Forgot your password?
typodupeerror
Security Your Rights Online

Death Penalty For Hackers? 1096

Posted by CmdrTaco
from the you-can't-make-that-stuff-up dept.
EMIce writes "The New York Times Op-Ed page has a piece entitled Worse Than Death (Obnoxious but free registration required) that calls for harsher 'hacker' penalties as a deterrent, quoting one academic as recommending even well, the death penalty - as a deterrent for the likes of Sasser author Sven Jaschan. Let's face it, businesses are becoming more dependent on their computers but they continue to be a point of failure, and subsequently, frustration through lost profits. Perpetrated breakdowns are now pushing that aggravation towards an edge. The author suggests commuting the idea of a death sentence into a lifetime of servitude doing viral cleanup. What role should enforcement play in such cases and is this too harsh, even considering the billions in damage that is sometimes caused?"
This discussion has been archived. No new comments can be posted.

Death Penalty For Hackers?

Comments Filter:
    • by Anonymous Coward on Tuesday July 12, 2005 @11:30AM (#13042744)
      Dear hedgehog2097,

      It looks like you've hacked our registration system.

      See you in the death row.

      Sincerely,
      The New York Times
    • by Lanoitarus (732808) on Tuesday July 12, 2005 @11:42AM (#13042902)
      This Tierney guy says that his article is based on an article by Steven Landsburg, an Economics Professor at the University of Rochester.

      The original article (by Landsburg himself) is a bit more detailed, and can be found on Slate here:
      http://slate.msn.com/id/2101297/ [msn.com]
  • Look, out, John... (Score:3, Insightful)

    by TripMaster Monkey (862126) * on Tuesday July 12, 2005 @10:46AM (#13042108)
    Somone call John Dvorak...his title as reigning champion of the blithering idiots is being seriously contested.

    Just who is this John Tierney [nytimes.com], anyway? Judging from his whining about 'man-years I've spent running virus scans and reformatting hard drives', he doesn't sound like any computer profesional I know...perhaps if he was a bit more in the know, he'd know that although Microsoft had released a patch for this loophole on 13 and 28 April 2004, many companies had not applied this protection before Sasser struck. [bbc.co.uk] Perhaps some of Mr. Tierney's considerable ire should be redirected towards the hordes of lazy sysadmins who had a solution for the Sasser worm, but chose complacency over vigilance.
    • That punishment doesn't fit the crime. In many ways our justice system makes victims out of the perpetrators of crimes when the punishment is way out of proportion to the actual crime committed. When that happens, the justice system is perpetrating an injustice on the person found guilty in court.

      I don't like how some people think that just because someone is obnoxious or causes minor damage (and let's face it, virus infestations are fairly minor compared to the gamut of actual crimes that people are let off the hook with much less punishment) that they should be put away for ever or even put to death. I think it reeks of a completely blown sense of proportion. Unfortunately, the voters who think this way are more prone to vote than people who are more sanely-minded.

      Should the punishment for releasing a virus be tough? I don't think so. I think that it is a pretty benign "crime". It is crucial that we keep a sense of proportion when discussing the sentencing stage of justice.
      • by VernonNemitz (581327) on Tuesday July 12, 2005 @11:08AM (#13042443) Journal
        If we punish with the death penalty those whose actions upset the lives of many many other people, and also cost lots and lots, then there is a long list of people who qualify. CEOs who rob pension funds, for example. Various politicians....
      • parent Offtopic? Mods must be on crack again. This speaks exactly to the topic at hand.

        Punishments should be harsher than they are currently, but death or a life sentence is way out of line for the crime. Once they start putting child molesters to death then maybe someone can start to think about it for computer crimes.

      • by lightsaber1 (686686) on Tuesday July 12, 2005 @11:11AM (#13042488)
        As benign as the crime may seem to you, it does cost billions of dollars to corporations. The death penalty is in no way acceptable -- that punishment doesn't even resemble something that fits the crime.

