Hacking, Hackers, and Hacktivism
April 22
Spend five minutes with anyone who studies “hackers” and you will quickly learn that the term is used to define a wide array of discrete subcultures, from homebrew computer programmers all the way through to military-industrial network vulnerability experts. If there is one unifying characteristic amongst all of these cultures (and there may not be), it is most likely the acknowledgement between these groups that the limitations imposed by code as a mode of regulating behavior can, and should, be subverted. Today we look to hackers, who they are, what they do, and what rules and norms govern those who do not recognize code as a governing influence.
Readings
- Defining hackers, hacking, and hacktivism
- Molly Sauter, Activist DDOS Campaigns: When Similes and Metaphors Fail (video, watch from to 1:56 to 21:44)
- Sauter uses the term "DDoS" throughout. This is an abbreviation for "distributed denial of service," a specific form of attack to a web server described in more detail here.
- Benjamen Walker, Doing it for the LULZ (from Too Much Information) (11:00 to 22:45 only, language at times is NSFW. Too Much Information drifts between fiction and non-fiction, but this excerpt is non-fiction.)
- Law and law enforcement
- United States Department of Justice, Prosecuting Computer Crimes (read pages 1-11: Introduction to the Computer Fraud and Abuse Act and Key Definitions)
- Case studies
Optional Readings
- Intelligence Squared Debate: "The Cyberwar Threat Has Been Grossly Exaggerated" (an Oxford-style debate with Marc Rotenberg, Bruce Schneier, Mike McConnell, and Jonathan Zittrain; watch the video of the debate)
Videos Watched in Class
Links
Class Discussion
- In July 2012, someone successfully hacked my iphone and installed spy software on it. Any and all movements on my iPhone were being stored/tracked unbeknownst to me, including app activity (Chase Bank, emails, etc) for one month. I found out about it when I had taken my iPhone in a shop to get checked out - the screen would glitch at times and would randomly lose about 1% per minute. (I learned this was when my GPS data was being tracked up to minute). Among other things, the next step was to file a police report of this incident for my personal safety, as I’ll never be certain which data of mine was compromised. At the time I went to local police, either they didn’t care enough or they just didn’t have proper protocol to handle it.
- I understand this is a miniscule crime, in comparison to the huge cyber-crimes in the class readings. However, it lead me to research how equipped local police are for such smaller incidences. The result: They're not. (yet). I’m certain similar, smaller crimes will only increase over time and will be dealt with by the local police. While crime is increasingly moving online, state and local police are having a hard time keeping up. If the case is significant enough, the police have to hire specialized cyber-security companies to conduct digital investigations. The techniques the police will need to be equipped with are going to have to be more “IT specialist” and less “Law and Order” over the next few years. It seems hackers will be one step ahead, at a local level, until the police shift their skill set to more IT training. Marissa1989 02:41, 21 April 2014 (EDT)
- I'm very glad you mentioned this because I completely agree. On a smaller level such as the local police, I agree that they do not have the resources or the structure in place yet to deal with hacking of cell phones and breaches of personal information. While large national crimes are handled properly, there should also be an active protocol for situations such as this, which happen very often. The lack of a targeted action by law enforcement against these small time criminals facilitate identity theft and unless there is a strong development in the law enforcement IT department, chances are these crimes will only increase with time. Lpereira 09:16, 22 April 2014 (EDT)
Cyber warfare will take on a greater importance in conventional warfare and Government hackers will be crucial to this. It only makes sense as weapons, communications and systems become more sophisticated. Hackers may be used to break into countries systems to steal data and cause widespread disruption or break into the phones of country leaders and their key staff. This is evidenced in the Ukraine crisis by relentless hacking attacks on Russian websites by Ukraninan hackers and visa-versa. http://www.bloomberg.com/news/2014-03-05/russia-ukraine-standoff-going-online-as-hackers-attack.html Marissa1989 01:06, 22 April 2014 (EDT)
Andy, thanks for your article on the Aaron Schwartz prosecution. As you put it, "CFAA is shockingly broad when it is laid out" -- but that's not the only issue with it. It's just another case of private industry co-opting the criminal justice system to enforce things that ought to be largely handled by the civil system (which strikes me as lousy public policy). As you noted in your quote from the CFAA itself, "access in violation of an agreement or contractual obligation, such as an acceptable use policy or terms of service agreement..." In other words, the CFAA makes it a crime to violate the AUP or TOS with your ISP. Outside of copyrights and information technology stuff, how common is it for the US government to get involved in criminalizing the violations of contracts between private parties? Jradoff 09:46, 22 April 2014 (EDT)