All
of the actions posted here are real and the harassments are not exaggerated
Welcome to the Rob On the Knob Show
(Elite Group) Message and information board please sign
our guest book!
All
of the actions posted here are real and the harassments are not exaggerated
Outlaws
in Cyberspace
Running
with the wolves
In researching her book, Underground- Tales of Hacking Madness and Obsession on the Electronic Frontier, author Suelette Dreyfus became aware of a very peculiar hacking sub-culture and the 'lone-wolf' computer outlaws found there.
| Running with the wolves | |
The Law
Report Interview
RealAudio:
05:56
Download RealPlayer |
|
 |
|
Interview by Damien Carrick
Code of
Honour
Suelette Dreyfus: There's a distinct hierarchy in the hacking community and at the top end there are what are called elite hackers
- they're very experienced, skilled hackers - and at bottom are "script kiddies" or "script weenies" and they use automated hacking programs to hack for them.Often they couldn't replicate what the automatic program does, they may not even understand how it works to break into a machine.
The top-tier hackers have a sort of a code of honour and this code of honour usually makes them what is termed "look-see" hackers and that means they look at a system and they don't do damage to it.
That is, they don't delete files. Now they might for example delete logs to erase their tracks but they wouldn't actually delete data on purpose and they might copy data to read it for themselves but they would not copy it to sell it to an organisation.
Most hackers today would fall into the category of being electronic graffiti artists.
The are interested in exploring and breaking into systems for the thrill of it, for climbing the mountain.
That may change in the future and you may see a rise in the number of hackers who are involved in more serious criminal activities.
Damien Carrick: Now can you paint a picture for me? I'm still a little bit unclear about what the actual hacker does and what kinds of crimes they commit.
SD: The type of crime they typically commit is: they'll break into system which is a military system or it may belong to a large corporation.
In general terms hackers tend to be very anti-authoritarian, anti-establishment so in the past, for example, in the first major hacking case in Australia known as the Realm Case, the hackers were convicted of breaking into NASA; breaking into the Lawrence Livermore National Laboratory in the US, which is run by the US Department of Energy; breaking into CSIRO — and all of those organisations are, if you will, tall poppies.
That's why they were targeted by the hackers. They were pitting themselves against the best and the brightest as the hackers saw it.
DC: Tell me about that case. Who were the hackers and what happened to them?
SD: That was a 1993 case. Three Melbourne hackers aged 18, 20 and 22 broke into a number of large organisations overseas and in Australia.
They pled guilty in 1993 to a number of charges.
All three of them received suspended prison sentences of between six and 12 months and community service orders of between 200 and 500 hours, plus good behaviour bonds.
The common themes of elite hackers are that they're very bright or gifted.
They often don't quite fit in at school or university, they're sometimes introverted or socially awkward and they're often alienated by teachers who are ill-equipped to deal with gifted children.
Now, they may also come from less than picture-perfect families where they have one parent missing through death or divorce and their families are often dysfunctional.
This may be where they get their anti-establishment views and it may, if you will, sew the seeds for a type of addiction to using computers, to the thrill of the chasing and hacking.
And after a hacker is raided by the police [and] his gear is taken away, it may well be that he suffers a type of withdrawal, and one of the things that I found interesting was a number of hackers after this happened experienced this period of mental and psychological illness and some of them turned to drugs.
One of them actually said to me that he had turned to drugs to fill the gap left by not being able to hack anymore.
So it was a substitution for that sort of addiction.
DC: Is there any one hacker who stands out as being particularly interesting or unusual?
SD: Yes. The hacker I'm thinking of is a British hacker who was in the 8LGM case, the Eight Legged Groove Machine - as the hackers were known - and his online nickname was Wundie.
Now what's interesting about him is that there were three hackers in this case.
Two of them pled guilty and he pled not guilty and he is one of the few cases in the Commonwealth on this style hacker who took his case to full trial.
And the defence presented evidence at his trial which suggested that he was addicted to hacking.
They actually then had the then head of the National Addiction Centre, who had assessed him, get on the stand and [he] said that [the hacker] repeated 12 times in his police interview: 'I'm just addicted to hacking. I wish I wasn't' and further compared Wundie's traits to those of a compulsive gambler and said there were really many of the same traits between them.