        On the other hand, it is conceivable that people may die as a result of a virus in hospitals, for example.

        To me, a virus release could range from a misdemeanor vandalism charge to possibly as high as manslaughter in the extreme case. The crime is serious, but you are right, some people do tend ot lose perspective. Perhaps a turn in the total perspective vortex would do some good.

      • Should the punishment for releasing a virus be tough? I don't think so. I think that it is a pretty benign "crime". It is crucial that we keep a sense of proportion when discussing the sentencing stage of justice.

        Considering both the money lost by business and disruptions to things like air travel, I'd say it's far from "benign," and definitely a crime. Death penalty? Hell yeah. But something harsher than a few months' worth of suspended sentence was in order on this one, IMO.

        Kids, creating compute
      • "In many ways our justice system makes victims out of the perpetrators of crimes when the punishment is way out of proportion to the actual crime committed. When that happens, the justice system is perpetrating an injustice on the person found guilty in court."

        When that happens the justice system is no longer a justice system at all but merely a means of oppression. But worse, it exercises oppression not only over those "convicted of crime" (which itself would have little meaning in an unjust system), but
    • by drakaan (688386) on Tuesday July 12, 2005 @10:54AM (#13042231) Homepage Journal
      Time to play Devil's Advocate...

      Not wanting to install a patch to a production server is not necessarily complacency. In point of fact, in some cases, it *is* vigilance, assuming you've ever installed a patch and seen software mysteriously and suddeny cease functioning...it happens on Windows servers from time to time, if you didn't know.

      To be fair, most of the companies that didn't install the patch for a reason like that probably made sure the systems were protected in other ways. Just couldn't let the "no install patch" = "lazy complacent sysadmin" generalization go unqualified.

      • by TripMaster Monkey (862126) * on Tuesday July 12, 2005 @11:07AM (#13042432)
        Not wanting to install a patch to a production server is not necessarily complacency. In point of fact, in some cases, it *is* vigilance, assuming you've ever installed a patch and seen software mysteriously and suddeny cease functioning...it happens on Windows servers from time to time, if you didn't know.

        Actually, I do know...as it has happened to me more than once (Windows XP SP2 breaking WinFax and Windows Server 2003 SP1 breaking Windows Update immediately spring to mind). This is where the concept of a QA server comes into play. Any sysadmin worth their salt will have some sort of test server set up where they can test updates, patches, service packs, etc. without endangering their mission-critical systems. It's a simple process, but apparently thre's a lot of sysadmins out there who can't be bothered to exercise due dilligence...hence, my accusation of complacency.
        • by sheldon (2322) on Tuesday July 12, 2005 @11:25AM (#13042688)
          Having a test server is a simple process.

          Knowing what all to test... that's the hard part.
    • by DShard (159067) on Tuesday July 12, 2005 @10:57AM (#13042271)
      I see this as yet another fundemental misunderstanding of what security _is_ and how the proposed fix doesn't address the real problem in the least. As you correctly point out, admins and users are at fault here. The internet is a snapshot of society that has no boundaries. Anything that would happen in the real world will happen online. If purposeful defacement and destruction of property cannot be contained in the real world, nor will it online. Does the statement, "We should put to death people who create griffiti." even sound slightly rational?
    • by Otter (3800) on Tuesday July 12, 2005 @11:01AM (#13042335) Journal
      Somone call John Dvorak...his title as reigning champion of the blithering idiots is being seriously contested.

      Just who is this John Tierney anyway? Judging from his whining about 'man-years I've spent running virus scans and reformatting hard drives', he doesn't sound like any computer profesional I know...

      1) He's joking.

      2) He's a columnist who frequently combines analysis with whimsy.

      3) I understand that the submitter and CmdrTaco can't be expected to catch this stuff. But with 67 +1 posts, am I really the only one to get it?

      4) How freaking dense are you people? I'm looking forward to "Who is this Dave Barry fellow? He doesn't sound like any computer professional I know...

