Prosecutors looking to throw the book at accused computer hackers have come across a legal defense expected to become even more widespread in an era of hijacked PCs and laptops that threatens to blur the lines of personal responsibility: the computer did it.
Hacker's defense: the computer did it (http://www.cnn.com/2003/TECH/internet/10/28/hacker.defense.reut/index.html)

This is becoming a serious issue and one that I think merits discussion. I am very interested in reading other forum members' thoughts on this. How responsible should we be assumed to be if a hack is traced back to our computers? How can that be considered proof of the assailant in a cybercrime? I would like to hear from our legal-eagle members the answer to this question: If someone breaks into your house, steals your gun and kills someone with it, are you as guity of murder as if you pulled the trigger yourself? If someone steals your car and runs over someone with it, are you as guilty as if you were behind the wheel yourself? It seems to me the same reasoning should apply to computers. I don't think the answer is "Make sure you keep yourself protected from viruses and spyware." Yes, that's good advice, but it's not reasonable to expect every computer user to do that. I would bet that most users are wide open. No doubt many older people and young kids are using computers with no kind of protection whatsoever. Downloading security patches from Microsoft, for example, is not as straightforward as they would like you to think. I'm sure a lot of people have never even heard of spyware or malware. Should someone's 69 year-old grandmother go to prison because her computer became infected with a trojan horse and/or a script that ultimately resuted in a hack or a dealing with child porn that gets traced back to her computer? It seems to me, like with any crime, that real proof should be required to establish guilt. It can't just end with the conclusion, "Your computer--your culpability."

Thoughts?

Edited to replace some missing words and letters that were hacked out of my post. ;)

It is entirely possible for a hack attack to be launched from a computer and the hacker responsible not to have come anywhere within 1000 miles of it. Any even halfway decent script kiddie will compromise a random computer and launch the attack from there. These are usually home computers and others where people don't really understand or care about security.

So, a hacker might compromise a computer in a net cafe in the Phillippines and put on a remote trojan such as NetBus. From there he'll take out someone's home computer in Brazil, and from there the computer in some little small family business in Norway. And actually launch the attack from there. As long as there's even one computer in the chain that isn't logging all of the traffic, which is very likely, then it will be difficult if not impossible to track the attack back to the hacker. A skilled hacker will get away clean.

Also, recently viruses have become tools for this. The SoBig virus, for example, allows spam to be sent over the internet without it being traced back to the spammers. A compromised system will trigger its payload, pick a random address as the From: address, and mail it to everyone it finds out about. People are getting returned EMails that they never sent, or complaints about spams they never sent, even when their system hasn't been compromised at all; it's someone else with their EMail address somewhere in the system.

So, yes, this could and should be a valid defense. Otherwise, innocent people will get locked up and the offendor will go free. I don't think anyone wants either situation.

6 months ago I would have said that a person is completely responsible for any computing device they hook to a network: it's completely their responsibility what the machine does, how they maintain the OS, and what packets it's sends.

MY Windows2K box would never have to worry about any attacks; I even told Shanek I wouldn't ever need a firewall.




Then I got hit by MSBlaster.

Goddam Micro$oft!!! :mad:

Originally posted by bignickel
6 months ago I would have said that a person is completely responsible for any computing device they hook to a network: it's completely their responsibility what the machine does, how they maintain the OS, and what packets it's sends.

MY Windows2K box would never have to worry about any attacks; I even told Shanek I wouldn't ever need a firewall.




Then I got hit by MSBlaster.

Goddam Micro$oft!!! :mad:
Recently, I set up a new computer at home. Well, it was new to me. Someone gave me the CPU because the HD died. I was starting with a brand new hard drive and put W2000 Pro on it. Since I had freshly formatted and had no data on it, I was tinkering around and not worried about precautions. I connected to the internet (with no antivirus, service packs, etc.) and within an hour or so, I had the Welchia worm (discovered upon installing Norton Antivirus). Mind you, this machine did not even have an e-mail reader on it yet, just IE, so that did not come from opening an e-mail attachment, just from being connected.

Originally posted by bignickel

MY Windows2K box would never have to worry about any attacks; I even told Shanek I wouldn't ever need a firewall.

Then I got hit by MSBlaster.

