URN Logo
UNIX Resources » Linux » Linux Forum » Linux Security » Page.21 » Crackers & the law
announcement The content of this page is collected from Linux Forum, All copyrights and other associated rights are reserved by the original authors of the articles.
Resources
China Linux Forum(finished)
Linux Forum(finished)
FreeBSD China(finished)
linuxforum.com
  LinuxForum General Chat
  Linux Advocacy
  LinuxForum Polls
  Introductions
  Linux Kernel Support
  Patch Management
  Development Release
  Linux Programming
  Linux Security
  Linux Software
  Linux Hardware Problems
    Linux Video Problems
    Linux Sound Problems
  Linux Networking Support
  Linux Printing Support
  Linux Human Interface Devices Support
  Linux Data Storage Support
  Linux Applications Support
  Linux Installation Support
  Linux Laptops Support
  Linux Motherboard, Chipsets, CPU, Memory
  Miscellaneous
  Debian Linux Support
  Ubuntu Linux Support
  LiveCD Discussions
  Gentoo Linux Support
  Mandrake Linux Support
  Redhat / Fedora Linux Support
  Slackware Linux Support
  SuSE Linux Support
  CentOS Linux Support
  Linux Web Servers
  Linux DNS Servers
  Linux Database Servers
  Linux Email Servers
  Linux FTP Servers
  Linux Squid Proxy Server
  Linux Samba Help
  Linux cPanel Help
  Linux Ensim Help
  Linux Plesk Help
  Linux Webmin / Usermin Help
  Qmail Toaster Help
  Linux Games
  Windows Game Emulation
  Linux Discussions
  General Linux Discussions
  Red Hat Linux Discussions
  More Red Hat Linux Discussions
  Mandrake Linux Discussions
  Slackware Linux Discussions
  SuSE Linux Discussions
  Debian Discussions
  Samba Help
  Linux Security
  Linux Networking
  Gentoo Help
  Operating System Rant Forum
  Hardware Rants
   
Crackers & the law
Subject: Crackers & the law
Author: jayjwa    Posted: 2004-08-15 11:29:53    Length: 875 byte(s)
[Original] [Print] [Top]
I was just wondering, what are the chances of someone getting
caught/prosecuted for cracking a system? It seems like it's a very low
percentage of all the systems cracked. I've sent a couple of abuse
reports before, and even on smaller networks, the compromised systems
where still up, still there, attacking like usual. It doesn't seem like
much is ever done about it. Is there anyone that's either had someone
prosecuted for being caught cracking their system or even know of a
case in which the crackers where caught?
I'm not so much refering to large world-incidents like with the Sasser
or Agobot authors, but rather someone exploiting any old system. What
are the laws in various different countries?


--
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++

[Original] [Print] [Top]
Subject: Crackers & the law
Author: Gandalf Parker    Posted: 2004-08-15 12:31:13    Length: 4,598 byte(s)
[Original] [Print] [Top]
jayjwa [jayjwa@nowhere.org] wrote in
news:slrnchv7ci.ktj.jayjwa@atr2.ath.cx:

QUOTE
I was just wondering, what are the chances of someone getting
caught/prosecuted for cracking a system? It seems like it's a very low
percentage of all the systems cracked.

There arent really that many systems cracked. There are alot of systems
taken over by trojans, or viruses, or malwared to the point of crashing;
but not alot of cracks.

QUOTE
I've sent a couple of abuse
reports before, and even on smaller networks, the compromised systems
where still up, still there, attacking like usual. It doesn't seem like
much is ever done about it.

What would you want done? Its easier to get a site shut down for porn or
even being rude in newsgroups than it is for cracking, because they can
be verified by the root of the hosting system.

Jail time is even more difficult because you need to show that there was
damage or money loss.

QUOTE
Is there anyone that's either had someone
prosecuted for being caught cracking their system or even know of a
case in which the crackers where caught?

Sure. Ive tracked rootkitters back to their home site, verified other
systems they cracked, proven what sites they got their kits from
(disclaimers on such sites about the files being for learning only are
worthless protection to them by the way), and Ive gotten them all
punished.

The punishments were varied. Accounts deleted. Sites deleted. Their local
paper informed of their actions. Getting their mommy and daddy to take
away their computer. Getting them kicked out of school. Or a lawsuit.

Getting them "caught and jailed" is unlikely unless you are a major
company and the story hit the papers. Then they need to protect their  
image so it is worthwhile to keep the machine aside and untouched for a
court case. Part of the reason you dont see alot of that from smaller
sites is the standard answer for a cracked machine of "reformat and start
over". That wipes out the evidence. Few people bother to do any forensics
on a cracked box anymore.