    • by A beautiful mind (821714) on Tuesday July 12, 2005 @11:03AM (#13042363)
      Someone who can stick a price on human life, or argument for improving the economy by killing people deserves no respect from me.

      This "journalist" did just that.

      The article is pure flamebait. I don't even start telling about the collective responsibility of software makers and the lazy sysadmins. The sasser worm was like a polite burglar: if it found the front door open, it went in. If it found it closed, it went away. Well, newsflash dear analysts: until you start paying attention to security there always will be a guy who writes a crappy virus (95% of them is _crude_) which wreaks havoc only because users and vendors like Microsoft of ignoring security.
      • Someone who can stick a price on human life, or argument for improving the economy by killing people deserves no respect from me.

        This "journalist" did just that.

        The article is pure flamebait.


        Someone who can make an outraged (outraged!) post about an article based on a Slashdot writeup might not deserve so much respect either....

        The journalist you're scorning (John Tierney) was very clearly NOT advocating the death penalty. He discussed an interesting report made by an analyst putting things in perspec
  • ...public floggings of idiots that don't sufficiently protect/firewall their computers!
  • Ahh. That explains the demise of Phrack [slashdot.org] I guess.
  • Death by pop-up.

    Or pop-under...
  • by aicrules (819392) on Tuesday July 12, 2005 @10:47AM (#13042122)
    because he costs companies millions in lost revenue, but CEO of company who commits fraud and loots the pension funds for billions gets nothing or maybe a few years in prison?

    Yeah, we're looking at the right places for deterence.
    • by Skye16 (685048) on Tuesday July 12, 2005 @10:50AM (#13042164)
      Ahh, but the CEO is rich. Thus, it's okay. Therefore, teenagers get executed and old rich white men take a few billion dollars to support their pure-gold-toilet needs.

    • Here here!! This is more corporate interestes above the common peoples.

      Suggesting that hacking can incur a death penalty because of the BILLIONS involved is VILE!

      We so far have kept our government from killing citizens over money, is this what we want now? I thought life was precious and beyond monetary value?

      So, we change laws so hackers get death for their billions in losses, but CEO's and other's at the "helm" or in places of power get carte blanche to do whatever they like in the "course of busines
    • Two wrongs don't make a right. Yes, there are far worse things that don't get the death penalty, but those are wrongs too. Personally, I think it would be as fair if not more fair than the current systems if we came up with economic based standards. Put a number on the very generalized value of a life. Base it on something simple like the typical payout in accidental death due to an airline crashing. If that is $2.5 million, then just say that any crime or accumulation of crimes that you commit that ca
    • by mwvdlee (775178) on Tuesday July 12, 2005 @11:07AM (#13042435) Homepage
      Kidnappers: We have a columnist held hostage.

      Negotiator: What are your demands?

      K: We want a million dollar.

      N: A million?

      K: Yes.

      N: Oh well, that's more than the value of a human life.

      (hangs up and orders troops to blow up building)

      N: (talking to collegue) And to think it was that very journalist who proposed the price, isn't it ironic?
    • The other side to deterrence is that it makes the perpetrators have less to lose. If crackers know that they will be detained indefinitely or killed, perhaps they will do something far more malicious than they would normally do. Deterrence can be saturated and the results are usually far more devastating than not having deterrents in the first place.
    • So hacker gets death...because he costs companies millions in lost revenue, but CEO of company who commits fraud and loots the pension funds for billions gets nothing or maybe a few years in prison?

