home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
The Hacker Chronicles - A…the Computer Underground
/
The Hacker Chronicles - A Tour of the Computer Underground (P-80 Systems).iso
/
cud2
/
cud202b.txt
< prev
next >
Wrap
Text File
|
1992-09-26
|
6KB
|
110 lines
------------------------------
Date: September 8, 1990
From: Jim Thomas
Subject: Musing over Operation Sun Devil
********************************************************************
*** CuD #2.02, File 2 of 5: Musing over Operation Sun Devil ***
********************************************************************
It is nearly four months after the May 8 raids from Operation Sun Devil,
and pushing three years since the investigation began. To date, there still
seems to be little that has come from the highly publicized operation. In
various press releases, public appearances, and comments to the media, the
operation was called by law enforcement a major effort in the crackdown on
hackers, the beginning of a national sweep against computer crime, and an
attack on threats to national security.
In many ways, Operation Sun Devil and the raids that preceded it were
"trial by media." Law enforcement officials issued press releases, appeared
on tv and radio talk shows, and made themselves quite visible with their
sweeping, strident, and often factually wrong comments. Craig Neidorf's
first indictment associated him with the Legion of Doom, and it associated
the LoD with bank theft and disruption of E911 services, among other
crimes. The public was asked what other group of criminals held
conferences and published newsletters. This does not strike us as an
unprejudicial statement, especially when the presumed "criminal" about whom
the allusion apparently was made was not only not convicted, but had his
trial cancelled before the prosecution had even finished presenting its
case. Yet, it has been those critical of the raids who were sometimes
called "mean spirited," hypocritical, and worse law enforcement and others
who supported the crackdown.
Other indictments still may be forthcoming. But, our concern is that, to
save face and avoid the embarrassment of what at this point appears to be a
major fiasco, law enforcement officials may stretch legal definitions to
prosecute even the most minor offenses as a means of showing that the
Operation was justified.
It is still not clear why the particular boards that were raided were
picked. The language of the indictments and comments to the media convey
the imagery of a "ring," of something organized, of people acting in
collusion or in a conspiracy. Yet, neither the evidence presented so far
nor any other facts that have surfaced support this.
It appears that confiscation of equipment is being used as a form of
intimidation or as punishment without trial. Because of the raids, lives
have been traumatically disrupted, perhaps destroyed, innocent employees
have been put out of work because of the financial hardship the raids
caused at least one company, and many would argue that the Bill of Rights
has been tarnished by those charged with protecting them.
Most of us have consistently argued that we should not build barriers
between computerists and law enforcement and that we should try to educate
agents, legislators and the public to the nature of the computer
underground. This, however, seems perhaps naive and idealistic. Despite the
evidence, despite the reasoned approach of many, such as EFF, and despite
the lack of indictments to date, those involved in Sun Devil show no
indication whatsoever that they have listened to any of the concerned
voices. They repeat the same hackneyed phrases that paint "hackers" as
dangerous criminals. Dramatic statements about the costs of hackers to
society, their threats to security, or their past actions for disruption
are raised. But, when asked to name a few examples, or when asked for the
sources of their information, they are silent, either changing the subject,
repeating glib one-liners, or falling back on that old standby "We can't
discuss on-going investigations."
Perhaps serious crimes were committed by some. But, if so, indictments
should be issued. When suspects are investigated in a serious crime, the
public (and the suspects) are generally told the specific nature of the
crime and the evidence, or at least the reason they're a suspect, is
revealed.
One maddening tendency of law enforcement is that of "guilt by
association." A few dramatic crimes are cited and then hackers are drawn in
by association. By analogy, the logic would be akin to stating that
speeding get-away drivers in a bank heist are dangerous felons, and then
comparing them with a driver who speeds 10 mph over the speed limit on the
freeway as a means of invoking law to confiscate speeders' cars, send them
to prison for a mega-sentence, or to otherwise hassle drivers. Driving
infractions, however, do not raise the Constitutional issues of right to
privacy, search and seizure, or freedom of speech.
Crimes, and very serious crimes, are committed with computers. But, we
suggest, the so-called "hacker community" is generally not the primary
culprit. To claim that computer crime costs society x-billion dollars a
year as a means of justifying the current practice of punishment without
trial is deceptive at best. August Bequai indicated that most computer
crime occurs from within an organization. Other serious crimes
(embezzlement, theft of trade secrets) are rarely, if ever, done by the
"common hacker." There is virtually no evidence that we have seen--and if
any law enforcement officials want to present some, we will alter our
views--to substantiate the "slippery slope" thesis--that just as marijuana
leads to "harder stuff," a young computer hobbyist begins hacking and then
moves on to bank robbery or planting serious viruses. This is just one of
many examples of the hyperbole of some officials to justify their attack on
the CU. The danger is that instead of finding more constructive ways to
combat this new form of juvenile delinquencyy, they are swiping at an ant
with an h-bomb (and missing). If resources are as limited as officials
claim in explaining why it takes so long to investigate, or why they can't
put technologically-trained agents in the field, then shouldn't those
limited resources go to better use?
********************************************************************
>> END OF THIS FILE <<
***************************************************************************
Downloaded From P-80 International Information Systems 304-744-2253 12yrs+