It's good to see that many people have a sound head on their shoulders and are not engaging in over-reaching knee-jerk reactions.
Find the time to write your congresscritter, but do it when you are not emotional. Tell them that security research is not cracking, that cracking is not terrorism (if you don't take the time to properly secure your systems, you need to take some liability!), tell them that crypto is free speech, it is the ability of people to have a private conversation! A conversation without big ears, between a limited group of people. Then let the letter sit overnight and read it in fresh light.
If you really want them to listen, take the time to print out your letter, after you have sent it online, address some envelopes and send them hard copy!
If you really wan to stir some feathers, then remind them of the declaration of independence - "But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security"
Tell them that security research is not cracking, that cracking is not terrorism
I agree that security research is not cracking.
Cracking is not terrorism in most cases, but if you crack some critical systems, it can get people killed. And though it doesn't rise to near the level of terrorism where people are killed, crackers who cost lots of innocent people a lot of time and money just to make their point or for the fun of it are still scum.
if you don't take the time to properly secure your systems, you need to take some liability!
People who don't secure their systems should take some responsibility for their lack of action. I think liability is the wrong word, because to me it infers that they deserve to be hacked. They don't. They have a responsibility because their lack of security can allow their system to be used against others. Trusting people that don't lock up their valuables don't deserve to be robbed. People that choose not to arm themselves don't deserve to be attacked. Defence against many forms of attack, including cracking may very well be a good idea, but lack of it does not imply guilt on part of the victim.
I strongly support free speech. I think that crypto laws requiring back doors, or making crypto insecure for the common person are wrong, and would be ineffective in their goals.
As part of supporting free speech, I am strongly against malicious cracking. Worms, viruses, trojans and the like do a lot to harm innocent people who just want to get online but don't have a lot of technical knowledge. The internet is a great tool for free speech, and it shouldn't be kept from them just because they don't know how to properly secure their home computer from malicious attacks of others. If the govenment ends up passing harsh legislation which inhibits our freedom to protect such people, it is the crackers who deserve the lion's share of the blame, not the people who got cracked.
I understand that in order to improve security, security needs to be tested. I also understand that in order to get vulnerabilities fixed, that security issues need to be made public. The way they are made public could often be handled better though.
If you really wan to stir some feathers, then remind them of the declaration of independence - "But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security"
You may stir up some feathers with this, but I doubt you'll help your cause. I agree that as a last resort, revolt is actually a responsibility of an american citizen. But only as a last resort, and only for the good of the country.
I realize that I made some comparison between terrorism and cracking in this post, and I want to state that I don't want to trivialize the problem of terrorism with this. Terrorisn is crime that far outshadows cracking. Malicious cracking is more of a petty terrorism in which lives aren't lost.
Cracking is not terrorism in most cases, but if you crack some critical systems, it can get people killed.
OK, I'll bite. Give an example of this. This is simply not the case, cracking cannot actually get people killed. All truly critical systems such as defense systems, ICBMs, FAA computers, etc. are *not on the internet or attached to dial-in modems*. Thus they cannot be cracked in the traditional sense. Obviously people could physically break in and do things, but I wouldn't really consider that "cracking".
Cracking is definitely bad and should be punished, but these right-wing over-reactionary witchhunts have simply got to stop.
You're probably right. Critical systems in which lives are at risk should also have physical security, and not be attached to the internet. I suspect this is true even for medical systems at hospitals. I suppost someone could posibly hack some hospital's medical database and change the medications that people are supposed to be given, but I hope those systems aren't on the internet, and there are safegards agains people being given medicine that may harm them. I would agree that cracking that requires breaking into someplace is a completely different issue.
Cracking is definitely bad and should be punished, but these right-wing over-reactionary witchhunts have simply got to stop.
I agree that this needs to stop. I don't personally believe that it's "over-reactionary witchhunts". I think it's people who have adgendas, that are using this tradegy to push those adgendas.
Thank you (Score:5, Insightful)
Find the time to write your congresscritter, but do it when you are not emotional. Tell them that security research is not cracking, that cracking is not terrorism (if you don't take the time to properly secure your systems, you need to take some liability!), tell them that crypto is free speech, it is the ability of people to have a private conversation! A conversation without big ears, between a limited group of people. Then let the letter sit overnight and read it in fresh light.
If you really want them to listen, take the time to print out your letter, after you have sent it online, address some envelopes and send them hard copy!
If you really wan to stir some feathers, then remind them of the declaration of independence - "But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security"
Chris
Re:Thank you (Score:4, Interesting)
I agree that security research is not cracking.
Cracking is not terrorism in most cases, but if you crack some critical systems, it can get people killed. And though it doesn't rise to near the level of terrorism where people are killed, crackers who cost lots of innocent people a lot of time and money just to make their point or for the fun of it are still scum.
if you don't take the time to properly secure your systems, you need to take some liability!
People who don't secure their systems should take some responsibility for their lack of action. I think liability is the wrong word, because to me it infers that they deserve to be hacked. They don't. They have a responsibility because their lack of security can allow their system to be used against others. Trusting people that don't lock up their valuables don't deserve to be robbed. People that choose not to arm themselves don't deserve to be attacked. Defence against many forms of attack, including cracking may very well be a good idea, but lack of it does not imply guilt on part of the victim.
I strongly support free speech. I think that crypto laws requiring back doors, or making crypto insecure for the common person are wrong, and would be ineffective in their goals.
As part of supporting free speech, I am strongly against malicious cracking. Worms, viruses, trojans and the like do a lot to harm innocent people who just want to get online but don't have a lot of technical knowledge. The internet is a great tool for free speech, and it shouldn't be kept from them just because they don't know how to properly secure their home computer from malicious attacks of others. If the govenment ends up passing harsh legislation which inhibits our freedom to protect such people, it is the crackers who deserve the lion's share of the blame, not the people who got cracked.
I understand that in order to improve security, security needs to be tested. I also understand that in order to get vulnerabilities fixed, that security issues need to be made public. The way they are made public could often be handled better though.
If you really wan to stir some feathers, then remind them of the declaration of independence - "But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security"
You may stir up some feathers with this, but I doubt you'll help your cause. I agree that as a last resort, revolt is actually a responsibility of an american citizen. But only as a last resort, and only for the good of the country.
I realize that I made some comparison between terrorism and cracking in this post, and I want to state that I don't want to trivialize the problem of terrorism with this. Terrorisn is crime that far outshadows cracking. Malicious cracking is more of a petty terrorism in which lives aren't lost.
Re:Thank you (Score:1)
Cracking is not terrorism in most cases, but if you crack some critical systems, it can get people killed.
OK, I'll bite. Give an example of this. This is simply not the case, cracking cannot actually get people killed. All truly critical systems such as defense systems, ICBMs, FAA computers, etc. are *not on the internet or attached to dial-in modems*. Thus they cannot be cracked in the traditional sense. Obviously people could physically break in and do things, but I wouldn't really consider that "cracking".
Cracking is definitely bad and should be punished, but these right-wing over-reactionary witchhunts have simply got to stop.
Re:Thank you (Score:2)
Cracking is definitely bad and should be punished, but these right-wing over-reactionary witchhunts have simply got to stop.
I agree that this needs to stop. I don't personally believe that it's "over-reactionary witchhunts". I think it's people who have adgendas, that are using this tradegy to push those adgendas.