      Actually, it was kind of tongue-in-cheek, meant to illustrate the seriousness of the effects of some of the worst attacks. And actually, it's more than "millions" that things like the premier worms and viruses cost. It's "billions", real billions of dollars, just like the looting CEOs. And that "lost revenue" t
  • Death Threat? (Score:3, Interesting)

    by spiderworm (830684) on Tuesday July 12, 2005 @10:47AM (#13042124)
    Wowsers. Makes me wonder what the punishment would be for the software vendors whose products are virus friendly?
  • by Rolan (20257) * on Tuesday July 12, 2005 @10:47AM (#13042125) Homepage Journal
    Companies are always quick to blame the 'hackers' when something bad happens. What they need to do is look inside first at themselves. Besides the fact that the vast majority of damage done to company computers is an inside job, most of the external damage (caused by worms and viruses, etc) is caused by people not patching vulnerable systems or having a poor network setup. The virus/worm writers certainly aren't innocent, but a lot of the companies are as guilty for not doing what they need to to defend against such attacks.
    • <SARCASM>
      You know, when a girl is wearing a short skirt, and she's walking at night alone? She's just as guilty of rape as the guy who rapes her, for not defending herself adequately.
      </SARCASM>

      That sort of thinking is nonsense.

      Not that I agree with this article either. I have a hard time taking anyone seriously who uses a "cost-benefit analysis" to determine who should live and who should die. (Why not just kill all the old people?)
  • yes, kill hackers (Score:5, Insightful)

    by hsmith (818216) on Tuesday July 12, 2005 @10:48AM (#13042137)
    Yes, lets kill hackers, but lets let more [theksbwchannel.com] and [latimes.com] more [ocregister.com] child [kfmb.com] molesters [themonitor.com] out of jail

    priorites people
    • Re:yes, kill hackers (Score:3, Interesting)

      by Abcd1234 (188840)
      Well, that didn't take long. I think we really need a new analogue to Godwin's Law as follows:

      "As an online discussion grows longer, the probability of a comparison involving child molestors approaches 1 (i.e. certainty)."

      Think of the children! Won't somebody *please* think of the children?!
  • by pohl (872) * on Tuesday July 12, 2005 @10:48AM (#13042141) Homepage
    At some point businesses are going to have to place a greater emphasis on the importance of demanding quality software from their vendors and quality configuration from their system administrators. At some point we're going to have to be responsible consumers of technology, able to discern that some new whiz-bang facility offered by ACME Software is just a worm-propagation API in drag. We're going to have to recognize that vulnerabilities can, in fact, stem from software design decisions and that we can't just blame security heartaches on the ubiquity of the software.

    I hope that we reach that point far in advance of advocating the death penalty for electronic trespassers. Even a fan of stiff penalties should pause and reflect before going there based upon a dispassionate cost/benefit analysis.

    The worse-than-death ideas in the article are amusing, though.

  • by conner_bw (120497) on Tuesday July 12, 2005 @10:48AM (#13042152) Homepage Journal
    This is pretty much like saying:

    Death penalty for fast driving!

    Who defines fast? And under what circumstance is it allowed/not allowed? Wrong on so many levels.

  • by jayhawk88 (160512) <jayhawk88@gmail.com> on Tuesday July 12, 2005 @10:48AM (#13042153)
    ...is to make them work the Help Desk of any random ISP.
  • Won't help (Score:5, Insightful)

    by Da Fokka (94074) on Tuesday July 12, 2005 @10:49AM (#13042160) Homepage

    Except for the fact that the idea is horribly wrong from an ethical viewpoint, it also simply won't work. The efficacy of a punishment is more related to the chance of being caught than to the severity of the punishment.

    Despite the risk of huge fines, almost everyone downloads movies at a regular basis, because the chances of being caught are near zero.

    • Ob Historical Note (Score:3, Interesting)

      by jd (1658)
      In Victorian England, they discovered an interesting relationship between crime and punishment. As punishment became more severe and more vile, so did the crime. After some time of this, they started reforming the system, improving conditions and lessening the harshness. The crime levels went DOWN.