What was interesting about this case is that it took the jury exactly 90 minutes to acquit him.
Now, it's difficult to say if he was acquitted because of this evidence. The prosecution in the British case had chosen to charge the hackers with conspiracy to hack, as opposed to hacking.
Now this carries a heavier sentence which may be why they chose to do this, but it is also a more difficult thing to prove.
It was particularly interesting because the three hackers had never actually met each other, they had never spoken on the phone, they had only spoken online.
So it asked all sorts of questions: Can you be involved in a conspiracy if you've never actually met the person involved?
But it may well be the jury acquitted him on the basis of not being able to prove conspiracy as a legal reason, but as a moral reason the defence had given them enough of a reason to acquit him because of the addiction argument.
He was only 18-years-old at the time he was raided by the police.
His mother had tried to get him away from his computer.
She had at one stage turned off the power — well, he reconnected it.
She put a security bar on the phone so he couldn't dial out — he broke it.
She tried to get into his room one day when he was in there to turn off
his computer, and he pushed her out of the room and apparently pushed her
down some stairs to get her away from his computer, and all of these
really bespeak someone who is quite besotted with their computer.
Outlaws in Cyberspace
Is it the 21st Century equivalent of the wild west? Is the law's arm long enough to curb computer crime and rip-offs?
Or is the right cyberspace sheriff yet to ride into town?
This series of interviews, taken from ABC Radio National's Law
Report, asks is computer crime out of control and is intellectual property
law coping with the challenges of the Internet?
Thieves,
spies and malice
A
s agent Ken Day, who heads the Australian Federal Police (AFP) computer crime team, knows all too well, computer crime comes in many unusual forms and requires creative and proactive approaches.
Interview by Damien Carrick
Ken Day: "In 1985, the KGB did employ West German hackers, back then when
there was a division, to break into US military depot systems to track
troop movements.
| Thieves, spies and malice | |
|
The Law
Report Interview
RealAudio: 5min
Download RealPlayer |
|
Eventually it was discovered and the main hacker in this situation
committed suicide before prosecution. He was burnt to death in a forest.
There are other examples, and perhaps some that you might not be aware of — in the UK a nurse hacked into a hospital, changed all the drug dosages for the children's ward and as a senior nurse was about to inject one of the children in that ward, she stopped and thought 'Hang on, I'm a senior nurse, this is not right.' went and saw the doctor.
It was all wrong. That kid would have died in seconds had she continued with it.
At the Bay of Biscay in 1981 a hacker broke into a system, altered the time clock. That system was responsible for distributing weather forecasts for that region. It didn't do it for a week.
A severe storm came, hit a ship, it sank and someone died."
KD: "There's the reported matter of Citibank where former Russian computer people no longer employed broke into Citibank and got $10 million. It's as simple as that.
It's now impacting in one example, a multinational company ceased trading with this country for a period of one week as a result of a hack.
They then revamped the entire way they did business in this country. That has a detrimental impact.
We know people aren't reporting crimes. We know crimes are going undetected or not investigated.
With all this unknown, how do you map a change, how do you map a
prevalence. Any statistics that you see, remember this: they are
subjective."
KD: "To some people it is not from a commercial sense viable to prosecute a matter when you would get negative press and it's quite logical when you think about it.
I'm not saying I condone it but I understand it.
They stand to lose more by the reporting of the fact that someone broke into the network and losing customer confidence, so there's that motivation.
The other motivation is they don't know it's happened, which, believe it or not happens more than you may think. They're totally unaware for ages that they've been broken into.
And the other motivation is they cannot see any reason to go ahead with prosecution because of the lenient sentences being handed out by court.
Now that's their judgement, not mine, but that's what's motivating them
not to bother. So there are many reasons why it's not reported."
KD: "Some victims do come forward, and that's what we'd call a reactive situation, where a crime is reported to us, we then investigate.
But there's another role that we have and that's called proactive, where we will actually go out and use our intelligence mechanisms to identify likely offenders — people who fit within what we define to be a hacker or a computer criminal, and we can then, within the powers that we have, monitor their activity. In the past we have, and found out they're committing some quite serious hacking crimes and so what we've done is reversed the process.
