Hacking, Hackers, and Hacktivism: Difference between revisions

From Technologies and Politics of Control
Jump to navigation Jump to search
No edit summary
Line 69: Line 69:
Andy, thanks for your article on the Aaron Schwartz prosecution.  As you put it, "CFAA is shockingly broad when it is laid out" -- but that's not the only issue with it.  It's just another case of private industry co-opting the criminal justice system to enforce things that ought to be largely handled by the civil system (which strikes me as lousy public policy).  As you noted in your quote from the CFAA itself, "access in violation of an agreement or contractual obligation, such as an acceptable use policy or terms of service agreement..." In other words, the CFAA makes it a crime to violate the AUP or TOS with your ISP.  Outside of copyrights and information technology stuff, how common is it for the US government to get involved in criminalizing the violations of contracts between private parties?
Andy, thanks for your article on the Aaron Schwartz prosecution.  As you put it, "CFAA is shockingly broad when it is laid out" -- but that's not the only issue with it.  It's just another case of private industry co-opting the criminal justice system to enforce things that ought to be largely handled by the civil system (which strikes me as lousy public policy).  As you noted in your quote from the CFAA itself, "access in violation of an agreement or contractual obligation, such as an acceptable use policy or terms of service agreement..." In other words, the CFAA makes it a crime to violate the AUP or TOS with your ISP.  Outside of copyrights and information technology stuff, how common is it for the US government to get involved in criminalizing the violations of contracts between private parties?
[[User:Jradoff|Jradoff]] 09:46, 22 April 2014 (EDT)
[[User:Jradoff|Jradoff]] 09:46, 22 April 2014 (EDT)
----
In the article "Hacking tool threatens Healthcare.gov site" a DDoS is the least of  warranted concerns. A DoS attack is grave in nature and is rather simple to perform. Many attempts have been made to develop systems that could either launch a DoS attack or be immune to one, but to assume that the nefarious minds out there in the arena aren’t constantly working on new and novel methods to exploit systems is naïve and foolish. The rash and explosion of virus and malware activity in the recent decades testifies to the fact that there is no dearth of people working to venture into, exploit and topple your systems. The use of pre configured or automated tools that are easy to operate in order to pursue their disruptive activities against systems in a network are identifiable. . DoS attacks are nothing but an onslaught or assault against your system that will affect in that system not being able to accomplish its intended job. The direction of the argument within the article fails to look at the programming and structure of the website itself that may allow for significant data leakage. [[User:VACYBER|VACYBER]] 13:05, 22 April 2014 (EDT)

Revision as of 12:05, 22 April 2014

April 22

Spend five minutes with anyone who studies “hackers” and you will quickly learn that the term is used to define a wide array of discrete subcultures, from homebrew computer programmers all the way through to military-industrial network vulnerability experts. If there is one unifying characteristic amongst all of these cultures (and there may not be), it is most likely the acknowledgement between these groups that the limitations imposed by code as a mode of regulating behavior can, and should, be subverted. Today we look to hackers, who they are, what they do, and what rules and norms govern those who do not recognize code as a governing influence.


Readings

Defining hackers, hacking, and hacktivism
  • Sauter uses the term "DDoS" throughout. This is an abbreviation for "distributed denial of service," a specific form of attack to a web server described in more detail here.
Law and law enforcement
Case studies

Optional Readings



Videos Watched in Class

Links

Class Discussion

Please remember to sign your postings by adding four tildes (~~~~) to the end of your contribution. This will automatically add your username and the date/time of your post, like so: Andy 10:28, 17 December 2013 (EST)
In July 2012, someone successfully hacked my iphone and installed spy software on it. Any and all movements on my iPhone were being stored/tracked unbeknownst to me, including app activity (Chase Bank, emails, etc) for one month. I found out about it when I had taken my iPhone in a shop to get checked out - the screen would glitch at times and would randomly lose about 1% per minute. (I learned this was when my GPS data was being tracked up to minute). Among other things, the next step was to file a police report of this incident for my personal safety, as I’ll never be certain which data of mine was compromised. At the time I went to local police, either they didn’t care enough or they just didn’t have proper protocol to handle it.
I understand this is a miniscule crime, in comparison to the huge cyber-crimes in the class readings. However, it lead me to research how equipped local police are for such smaller incidences. The result: They're not. (yet). I’m certain similar, smaller crimes will only increase over time and will be dealt with by the local police. While crime is increasingly moving online, state and local police are having a hard time keeping up. If the case is significant enough, the police have to hire specialized cyber-security companies to conduct digital investigations. The techniques the police will need to be equipped with are going to have to be more “IT specialist” and less “Law and Order” over the next few years. It seems hackers will be one step ahead, at a local level, until the police shift their skill set to more IT training. Marissa1989 02:41, 21 April 2014 (EDT)
I'm very glad you mentioned this because I completely agree. On a smaller level such as the local police, I agree that they do not have the resources or the structure in place yet to deal with hacking of cell phones and breaches of personal information. While large national crimes are handled properly, there should also be an active protocol for situations such as this, which happen very often. The lack of a targeted action by law enforcement against these small time criminals facilitate identity theft and unless there is a strong development in the law enforcement IT department, chances are these crimes will only increase with time. Lpereira 09:16, 22 April 2014 (EDT)

Cyber warfare will take on a greater importance in conventional warfare and Government hackers will be crucial to this. It only makes sense as weapons, communications and systems become more sophisticated. Hackers may be used to break into countries systems to steal data and cause widespread disruption or break into the phones of country leaders and their key staff. This is evidenced in the Ukraine crisis by relentless hacking attacks on Russian websites by Ukraninan hackers and visa-versa. http://www.bloomberg.com/news/2014-03-05/russia-ukraine-standoff-going-online-as-hackers-attack.html Marissa1989 01:06, 22 April 2014 (EDT)


Andy, thanks for your article on the Aaron Schwartz prosecution. As you put it, "CFAA is shockingly broad when it is laid out" -- but that's not the only issue with it. It's just another case of private industry co-opting the criminal justice system to enforce things that ought to be largely handled by the civil system (which strikes me as lousy public policy). As you noted in your quote from the CFAA itself, "access in violation of an agreement or contractual obligation, such as an acceptable use policy or terms of service agreement..." In other words, the CFAA makes it a crime to violate the AUP or TOS with your ISP. Outside of copyrights and information technology stuff, how common is it for the US government to get involved in criminalizing the violations of contracts between private parties? Jradoff 09:46, 22 April 2014 (EDT)


In the article "Hacking tool threatens Healthcare.gov site" a DDoS is the least of warranted concerns. A DoS attack is grave in nature and is rather simple to perform. Many attempts have been made to develop systems that could either launch a DoS attack or be immune to one, but to assume that the nefarious minds out there in the arena aren’t constantly working on new and novel methods to exploit systems is naïve and foolish. The rash and explosion of virus and malware activity in the recent decades testifies to the fact that there is no dearth of people working to venture into, exploit and topple your systems. The use of pre configured or automated tools that are easy to operate in order to pursue their disruptive activities against systems in a network are identifiable. . DoS attacks are nothing but an onslaught or assault against your system that will affect in that system not being able to accomplish its intended job. The direction of the argument within the article fails to look at the programming and structure of the website itself that may allow for significant data leakage. VACYBER 13:05, 22 April 2014 (EDT)