      Over time, prisons became run-down and overcrowded. Conditions worsened. The situation boiled over, several times - perhaps the most dramatic was the Strangeways rooftop protest. At about this time, you again se

  • If Hackers can (Score:3, Insightful)

    by acadia11 (889886) on Tuesday July 12, 2005 @10:50AM (#13042175)
    get the "death" penalty. I think the guys from Enron and MCI, etc, who cost 10's of millions of damage in the form of lost pensions and 401K's for their employees should recieve an equivalent "death" penalty.
  • Text of Article (Score:4, Informative)

    by $RANDOMLUSER (804576) on Tuesday July 12, 2005 @10:51AM (#13042183)
    Last year a German teenager named Sven Jaschan released the Sasser worm, one of the costliest acts of sabotage in the history of the Internet. It crippled computers around the world, closing businesses, halting trains and grounding airplanes.
    Skip to next paragraph

    Related More Columns by John Tierney
    Readers
    Forum: John Tierney's Columns

    Which of these punishments does he deserve?

    A) A 21-month suspended sentence and 30 hours of community service.

    B) Two years in prison.

    C) A five-year ban on using computers.

    D) Death.

    E) Something worse.

    If you answered A, you must be the German judge who gave him that sentence last week.

    If you answered B or C, you're confusing him with other hackers who have been sent to prison and banned from using computers or the Internet. But those punishments don't seem to have deterred hackers like Mr. Jaschan from taking their place.

    I'm tempted to say that the correct answer is D, and not just because of the man-years I've spent running virus scans and reformatting hard drives. I'm almost convinced by Steven Landsburg's cost-benefit analysis showing that the spreaders of computer viruses and worms are more logical candidates for capital punishment than murderers are.

    Professor Landsburg, an economist at the University of Rochester, has calculated the relative value to society of executing murderers and hackers. By using studies estimating the deterrent value of capital punishment, he figures that executing one murderer yields at most $100 million in social benefits.

    The benefits of executing a hacker would be greater, he argues, because the social costs of hacking are estimated to be so much higher: $50 billion per year. Deterring a mere one-fifth of 1 percent of those crimes - one in 500 hackers - would save society $100 million. And Professor Landsburg believes that a lot more than one in 500 hackers would be deterred by the sight of a colleague on death row.

    I see his logic, but I also see practical difficulties. For one thing, many hackers live in places where capital punishment is illegal. For another, most of them are teenage boys, a group that has never been known for fearing death. They're probably more afraid of going five years without computer games.

    So that leaves us with E: something worse than death. Something that would approximate the millions of hours of tedium that hackers have inflicted on society.

    Hackers are the Internet equivalent of Richard Reid, the shoe-bomber who didn't manage to hurt anyone on his airplane but has been annoying travelers ever since. When I join the line of passengers taking off their shoes at the airport, I get little satisfaction in thinking that the man responsible for this ritual is sitting somewhere by himself in a prison cell, probably with his shoes on.

    He ought to spend his days within smelling range of all those socks at the airport. In an exclusive poll I once conducted among fellow passengers, I found that 80 percent favored forcing Mr. Reid to sit next to the metal detector, helping small children put their sneakers back on.

    The remaining 20 percent in the poll (meaning one guy) said that wasn't harsh enough. He advocated requiring Mr. Reid to change the Odor-Eaters insoles of runners at the end of the New York City Marathon.

    What would be the equivalent public service for Internet sociopaths? Maybe convicted spammers could be sentenced to community service testing all their own wares. The number of organ-enlargement offers would decline if a spammer thought he'd have to appear in a public-service television commercial explaining that he'd tried them all and they just didn't work for him.

    Convicted hackers like Mr. Jaschan could be sentenced to a lifetime of removing worms and viruses, but the computer experts I consulted said there would be too big a risk that the hackers would enjoy the job. After all, Mr. Jaschan is now doing just that for a software security firm.

    The
    • by hey! (33014) on Tuesday July 12, 2005 @02:36PM (#13045050) Homepage Journal
      C) A five-year ban on using computers.