We don't sit back and wait for people to come to us and say something has gone wrong. We go out and say 'this guy's up to no good' let's prove it, and we do. We go to the victim then and say 'Hey, you've been hacked'."
KD: "Well we've had a few cases that we've had in court. Back in the early days, and we started the AFP involvement in '89 with the enactment of our legislation, our first two cases, the major ones, that both went to the county court involved this proactive [approach] through target selection.
We had information for one of them, and I won't mention the handle name but their nickname.
All we had was: 'this person is hacking' — that's all we had.
From that basis we infiltrated the community, identified three targets, monitored and then prosecuted them successfully for breaking into systems in Australia and the US — and they included military systems.
So, [being] proactive is an important component in dealing with crime, but more so on the Internet because it's such a big beast that cannot be tamed.
 |
Barbie battle...an image from the Gennie Chronicles, a site where photos have been changed because of legal threats. |
O
n a scale never before seen, the Internet has allowed popular culture icons to be used for purposes other than those intended by their owners.Internet sites devoted to popular culture icons - and there are heaps - sometimes clash with intellectual property rights.
Who owns Barbie or Mr Spock or Aladdin for that matter? Does their corporate owner still have custody and control, or are they up for grabs in the public domain?
Melissa De Zwaart teaches Internet and the law at Monash University.
She explains some of the legal clashes between corporate custodians and fixated fans who want to play with pop culture icons in cyberspace.
So is it theft or flattering
imitation?
| Barbie can't party | |
The Law
Report Interview
RealAudio: 10min
Download RealPlayer |
|
Melissa De Zwaart: "Probably the most interesting one is the one involving Barbie. In the US there have been huge battles going on between Mattel and people who have been using the Barbie icon.
The most disturbing example has been an art gallery which depicted Barbie - 'The Distorted Barbie' it was called - and it began when an artist discovered a Barbie in his parents' cellar, and he painted a picture of Barbie and juxtaposed that with an image of a Stanley knife which gave him the idea of distorting Barbie.
He then produced a series of images of the 'Posessed Barbie', the 'Mentally Challenged Barbie', and he put those on a gallery on the Internet.
Mattel got wind of this and naturally enough they weren't very happy. They sent him a letter of demand, in fact sent it via his Internet service provider (ISP), this seems to be the way the corporations are going now.
Instead of attacking the individual, who's hard to get at, they'll go
the ISP who is worried about liability or copyright infringement,
defamation, you name it, given the precedents which have been created in
the US, and they then asked him to remove those images from his site."
MDZ: "You need an Internet service provider so that you can get access to the web. You have a web page and that web page will be placed on the Internet service provider's server so that other people can access your page.
It's not located on your own computer, it's located on a server where it's accessible by others.
So the Internet service providers are the people who connect you, your email to the Internet at large, and they are good targets for a legal action because they're identifiable, they're solvent, and they can be got at, whereas your individual can disappear, shallow pocket, not worth pursuing."
DC: "So what's been happening with Mattel and the ISP of this artist?"
MDZ: "The ISP wrote to the artist and said 'We're going to have to shut down your site if you don't remove this infringing material.'
Now as is the case with all of these instances of allegations of infringement, the artist has posted all of the correspondence on his web site. It becomes a very public stoush.
It's not a question of quietly removing your web pages, these people tend to fight to the death.
So even when the allegedly infringing has been removed, what you'll
find at the site is a whole series of letters, the whole sequence of legal
correspondence is there for the world to see. So people are very aware of
their legal rights on the Internet.
No, lo and behold, Mattel still weren't happy with the situation. Wrote a further letter now alleging trade mark infringement for the use of the word Barbie.
"...the whole battle has been fought without any legal resolution..." |
So he has now removed references to Barbie from his site and she's now called Barblie."
DC: "A distorted Barbie."
MDZ: "That's right, distorted to even the point of her name being distorted.
So in a sense the whole battle has been fought without any legal resolution to these issues, I mean no one has concluded that there has been any copyright or trade mark infringement.