QUOTE
I'm not so much refering to large world-incidents like with the Sasser
or Agobot authors, but rather someone exploiting any old system. What
are the laws in various different countries?

Ahhh thats where it gets fun. I did sysadmin work for an ISP that was
owned/operated by a law firm. I informed the bosses of a cracking where I
was in conversation with the kid. One of his comments was "I am in
xxxxxx. I do not fear your FBI". I was told to give this response... "Why
would we want to have police in this? That will get us nothing. You have
damaged our reputation, our business, cost us money and overtime to fix
it. Very expensive in the US. We will sue you, in your country. You might
not own much more than that computer, but what you do own, your parents
own, your ISP, and anyone who helped you get online will be ours." As far
as I know there is no country where you cannot sue for damages, and some
of them have very scarey legal actions for that. Later we were joking
about it and an additonal comment came up that countries in which it is
difficult to do a court thing for one reason or another tend to have
really cheap options for having someone pay them a "personal visit".  ]:)

DISCLAIMER: of course I am not personally recommending any of this.

Gandalf  Parker
-- There is no such a thing as having "too many" locks on your door.
But there is such a thing as having ridiculous number of locks.

[Original] [Print] [Top]
Subject: Crackers & the law
Author: Bill Unruh    Posted: 2004-08-15 13:14:44    Length: 1,940 byte(s)
[Original] [Print] [Top]
jayjwa [jayjwa@nowhere.org] writes:


]I was just wondering, what are the chances of someone getting
]caught/prosecuted for cracking a system? It seems like it's a very low
]percentage of all the systems cracked. I've sent a couple of abuse
]reports before, and even on smaller networks, the compromised systems
]where still up, still there, attacking like usual. It doesn't seem like
]much is ever done about it. Is there anyone that's either had someone
]prosecuted for being caught cracking their system or even know of a
]case in which the crackers where caught?
]I'm not so much refering to large world-incidents like with the Sasser
]or Agobot authors, but rather someone exploiting any old system. What
]are the laws in various different countries?

Sure, but the goal must be worth it. If someone breaks into your house and
steals you TV, the police will record the fact but will not spend any time
trying track down the thief. They have too much else to do. similarly in
online crime, the damage must be severe enough for them to bother. Now when
a big company claims that a breaking cost them $950000 the police will tend
to spend more time on it (even if they know that the actual damages were
maybe $10, and the company has listed all of their expenses for the past 5
years to come up with the bigger figure). If you suffer three days of work
reinstalling your system, it is simply not worth their while to spend 5
man-months of work trying to track down the perpetrator, especially since
he is probably not in their jurisdiction and they could not do anything
about it anyway.

The laws in various contries differ. In Canada, any use of a computer is
illegal, so the prosecution has wide latitude in what they can
prosecute.Other countries have different laws.

[Original] [Print] [Top]
Subject: Crackers & the law
Author: Bill Marcum    Posted: 2004-08-15 13:34:26    Length: 1,034 byte(s)
[Original] [Print] [Top]
On Sun, 15 Aug 2004 17:29:53 -0000, jayjwa
  [jayjwa@nowhere.org] wrote:
QUOTE

I was just wondering, what are the chances of someone getting
caught/prosecuted for cracking a system? It seems like it's a very low
percentage of all the systems cracked. I've sent a couple of abuse
reports before, and even on smaller networks, the compromised systems
where still up, still there, attacking like usual. It doesn't seem like
much is ever done about it. Is there anyone that's either had someone
prosecuted for being caught cracking their system or even know of a
case in which the crackers where caught?

Read "The Cuckoo's Egg" by Clifford Stoll.


--
The truth you speak has no past and no future.  It is, and that's all it
needs to be.

[Original] [Print] [Top]
Subject: Crackers & the law
Author: Colin McKinnon    Posted: 2004-08-15 14:45:16    Length: 1,691 byte(s)
[Original] [Print] [Top]
Bill Unruh spilled the following:

QUOTE
jayjwa [jayjwa@nowhere.org] writes:


]I was just wondering, what are the chances of someone getting
]caught/prosecuted for cracking a system?

Sure, but the goal must be worth it. If someone breaks into your house and
steals you TV, the police will record the fact but will not spend any time
trying track down the thief. They have too much else to do.

Event the big crimes (IME) do not get investigated, the main reason is that
there are a lot of difficulties to overcome just in reporting a crime:

1) for an organisation to announce publicly that its computer systems are
insecure is widely perceived as an admission of liability, and undermining
trust.