      ...
      E) Something worse [than death]

      Seems like E is redundant for the population in question. And, by the way, I buy this assertion completely:

      Hackers are the Internet equivalent of Richard Reid,

      This is indisputably true. And having your network DOS'd is also the Internet equivalent of having your body blown to bits over the Atlantic. For that matter being forced to concede in chess is the gaming equivalent of having your country forced into unconditional surrender.

      Where we get into trouble is figuring because situations are analagous they must then be equally serious.
    • Re:Text of Article (Score:3, Interesting)

      by Stauf (85247)

      the man-years I've

      This is the stupidest snippet ever. 1 man-year == an amount of men, x, working on a problem for y days each, such that x*y = 364 days.

      You, as an individual, cannot work more then 1 man-year in a year. In fact, I highly doubt anyone has ever worked 1 man-year in a year - you have to sleep sometime. This guy is claiming to have spend 365 may-days (8760 man-hours) running virus scans and reformatting hard drives. Working 40 hour weeks, that's 219 weeks. That's more then four years. And

  • by Ieshan (409693) <ieshan@gmail. c o m> on Tuesday July 12, 2005 @10:52AM (#13042202) Homepage Journal
    I'd appreciate it if any death penalty advocates could please cite a published work (in a reputable journal) which clearly shows statistical evidence that the death penalty actually acts as a deterrant in the mind of would-be criminals.

    As far as I can tell, it's just something that sounds really good. You know, "Criminals will be very scared of being killed for their actions, because normal people are very scared of being killed." From the little I know about the workings of the human mind, most sociopaths don't react to things the same way the rest of us do, and people who cause massive damage on an any scale - economic, physical, emotional - are sociopaths.

    Anyway, I'd just appreciate some good evidence for the "deterrant" hypothesis. Then I'll start to believe it might be a good idea.
    • "people who cause massive damage on an any scale - economic, physical, emotional - are sociopaths."

      Then killing them is the only solution, since 'curing' them is basically impossible and locking them up only gives them a chance to escape.

      Theodore Dalrymple had an interesting article printed a few years ago when he was talking to prisoners about their thoughts on the death penalty: the conclusion was that prisoners were vastly _MORE_ supportive of the death penalty than the law-abiding. After all, they liv
    • Clippy: "Hey! You didn't agree to the terms of your license agreement!

      User: "Cancel"

      Clippy: "You've just committed a capital offense!"

      User: "Cancel"

      Clippy: "Would you like to write a note to your family"

      User: "Cancel"

      Clippy "MS Death Squad(TM) has been dispatched. Are you sure you wouldn't like to write a note to your family?"

      User: "Cancel"

    • by 99BottlesOfBeerInMyF (813746) on Tuesday July 12, 2005 @11:18AM (#13042590)

      There is quite a bit of evidence to the contrary, actually. People who commit violent crimes are usually either desperate or are personality types (like many juveniles and other dissociative types) that do not consider that they might be caught in their actions. Increasingly harsh penalties does little to deter the latter and often motivates the former category towards more violence. Why not risk a shoot out with the police if you're going to die if you go peacefully? Why not shoot the witnesses?

      Practically there are two problems. First, most people don't understand the above and law-makers who support concepts the public does not understand are easy targets. Second, the issue is very emotionally charged and victims and people who empathize with victims are more interested in vengeance than doing what is best for society. Harsh punishments for other, especially nonviolent crimes (like illegal intoxicant laws), cause similar escalations of crime into violent crime. Personally, I don't believe in capital punishment. This is not because I have any problem with killing or any religious qualms. I simply have little faith in the accuracy of our legal system (which seems to be justified considering the number of people on death row who are later proven innocent). Our criminal justice system is not perfect, police are not perfect people, and legal representation is often very, very poor for those without a lot of money. I don't trust it nor do I see how anyone else can trust it especially with something as important as life and death.

  • by Alioth (221270) <no@spam> on Tuesday July 12, 2005 @10:55AM (#13042238) Journal
    As a kid, I used to think the death penalty was a great idea.

    At about age 16, we had a school debate on the subject. I was on the 'pro' death penalty side, but that debate sowed the inital small niggles of doubt.