It's really been fought on the basis of David and Goliath. The web
users are saying 'We can't fight, we don't have the resources to fight
these legal cases. We're retiring, but we haven't given up on the fight'
and this has led to the emergence of organisations such as the Online
Freedom Federation (OFF).
DC: "So they've got unofficial fan web pages where they talk to each other and presumably post information and images and what have you about Star Trek."
MDZ: "The extent of unofficial Star Trek information on the web has been sufficient to justify a web directory solely devoted to unofficial Star Trek sites. They are huge. We're talking thousands of sites and thousands, tens of thousands of postings to news groups. They've created this whole additional culture for themselves.
So what happened was Viacom, the owners of the intellectual property associated with Star Trek, sent letters, again, largely to the Internet service providers who are hosting these unofficial Star Trek fan pages and asked that al of the copyright material be removed particularly where that copyright material was attracting advertising revenue. So this is where you get into the question of the fine line between the commercial and the non-commercial.
Some of these sites are so good that other people are prepared to pay to place advertising on those pages, they attract so many people.
So Viacom has asked that all of these pages be removed, and this has also coincided with the creation of the official Star Trek site hosted on the Microsoft network which is a pay to access service.
Fans are very upset because they have their own free access sites which
they believe are in fact superior in quality to this Microsoft network
product and they really feel that their efforts are being diverted into a
commercial enterprise.
Distribution makes the difference
So here you have got a group of people who are really doing nothing more
that what people have always done - demonstrating their enthusiasm for a
particular cultural icon, be that a rock band or a television series, I
mean you can extend this to X Files, Millennium, Star Wars, it just goes
on and on - they feel that they're being told not to do something that
they've always done and that they have a perfect right to do.
The difference is not that they're creating any more or less infringing material than they've always done, it's just that it's become more public.
Digital technology gives people the ability in their home to reproduce perfect quality images.
So once upon a time you'd have someone running off 150 copies of a story about Star Wars characters on a photocopier at work at lunchtime and sending it out to people who subscribe to their particular zine, now you have someone able to sit at home, put up a web page with better quality reproduction pictures than you might find on the official site.
So you have issues of copyright infringement, trade mark infringement,
and in Australia, more likely, you'd have issues of passing off - Section
52 of the Trade Practices Act - misleading and deceptive conduct -
implying that you have some kind of a trade connection, that you might be
officially endorsed by Lucas Arts to produce your Star Wars page and
that's coming into conflict with these people believe is a right of
freedom of speech - their right to express their enthusiasm about a
particular cultural icon."
Crunch
time for cultural icons
DC: "So at the end of the day, who owns the cultural icons is the big
question."
MDZ: "Well that's what they've very upset about. You've got people saying now 'It's not right that George Lucas owns a cultural icon.
Luke Skywalker is no longer a piece of intellectual property, he's now become part of our cultural sense of self.'
Barbie similarly, you can't say who owns Barbie anymore, she belongs to all of us because we've grown up with that idea.
But of course that just doesn't gel with traditional notions of intellectual property.
The purpose of copyright of course is to reward the creator.
Now if people are saying 'Well, you no longer deserve that reward because you've been so successful at your creation that we've adopted this as our own, you don't deserve that reward, it now belongs to the public', you're undermining the whole reason for intellectual property protection.
This is where you have a head on clash between intellectual property and freedom of speech.
Again, not a new thing, but it seems to have been brought to a head by
the Internet because of the fact that it has this ability to disseminate
vast amounts of high quality information and that can be done by an
individual."
The
recent Australian Institute of Criminology conference on Internet crime
looked at a range of criminal uses of the Internet.
It's relatively easy to ban the import of books, films and videos, but it's impossible to stop people downloading obscene material from the net.
And it's difficult to control the output of such material if it's posted on the Internet in a far-off country.
The conference examined a range of issues including the distribution of pornographic material and the challenges facing the law.
| Hiding behind borders | |
The Law
Report Interview
RealAudio: 6min
Download RealPlayer |
|
Karren Kooman, manager of online services at the Australian Broadcasting Authority, says regulators face unique problems when dealing with the Internet.
