core conversation:how not to be evil (even by accident)

I apparently am evil enough to need this session. There is an intersection between what is ethical to do and what makes good business sense. Let’s find out! Free speech, civil liberties, and privacy online. There is a mismatch between intellectual property law and terms of online use. Presenters Danny O’Brien – EFF Eva Galperin …

gray hat hacking

In 1999, a seventeen year old hacker with the handle “ytcracker” exploited a weakness in Microsoft NT’s web service and replaced the homepage of three U.S. government agency web sites. The homepages of NASA’s Goddard Flight Center, the office of Land Management’s National Training Center, and a Defense Contracts Audit Agency suddenly showed an image of a graffiti-like rapper with gold necklaces and the message:

To the U.S. government and military–I have warned you about these security flaws. Please secure our military systems to protect us from cyber attack.

ytcracker’s message was accurate–he did send messages to the administrators of these systems notifying them of the vulnerabilities. When they did not fix the security flaws, he used them to breach their systems. The seventeen-year old was charged and fined $30,000 for unauthorized access of a computer system.

wi-fi piracy

In 2005, Benjamin Smith, III, was arrested and charged in Florida with unauthorized access to a computer network. In 2006, David Kauchak pleaded guilty in Illinois to “remotely accessing another computer system without the owner’s approval”. In 2007, Michigan resident Sam Peterson was charged under the state’s “Fraudulent access to computers, computer systems, and computer networks” law. Each time, the “criminal” was observed using a laptop computer from their vehicles outside of a business or home. They were taking advantage of unsecured wireless networks to gain access to the Internet.