    By the time I was 18, I realised the death penalty was completely barbaric. If just one innocent person is executed, that's tantamount to state sponsored murder. That's not to mention that capital punishment doesn't seem to deter crime anyway - Texas is executing more people than ever.

    One of the interesting things - if you have a debate with most pro-capital punishment people, they go awfully quiet when you ask them what would they do if they were falsely convicted of a capital crime. How would they feel as they were about to be gassed for a crime they didn't commit?

    I'm glad the EU outlaws capital punishment - it's a concept that should have disappeared in the 19th century. As Ghandi said - an eye for an eye and soon the whole world would be blind.
    • The only difference between death and life imprisonment is that if the person turns out to be innocent you can't say "oops, lets set him free".

    • "One of the interesting things - if you have a debate with most pro-capital punishment people, they go awfully quiet when you ask them what would they do if they were falsely convicted of a capital crime. How would they feel as they were about to be gassed for a crime they didn't commit?"

      You would get pretty much the same reaction for any penalty. Proves nothing.
    • by nuggz (69912)
      I am totally for the death penalty, not even just for murder.

      Rape, child abuse, drunk driving, kill them all, we don't need those vermin around.

      I like the idea of solving a problem for all time, you kill the offender and your risk of reoffending becomes zero.

      However I can't support the death penalty today because it is impractical. We can't guarantee we caught and convict the right person, and it's too expensive. In our quest to limit executing the innocent we spend more than simply jailing them forever.
    • by iwadasn (742362) on Tuesday July 12, 2005 @12:27PM (#13043491)

      Agreed. The Pro-death-penalty crowd always relies on at least one of the following two arguments....

      1) They deserve it, and it will make the victims feel better.

      Personally, I do not like the idea of living in a society where our justice system is based on inflicting misery on some people to make others feel better. End of story. By that logic (about to invoke goodwin's law) you could easily justify any genocide by saying "it makes me feel better".

      2) IT is a deterrent.

      Criminals are not perfectly logical beings, many of them are clinically insane. This doesn't even pass the laugh test.
  • Relax (Score:5, Informative)

    by antientropic (447787) on Tuesday July 12, 2005 @10:55AM (#13042240)

    The poster needs to have his humour detector adjusted. It should be obvious that Tierney is not quite serious about the death penalty. It's more than a bit tongue-in-cheek. Quote from the article:

    Make the hacker spend 16 hours a day fielding help-desk inquiries in an AOL chat room for computer novices. Force him to do this with a user name at least as uncool as KoolDude and to work on a vintage IBM PC with a 2400-baud dial-up connection. Most painful of all for any geek, make him use Windows 95 for the rest of his life.

  • by GeekDork (194851) on Tuesday July 12, 2005 @10:55AM (#13042248)

    Why not give those people a good ol' public whipping?

  • Instead... (Score:5, Insightful)

    by Greenisus (262784) <michael@@@mayotech...com> on Tuesday July 12, 2005 @10:56AM (#13042256) Homepage
    Instead of "hacking" as a crime, perhaps the "hacker" should be charged with any crime that happens as a result. Break into a banking system, and it's fraud and possibly theft. Break into the 911 system and cause several people to die because they couldn't get help, and it's murder. Then, you don't have to make up new punishments and new laws and the punishment will be appropriate to the damage done.

    It just seems obvious to me. Am I missing something here?
  • by glMatrixMode (631669) on Tuesday July 12, 2005 @10:58AM (#13042285)
    Of course this is too harsh.

    Do rapists, killers, pedophiles and other kinds of criminals get death penalties or lifetime jail ? Not in my country. Not in any country of the EU. Even in the USA, only killers get death sentences, and other kinds of crimes don't get you such harsh sentences (but correct me if I'm wrong here).