Interview by Suzanna Lobez
Karren Kooman: "On the Internet, it makes it very difficult for countries to enforce those laws within their own jurisdictional and geographical boundaries because material can be accessed from anywhere else in the world.
So that you may have a situation where the material is illegal in one country but is stored on a server in a second country where it is in fact legal.
An example of that was the electronic version of the neo-Nazi magazine Radicale, which was banned in Germany, but stored on a server in the Netherlands where that content was legal.
The German Government sought to have this material removed from the
server by requesting the Dutch service provider to do so, but the result
of these requests was not only that they were refused, but that within a
short space of time, mirrored sites sprang up all over the world - an
attempt by Internet users to illustrate the futility of the German
authorities' request to deal with this sort of information."
Privacy
laws ineffective
Suzanna Lobez: "I understand also that privacy laws differ considerably around the world, and as a consequence, some fairly personal details of a medical nature were accessible on a senior French politician."
KK: "Yes indeed. Recently there was a book published which contained the medical history of the late President Francois Mitterand.
The book of course was banned in France in breach of their laws, but appeared on thousands, if not millions of mirrored web sites within a week, again illustrating the difficulty of enforcing local domestic laws on the Internet.
The sites containing the books may well have been located outside of
France, but they could be accessed by French citizens."
E-mail
hotlines and self-regulation under development
SL: "What kind of ideas are you coming up with that you'll be able to offer to the Government in terms of regulation."
KK: "Well we recognise at the outset that dealing with this material online is extremely difficult.
However we don't believe that there is absolutely nothing that can be done, and a very interesting development which has occurred overseas is the emergence of what have been called e-mail hotlines to respond and investigate complaints about child pornography.
By way of example, the hotline service that operates in the United Kingdom has been set up by the industry association there as part of their efforts to self-regulate and exercise some responsibility in relation to this material which attracts universal condemnation."
SL: "How does it work?"
KK: "Well they've set up an office funded by industry, and any user within that jurisdiction who finds what they believe is child pornography can contact the Internet Watch Foundation - the name of the hotline service - and report that finding along with the email or the URL address of that site - where they found it, basically.
And the Internet Watch Foundation will go to the site, they'll examine
it, and if they find that in their view, in accordance with clear
criteria, it is child pornography, then they will seek to trace its
origins.
If they find it's coming from a server in the UK, they have a set of procedures developed by service providers called the 'notice and take down procedure'.
Under this procedure, the service providers will attempt to contact the person who has placed the material online and request their cooperation for its removal.
But if that's not forthcoming then the service providers have agreed themselves to remove the content from their server, that is, content which is believed to be child pornography in reference to this clear criteria.
There is a role for the police in this. Relevant details are forwarded to the police by the Internet Watch Foundation as part of the whole process that's been set down."
SL: "Do they go to the police after a request to remove the material has failed?"
KK: "When they receive the request they'll investigate it and as soon as they reach the view that it is child pornography, then they report the matter to the police.
They then procede under their own set of procedures to have that material removed.
The benefit is that the police themselves may well have decided to commence an investigation into the matter, but that may take some time.
In the meantime, what the Internet Watch and other hotline services have done is agree to remove that material from the servers so that it is no longer being transmitted by them or is available for others to access."
SL: "The information must be invaluable to police and investigators of
this kind of crime."
KK: "That's right, and the secretary general of Interpol recently stressed at a conference in the United States the importance of these types of partnership arrangements involving industry and the community and the police in providing some practical responses to child pornography on the Internet."
SL: "Given that there's been a fairly pessimistic outlook for regulating international pornography on the Internet, is this hotline approach a glimmer of hope?"
KK: "There are hotline services that have been established in Austria, Belgium, the Netherlands, Norway, Singapore and the United Kingdom.
Recently [US Vice-President] Al Gore announced that the United States will be setting up a cybertip line to receive complaints about child pornography as part of a broad industry push for zero tolerance for child pornography on the Internet.
Here in Australia, the response to these hotline services has been
somewhat cool to date although we are still discussing this issue with the
relevant industry bodies including the Australian Internet Industry
Association."
Saturday October 20, 2007 - 07:40pm (PDT