Goddam Micro$oft!!! :mad:

And a few weeks ago somebody sugared my gas tank. Goddam Ford!!!

The Welchia worm exploits the same DCOM RPC vulnerability via port 135 as the MSBlaster worm did. An unpatched Win 2K machine is particularly vulnerable because it has no built in firewall like Win XP has to protect you until you install a better firewall and get the patches installed. Running a Windows box without a firewall is just asking for trouble. :(

Best hardware solution is a router with NAT. That will keep all of the scans and almost all of the trash from ever being able to find you.

Originally posted by Attrayant
And a few weeks ago somebody sugared my gas tank. Goddam Ford!!!

Are you seriously comparing a gas tank to a messed up operating system that RUNS code sent to a computer thru a network adapter, without me giving it authority to do so, because they felt such a need to crush Netscape that they stupidly connected their internet browser to OS?

Seriously?

Originally posted by Attrayant
And a few weeks ago somebody sugared my gas tank. Goddam Ford!!!

Obviously a user error. You should have been guarding your gas tank more carefully. Can't rely on the security that came with your car.

Microsoft has done an amazing job at allowing users to be convinced that they cause all their own problems. While I agree that users can cause some of their own problems I have seen users blame themselves for a blue screen.

Some of these users can't even find their own files. How can we expect them to know about firewalls, open ports and malicious code. They view their computer as an appliance. It should just work and it should provide a decent level of security.

Originally posted by jimlintott

Microsoft has done an amazing job at allowing users to be convinced that they cause all their own problems. While I agree that users can cause some of their own problems I have seen users blame themselves for a blue screen.

Oh, it's much worse than that; to have an OS execute code sent to it over a TCP/IP port is, to me, inconceivably stupid.

Gas tank? Ha! That's not even a close metaphor. Putting junk in someone's gas tank is the equivelent of sending them a virus in an email. This is a better metaphor: you're driving down the road in your car, and someone sends it a signal via radio waves to turn it's engine off. Or to make a sudden right turn into into the guard rails. MAKING it do SOMETHING that you don't want it to do, without your permission.

I remember some of the debates I got into with Shanek about the need for firewalls: I would ask how you could force a compute to execute code sent to it thru a TCP/IP port. Thus, I figured, the only thing you had to worry about was the user installing the virus/worm himself.

And then MSBlaster dropped by one day to demonstrate 'proof of concept'. Inconceivable! ("I do not think that word means what you think it means.") An OS that runs code without asking me, sent to it from an unsecure network.

The only reason I haven't switched to Linux yet: 1. lazy 2. WW2Online probably wouldnt' run (well).

Oh, it's much worse than that; to have an OS execute code sent to it over a TCP/IP port is, to me, inconceivably stupid.

It's not stupid, it's a feature. Makes your computer easier to use. ;)

Originally posted by jimlintott


It's not stupid, it's a feature. Makes your computer easier to use. ;)

It certainly does. Easier for other people, that is :D

Putting junk in someone's gas tank is the equivelent of sending them a virus in an email.

If you focus at details that are fine enough, nothing is analogous to anything. Your general bitch-n-moan complaint was about security. For this reason, an unlocked gas tank is a fair analogy. Car manufacturers have (for the most part) addressed the vandalism & fuel theft problem by putting locking gas caps on their cars. OS manufacturers have addressed a large number of security issues as well. However, neither MS nor Ford is going to go to the extreem lengths that would be required to stop the truly determined theif or hacker who will stop at nothing to do evil deeds.

...you're driving down the road in your car, and someone sends it a signal via radio waves to turn it's engine off.

This is possible now. Police have a device that can zap your car's CPU as you drive over it. Suppose some criminal gets hold of one of these (or more likely makes one in his basement, there's not that much to it) and uses it on me. Following your example, I should be furious with Honda for not having the sense to enclose their engine & electronics inside a Faraday cage. Of course that would be ridiculous. Your vitriol was directed at the wrong people.

How come it wasn't "Goddam Hackers!!!"?

Originally posted by bignickel
Are you seriously comparing a gas tank to a messed up operating system that RUNS code sent to a computer thru a network adapter, without me giving it authority to do so, because they felt such a need to crush Netscape that they stupidly connected their internet browser to OS?

Seriously?

