Argument
Have
you ever tried to access a website, only to find that it is down? Although it
might be because the site is merely under construction, it may be because it
has become a victim of a cracker group or script kiddy.
Security
bypassing and information gathering software should not be available to the
public without a business license because it enables crackers on the internet
and people use it for malicious purposes.
The
restriction involving a business license should be put in place because if only
people with a business license were able to get the software, there would be a
much higher likelihood that the software would be used for its original
purpose: enabling users to go in and reset lost or forgotten passwords on their
computer workstations. The restriction would also keep crackers and other black
hat groups from getting their hands on the latest software and tools. This restriction
would deal a heavy blow to political activist groups such as anonymous.
There are many different threats to a
businesses network out there, the main ones are black hats, white hats and
script kiddies. Black hats are people who gain access to, crash or in some way
exploit a system with malicious intent, this type of hacker is also known as a
“cracker”. White hats are people who ask permission to hack a system from the
system administrator, do so and then inform them of ways in which they can
improve security and what have you. White hat hackers are also known as
penetration testers, ethical hackers and security analysts in some cases.
Lastly there are script kiddies, who are just as dangerous if not more dangerous
than the above two. A script kiddie is someone who has no knowledge of a set of
tools that they have been given, and cause malicious damage to a network,
website, or system without having any idea of the kind of scripts that they are
using, what they do, or just how bad they are damaging the system. The fact
that they don’t know what they’re doing makes them all the more reckless.
Many
of today’s top businesses and corporations are experiencing security problems
because of the results of crackers using social engineering to gain access to,
and distribute necessary security protocols/isp/ip port entrances to Script
Kiddies for them to do their bidding, “"Kids
are unwittingly doing the bidding for organized crime syndicates," said
Frank Cilluffo, an analyst at the Center for Strategic and International
Studies in Washington”(Verton 1). Script Kiddies are usually teenaged kids who
use software/scripts that they have found on the internets in order to gain
access to restricted websites or servers of information, or in severe cases, in
order to crash or plant sniffers into server structures. Script kiddies have
become an increasingly dangerous threat as of late. "The fact that script
kiddies will blindly launch scripts against large IP blocks without any thought
as to who they are attacking makes them dangerous, especially for those administrators
who do not take security seriously," said Mandy Andress, president of
ArcSec Technologies Inc., a consultancy in Dublin, Calif.(Verton 1)The danger
from a script kiddie is stronger than that of a normal cracker because of the
fact that the script kiddies are typically not fully aware of the consequences
of their actions, and are therefore more likely to place highly malicious
software in some company’s network. Script kiddies would not be nearly as
prevalent as they are now, if business restriction were put on who could access
the new software.
However
its not just civilian crackers who are accessing peoples databases and
information. Every year, in Las Vegas Nevada, there is an event called DefCon,
it is a black hat conference in which thousands of hackers/crackers from all
over the world congregate together to teach each other new things, federal
agents who go to DefCon gather intelligence on these cracker’s next moves. This
shows that the danger to peoples systems is not only civilian, but
governmental. After 9/11, William Binney created a program meant to listen in
on foreign enemies for the NSA, however soon enough he noticed that they had
taken his software and were using it for DOMESTIC spying. It was named operation
stellar wind and it collects information from nearly every source here in the
US and records its metadata, this is not illegal because the actual search is
not done until later once a search warrant is given. However the machine does
profile people as it collects information, making it easier to get a search
warrant. This represents the importance of encryption in a system, because its
not just hackers trying to get your information, but also massive information
gathering systems. This shows how it would be beneficial to restrict the access
of information gathering software to those with a business license because it
would greatly reduce the amount of threats out there that would affect the
community and that would be caught by the government.
By restricting access to these tools of the trade, we can
effectively reduce the amount of cracking that takes place by the individual.
The cracking would continue to take place, however it would be done by groups
like anonymous, lulzsec, kOS, chaos computer club, etc. even though the
restriction would not entirely eliminate the hacking problem, it would allow
for the prosecution of people who were going to hack something illegally,
because they would have illegally gained the tools to do so. However this would
not stop those who are creating the software themselves, the “elite hackers”
can pump out different scripts somewhat regularly, and they would be covered
under the intellectual and creative property rights, “”informational speech”,
factual speech that can repurposed for crime”(Matwyshyn 797). This means that
anything they make, as long as they don’t use it themselves can legally be put
up on the internet for all to see, as computer code of any variety is treated
in the same way as literature is towards the first amendment, it is free
speech. However, even with the freedom of speech protecting these hacker’s
creations, if they are cut off from the most recent advancements in the field,
they will not be able to keep up with new security protocols and their programs
will eventually become antiquated and useless.
Some people would argue that, just like with gun control,
if you limit who has access to the object, that it would cause even more
interest in that object, and that because of this restriction the number of
crackers would only increase. This argument is similar to the appeal that
drinking has on teenagers in that its appeal comes partly from the notion that
the act itself is illegal. However, if the penalties are steep enough, and if
the materials necessary to carry out the illegal act become more and more
scarce, it will become increasingly more difficult to do.
In conclusion, restrictions should be put on information
gathering and security cracking software so that only people with a business
license can have access to it because it will not only help the software be
used for its original purpose, but it will also help diminish online groups
such as anonymous, and script kiddies from using for malicious and political
ends.
Works Cited
Matwyshyn, Andrea M.
"Hacking Speech: Informational Speech And The First Amendment."
Northwestern University Law Review 107.2 (2013): 795-845. Academic Search
Complete. Web. 18 Nov. 2013.
Verton, Dan.
"Black Hat Highlights Real Danger Of Script Kiddies." Computerworld
35.30 (2001): 17. Academic Search Complete. Web. 18 Nov. 2013.
No comments:
Post a Comment