Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 6/24/83; site sask.UUCP Path: utzoo!watmath!clyde!akgua!sdcsvax!dcdwest!ittvax!decvax!harpo!ulysses!mhuxl!houxm!ihnp4!alberta!sask!derek From: derek@sask.UUCP Newsgroups: net.misc,net.legal Subject: Re: Password hacker gets probation (& other electronic crimes) Message-ID: <43@sask.UUCP> Date: Tue, 15-May-84 01:12:23 EDT Article-I.D.: sask.43 Posted: Tue May 15 01:12:23 1984 Date-Received: Wed, 16-May-84 07:37:36 EDT References: <333@teldata.UUCP> Organization: U of Saskatchewan, Canada Lines: 87 All this talk about people cracking computer being similar to breaking and entering a private home has gone far enough. It is silly. There are too many emotional ties to a person's home. It is a private place. We have been having some discussion on this topic and the following comments are from Darwyn Peachey, sask!kimnovax!peachey. I guess I will focus primarily on the analogy between a computer system and an office building. The building itself is usually considered to be a more-or-less public place, although it might be owned by some firm. An individual's office is a more-or-less private place (as is his computer account), but in some firms there is an understood permission to enter other people's offices in their absence in order to get the firm's work done. This of course does not imply any permission for the general public to enter someone's office. Members of the general public are usually tolerated in the public part of the building, especially if they are lost or are trying to contact someone in the firm. It seems to me that this is analogous to logging on to public or test accounts to send some mail, or to see if the system is busy, or to see if there is anything connected to that Datapac address. Of course, if a member of the public accidentally or maliciously did some damage to the building, he would expect to be liable for the cost of repairs. Moreover, someone who set up a tent, cookstove, etc. in the lobby of an office building might well expect to be asked to leave, because he is making an unfair use of the firm's hospitality. Use of someone's office by a co-worker is only fair when no charges are incurred by the co-worker and fraudulently passed on to the owner of the office. In most office buildings, employees do not pay for phones, rent, etc. so this point is moot. Computer accounts are much different if some form of charging exists. Deliberately damaging someone else's property is a no-no, whereever it takes place. To me, modifying or deleting files from another user's account without permission (specific or general) is a crime of the same type. Privacy should be respected. However, people who keep personal material on computer accounts which are analogous to offices (meaning accounts on machines they don't own or accounts they don't pay for) are likely to have their privacy invaded accidentally, just like the person who keeps his pornographic home movies in his desk drawer at work. It is the responsibility of the owner of a building to make it clear to members of the public when access is not allowed. Anyone who then enters or makes a deliberate attempt to enter is committing an unethical act. I think that a computer system that asks for a password is indicating that only certain people are allowed to enter. Someone who then attempts to find the password is breaking and entering. However, systems that have no such security check, however feeble, are not really indicating that members of the public are not allowed on. Just like the lobby of an office building, the public might be expected to wander in. As long as they do no damage, and make no unreasonable use of the facilities, they have not really done anything wrong. Of course, they can be asked to leave by the management, and they should comply with such a request. It would be unreasonable to walk into the lobby of an office building and be presented with a bill for this use of the lobby floor! If the owner of a building makes some effort to inform the public that they are not allowed to enter the building, then the quality of the locks on the doors is not an issue. The burglar cannot defend himself by arguing that the locks were too easy to pick! Finally, let me say that I feel that a "doctrine of lesser evils" should apply. If I were outside freezing to death and my only chance of survival were to break into a private home, even inflicting some damage to the windows in the process, I would break in without a second thought. This is okay, in my view, because the preservation of life is considered more important than privacy and property. I would of course expect to pay for the damage I did. I'm not sure that similar life-and-death cases exist in the computer world, but I wouldn't be surprised. Note that you can't override one evil with another evil at the same level, eg, one life with another (but what about self defense?), one loss of property with another, ... Darwyn -- Derek Andrew, ACS, U of Saskatchewan, Saskatoon Saskatchewan, Canada, S7N 0W0 {ihnp4 | utah-cs | utcsrgv | alberta}!sask!derek 306-343-2638 0900-1630 CST