Yeah, this is more like Ford installing a time bomb under the hood that anyone can open and activate.

Yeah, this is more like Ford installing a time bomb under the hood that anyone can open and activate.

You're not helping.

Originally posted by Attrayant
If you focus at details that are fine enough, nothing is analogous to anything. Your general bitch-n-moan complaint was about security.

Wrong, boyo. My analogy was a hellova lot more apt then your 1 line sarcastic note. A gas tank is NEEDED on a goddam car, since you need to put gas in it to run it. Why the hell would anyone write an OS that executed code sent to it thru TCP/IP ports? Your example would have great for someone SPIKING the current going to someone's computer to cause the computer to glitch; too bad we're not discussing that such an example. BTW - I wouldn't hold MS responsible for someone doing such an action. Happy?


This is possible now. Police have a device that can zap your car's CPU as you drive over it

Oh really: the police can take control of my car and control it's steering, acceleration, and braking? Because once again: you can't seem to get a grasp on any kind of appropriate analogy here.

Go back and do your homework.

PS At least I got more than one line outta you this time. Now, that wasn't so hard, was it?

I can only conclude that you are being obtuse on purpose.

Oh really: the police can take control of my car and control it's steering, acceleration, and braking?

I said no such thing. My point is with regard to general security issues (tell me if your gripes are not security-related, perhaps I misunderstand), and only that your bitterness seems to be directed at the wrong people.

I see you have no objection to Shanek's ludicrous alanogy. I suppose you find it appropriate?

You've gotten way too much out of me, as far as I am concerned. My first post should have been all that was necessary to get my point across to most lucid people.

Your one line sarcastic first post with an inappropriate in-analogy? All that was necessary? Obtuse on purpose?

That's the pot calling the kettle a blacker shade of grey, that is.

From what I can tell, evidently you were serious with your analogy. To you, Microsoft bone-headingly melding it's INTERNET browser to the OS is just the same as Ford putting necessary technology (gas tank and cap) on a car. "Well, gee: MS had to crush Netscape: it's necessary for MS software to run properly! That's why it was important for them to do something so mind-boggling stupid that it introduced numerous security holes in their OS that allows it to run unauthorized code!"

Whatever.

You don't like Shanek's analogy? You argue with him. I do find it apt in that it's only a matter of TIME before someone compromises your security due to MS ineptness.

I'm done with you.

Originally posted by garys_2k
Best hardware solution is a router with NAT. That will keep all of the scans and almost all of the trash from ever being able to find you.

I respectfully disagree. The best hardware solution is a Macintosh.

Originally posted by Kevin_Lowe


I respectfully disagree. The best hardware solution is a Macintosh.

Although it's true to say that the majority of viruses and worms attack Windows machines, Macs are not immune. (http://www.sophos.com/virusinfo/analyses/index_macexe.html)

Originally posted by richardm


Although it's true to say that the majority of viruses and worms attack Windows machines, Macs are not immune. (http://www.sophos.com/virusinfo/analyses/index_macexe.html)

I hate to come across as picky, but can you find a single virus "in the wild" that attacks the modern OSX machines? One? As opposed to virii that attacked pre-OS7 boxes. :rolleyes:

Even if you found one, I bet that you could only get it by downloading and executing suspect files, and that it couldn't touch the root directories.

Macs are essentially immune to virii, trojans, port scanning script kiddies in Asia and most of the other nuisances that beset Windows machines. You can ping flood them, but that's really about it to the best of my knowledge.

Theoretically, a Mac could get a virus. Theoretically. In practise, it doesn't happen.

Pet peeve alert!

Kevin_Lowe: I hate to come across as picky, but can you find a single virus "in the wild" that attacks the modern OSX machines? One? As opposed to virii that attacked pre-OS7 boxes. Even if you found one, I bet that you could only get it by downloading and executing suspect files, and that it couldn't touch the root directories. Macs are essentially immune to virii, trojans, port scanning script kiddies in Asia and most of the other nuisances that beset Windows machines. You can ping flood them, but that's really about it to the best of my knowledge.I hate to come across as picky (if I may be so bold as to borrow a phrase from someone we know and love :)), but virii is not the plural of virus. Neither is viri, vira, or virae. It is viruses (cite (http://www.xoup.net/peeves/virii.php)).