2) few organisations are adequately prepared for the isolation / seizure
which is a consequence of persuing a prosecution against people breaking
the law

3) such crimes often span countries / continents and are therefore difficult
to bring to court

4) speaking personally, I do not have a lot of confidence in my local
law-enforcement's ability to investigate such crimes effectively.

QUOTE
In Canada, any use of a computer is illegal,

Erk!

C.

[Original] [Print] [Top]
Subject: Crackers & the law
Author: ynotssor    Posted: 2004-08-16 15:26:44    Length: 951 byte(s)
[Original] [Print] [Top]
"Gandalf Parker" [gandalf@most.of.my.favorite.sites] wrote in message
news:Xns9546751D39FD5gandalfparker@208.201.224.154

QUOTE
Jail time is even more difficult because you need to show that there
was damage or money loss.

You are confusing civil and criminal cases. Civil cases do not involve jail
time.

QUOTE
Getting them "caught and jailed" is unlikely unless you are a major
company and the story hit the papers.

Yes, you are very, *very* confused.


--
use hotmail for email replies

[Original] [Print] [Top]
Subject: Crackers & the law
Author: Gandalf Parker    Posted: 2004-08-16 16:35:08    Length: 805 byte(s)
[Original] [Print] [Top]
"ynotssor" [ynotssor@example.net] wrote in
news:2ocn4oF95g2jU1@uni-berlin.de:

QUOTE
"Gandalf Parker" [gandalf@most.of.my.favorite.sites] wrote in message
news:Xns9546751D39FD5gandalfparker@208.201.224.154

Getting them "caught and jailed" is unlikely unless you are a major
company and the story hit the papers.

Yes, you are very, *very* confused.

I didnt mean to give the impression that the size of the company made a
difference in the law. Ive rarely seen smaller companys pursue it down that
road.

Gandalf  Parker

[Original] [Print] [Top]
Subject: Crackers & the law
Author: Bill Unruh    Posted: 2004-08-16 17:43:47    Length: 1,057 byte(s)
[Original] [Print] [Top]
"ynotssor" [ynotssor@example.net] writes:

]"Gandalf Parker" [gandalf@most.of.my.favorite.sites] wrote in message
]news:Xns9546751D39FD5gandalfparker@208.201.224.154

]] Jail time is even more difficult because you need to show that there
]] was damage or money loss.

]You are confusing civil and criminal cases. Civil cases do not involve jail
]time.
While in theory what you say may be true, in practice he is right. damages
is what catches the police attention.


]] Getting them "caught and jailed" is unlikely unless you are a major
]] company and the story hit the papers.

]Yes, you are very, *very* confused.

NO he is not. The police tend not to go after criminal prosecutions unless
there has been a large loss of money (real or imaginary). It costs them
toomuch time and effort to make it worthwhile otherwise. Just as you are
unlikely to get police attention if you say some mugger just robbed you of
10 cents.

[Original] [Print] [Top]
Subject: Crackers & the law
Author: Gandalf Parker    Posted: 2004-08-16 20:09:04    Length: 1,555 byte(s)
[Original] [Print] [Top]
unruh@string.physics.ubc.ca (Bill Unruh) wrote in
news:cfrgrj$pf1$1@nntp.itservices.ubc.ca:

QUOTE
]] Getting them "caught and jailed" is unlikely unless you are a major
]] company and the story hit the papers.

]Yes, you are very, *very* confused.

NO he is not. The police tend not to go after criminal prosecutions
unless there has been a large loss of money (real or imaginary). It
costs them toomuch time and effort to make it worthwhile otherwise.
Just as you are unlikely to get police attention if you say some
mugger just robbed you of 10 cents.

Thanks, but to be fair there is also the fact that small companies arent
likely to set aside the computer and logs (for evidence in court), pester
the detectives to see if they have new info, pursue new info themselves
and provide it to the detectives (usually an important thing since IT's
will tend to know some tricks that the detectives dont), and show up in
court. They usually just reformat and start over.

Ive done forensics for alot of companies but the smaller ones treat the
report more as just hints on what to do to prevent it better, and
something interesting to talk about during lunch.

Gandalf  Parker
-- Oh bother, my honeypot is empty again

[Original] [Print] [Top]
« Previous thread
Internet Explorer, again
Linux Security
Page. 21
Next thread »
ISS Advisor Update
     

Copyright © 2007 UNIX Resources Network, All Rights Reserved.      About URN | Privacy & Legal | Help | Contact us
Powered by FreeBSD    webmaster: webmaster@unixresources.net
This page created on 2007-08-01 13:10:45, cost 0.060879945755005 ms.