From time to time we consider the ramifications of hacking prowess being used for evil purposes. Knowledge is a powerful thing, but alone it is not a dangerous thing. Malicious intent is what takes a clever project and turns it to a tragic end. Conscientious hackers realize this, and [George Hadley] is one of them. While working on a new project he wondered if there were guidelines as to what knowledge should and should not be shared. It turns out that the United States has a set of International Traffic in Arms Regulations that mention concepts we’ve seen in many projects. He wrote up an article which covers the major points of the ITAR.
The gist of it is that sharing certain knowledge, by posting it on the Internet or otherwise, can be considered arms trafficking. It’ll get you a not-so-friendly visit from government officials and quite possibly a sponsored stay in a secure facility. Information about DIY radar, communications jamming, spying devices, UAVs, and a few other concepts are prohibited from being shared. The one qualifying part of that restriction is that it only applies if the information is not publicly known.
[Nate] over at SparkFun Electronics has posted a cease and desist letter he received from SPARC industries. Apparently their legal department feels that his name is close enough to theirs to ignite a legal battle. They are demanding that he transfer his domain to them immediately to extinguish the flames. This all seems a bit silly, his name isn’t really at all like theirs and his product isn’t similar either. To add to the peculiarity of this, going to their site throws up a big red malware warning for us (in chrome).
P2P networks have long been a legal gray area, used for various spam schemes, illegal filesharing, and lots and lots of adware. Last year, though, the first botnet created by a worm distributed via P2P software surfaced, the work of 19-year-old [Jason Michael Milmont] of Cheyenne, Wyoming, who distributed his Nugache Worm by offering free downloads of the P2P app Limewire with the worm embedded. He later began distributing it using bogus MySpace and Photobucket links shared via chats on AOL Instant Messenger. The strategy proved effective, as the botnet peaked with around 15,000 bots. [Milmont] has plead guilty to the charges against him. Per his plea agreement, he will pay $73,000 in restitution and may serve up to five years in prison.
A new legal precedent may be set with the case of [Lori Drew], the St. Louis woman who posed as a teenage boy on MySpace and harassed 13-year-old [Megan Meier] until she committed suicide. Drew is being charged under the computer fraud and abuse act, on the grounds that she violated the terms of service agreement of MySpace. If she is convicted of these charges (she is also being charged with conspiracy), it may allow for the criminal prosecution of anyone who violates the terms of service agreement of a site under the same law.
Continue reading “Violating Terms Of Service equals hacking”