. The next day, after they >> stop doing whatever it was they did, it's back up to $1m/day. >> That's an open and shut case - it's not a matter of arguing >> "potential" customers at all. I couldn't argue they were >> responsible for the entire $900,000 loss but the jury would >> give me more than that in punitive damages if there was >> enough evidence to warrant a verdict of guilty. > >Hang on now, that's too easy an example. I'm not THAT >lenient. What I'm saying is that if Amazon normally >does 1M$/day, and on the day od the DDoS attacks, >they only do 800K$... but then do 1.2M$ the next day.. >were there damages beyond investigative costs? > >More realistically, Amazon's daily numbers are probably all over the >place, and it will be really hard to pick out how many dollars they >lost >in two hours. Which may have come back later, which may not matter. > >All I'm trying to imply is that their getting slapped with 1.2B in damages >is silly. As usual, one group pulls a number from their ass, and the >press repeats it as fact. > >Not fair. > >> >> These little hacker kiddies have no idea the kind of sleeping >> dragons they are trying to wake up. Once they do, they will >> be screaming "Unfair! Unfair!" I'm sure they'll still have a >> lot of sympathizers, but, as I originally proposed, they made >> a big mistake going after the media. Look for a downturn of >> sympathy for hacking in the next year. A hard rain's 'a gonna fall... > >They poked at particular dragons. I'm not saying it was smart at all, > but >it was deliberate. > >> >> And, lastly, as my sister the lawyer told me once, "The law is >> not about 'fair' it's about 'legal'" >> > >That is it's own problem. Laws should be fair, I know they're often >not. >I'll settle for not adding some more de-facto law through bad precedent. > > > Ryan > IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages. Get your FREE, totally secure email address at http://www.hushmail.com.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:05:49 PDT