Tom Christiansen (of perl.com (http://www.perl.com/language/misc/virus.html)) observes that virii is "completely silly, so don't do that; otherwise, everyone will know you're just a blathering script kiddie."

No, sorry, forget Macs, run Hercules and MVS (see www.cbttape org) if you want secure.
Anyway, bignickel is exactly correct. These issues are well understood in the IT business, or should be. Yonks ago, IBM was getting flamed because it's email system (PROFS) honoured the DCF !SYSTEM tag in GML documents which would execute a command embedded in a document when someone opened it to read it. Excuse the analogy but it's the equivalent of putting your soap on the floor of the prison shower as you wash different bits - convenient but ............

Originally posted by xouper
Pet peeve alert!

I hate to come across as picky (if I may be so bold as to borrow a phrase from someone we know and love :)), but virii is not the plural of virus. Neither is viri, vira, or virae. It is viruses (cite (http://www.xoup.net/peeves/virii.php)).

Tom Christiansen (of perl.com (http://www.perl.com/language/misc/virus.html)) observes that virii is "completely silly, so don't do that; otherwise, everyone will know you're just a blathering script kiddie."

You're being picky. :)

Seriously though, I like words like "virii" and "boxen". They amuse me, in the same kind of way that spoonerisms and rhyming slang amuse me. Playing with language is fun.

Tom Christiansen is entitled to his opinion, but I really don't care if the Tom Christiansen's of this world think they can identify me as a blathering script kiddie by my use of the wordplay "virii".

Would you care to discuss my actual statements? I'll understand if you'd rather pick a fight about a tangential issue, though.

Kevin_Lowe: Would you care to discuss my actual statements? I'll understand if you'd rather pick a fight about a tangential issue, though.Neither. I guess my peeve alert :) didn't serve its intended purpose, since I am not interesting in picking a fight about anything. Nor am I interested in discussing anything related to Macs. My interest was merely in setting the record straight as to the proper plural of virus. I apologize for not making it clear that I meant no offense to you personally or to anyone else.

Seriously though, I like words like "virii" and "boxen". They amuse me, in the same kind of way that spoonerisms and rhyming slang amuse me. Playing with language is fun.Agreed, playing with language is fun. Thank you for clarifying your intentions when using the word virii.

Many people, however, do seem to mistakenly believe that virii is the proper plural of virus and they are not playing with the language. I'm guessing it's rare that a person (such as yourself) knows the difference.

My previous reply was not intended only for you, but also for anyone reading who may not know that virii is not the plural of virus, and may mistaklenly think that since you used it, it might be valid. In other words, your playful intent with that word was not at all obvious.

I guess what I'm getting at is, I'm hoping you are already aware that one of the risks is that one your playful words may be mistaken for ignorance. For example, I'm assuming that you know that regardless how playful your intention is, if you use the word "n*gger" in the wrong place, you might just get your throat cut.

Tom Christiansen is entitled to his opinion, but I really don't care if the Tom Christiansen's of this world think they can identify me as a blathering script kiddie by my use of the wordplay "virii".I assume he was being facetious to make a point. I accept that you don't care. However, I would suggest that unless you offer some indication you are not ignorant in your use of the word virii, you leave yourself open to that kind of judgement.

Anyway, thank you for clarifying you already knew the word virii is not the proper plural of virus. If everyone else reading this has the same understanding, then my point was made and y'all can resume your regularly scheduled topic.

Originally posted by xouper
Pet peeve alert!

I hate to come across as picky (if I may be so bold as to borrow a phrase from someone we know and love :)), but virii is not the plural of virus. Neither is viri, vira, or virae. It is viruses (cite (http://www.xoup.net/peeves/virii.php)).

Tom Christiansen (of perl.com (http://www.perl.com/language/misc/virus.html)) observes that virii is "completely silly, so don't do that; otherwise, everyone will know you're just a blathering script kiddie."
Thanks for that link, xouper. It always hated that spelling and knew there had to be something wrong with it. I could understand 'viri' even though that's incorrect, too, but that whole double-i thing just makes no sense at all. It's not only silly, it's plain stupid, IMO. Don't mean to derail the thread even further, but I started the thread and it's already derailed from it's intended topic of liability (although after I posted it, I realized this is not really the appropriate forum for it).