    Immaterial "crimes" like cracking into a computer system are only crimes because we decide so. We decide so because it is a way of ensuring the stability of our economic system. That's fine, but if we begin to compare that in severity to physical crimes, where people get injured, where violence happens, that means that we have forgotten everything. If we jail more severely (lifetime) a computer cracker than a rapist (usually 2 years jail), then we are totally decadent.
  • Amusing (Score:3, Insightful)

    by rpdillon (715137) on Tuesday July 12, 2005 @11:03AM (#13042367) Homepage
    I always find this kind of thing amusing. This is really a manifestation of the fact that normal people are just basically fed up with computers. Worm writers are an outlet for this frustration, which gets us here, repsonding to an op-ed recommending the death penalty for a 17 year old who wrote a program.

    Why amusing? Because "normal" people don't seem to turn their anger on some of the root causes. I mean, admit it, the prevalence of worms is really a symptom, not a cause. Anyone who isn't "new here" knows where I'm going with this, but I'll say it anyway: turn an eye towards Redmond for the real culprit.

    For folks that a tire of having to run anti-virus, anti-spyware and constantly download and install "service packs" that break programs that they've already paid for, this one is for you. May we all learn to take security seriously in the *design* of the software, rather than tacking it on as an afterthought. Treating security like it is a trivial toy just so you can tack another bullet on the box is the real crime.

    I'm serious when I say that I look forward to the "next generation" of operating systems that will hopefully take security FAR more seriously than this generation did. I'm not talking about Longhorn, I'm talking about the operating systems my children will be using (children I don't have yet). Will worms and viruses still exist? Sure. They always will. But at least we'll have some doors with locks, and perhaps a security system by then; right now, most of us live in a tent that we bought that advertised "Sturdy, intruder repellent vinyl!".
  • by harlows_monkeys (106428) on Tuesday July 12, 2005 @11:06AM (#13042416) Homepage
    There was an interesting Asimov short story about a computer criminal. The punishment was he was conditioned to get sick if he used a computer, and then was given a credit card with a large limit, and released. The general population was told of this, and told to be kind and help him whenever he asked.

    Since nearly everything involved computers, this left him very helpless. Restaurants had computers at the tables that you used to order, for example--so he could not get food at a restaurant unless he asked someone to order for him. Same for pretty much any purchase, or use of public transportation, and so on.

    The idea behind this punishment (which was for one year) was to make him see how dependent society was on computers, and therefore how serious and bad a crime it was to do anything that threatened the security of or the public's confidence in computers.

  • by randall_burns (108052) <randall_burnsNO@SPAMhotmail.com> on Tuesday July 12, 2005 @11:10AM (#13042476)
    What I dislike here is the double standard. Basically we have corporations _whining_ because they can't figure out how to hire the right folks to protect their networkers(or are too cheap to do so). On the other hand, we have CEO's of major corporations running places like Enron and Anderson that are essentially criminal organizations--and getting a complete slap on the wrist. Look at Ken Lay, the worldcom CEO, Milken. These folks all get the best justice money can buy-the type of service the average hacker just can't afford. The damage a crooked CEO can do at the helm of a major corporation makes what hackers do _pale_ by comparison. I don't see hackers leading the US into a pointless war in which thousands of young americans die or are permanently disabled to protect oil interests. I don't see hackers promoting products like thimerosal that may be causing permanent disability in children(or buying crooked politicians to get preferential legislation). I don't see hackers getting a corrupt president elected by vote fraud to refuse to enforce immigration law so corporations can make more money.

    If the corporate and governmental leaders want rule of law-they had better start by holding themselves accountable. Is is the corporate and governmental leaders that have created this state where the law is not taken seriously because they have exempted themselves from it.
  • The problem: (Score:3, Insightful)

    by grasshoppa (657393) <`gro.oc-onpt' `ta' `ydenneks'> on Tuesday July 12, 2005 @11:15AM (#13042547) Homepage
    The problem isn't with the virus-jerks, although I'm not excusing their actions. The problem is software companies aren't held accountable like in other industries.

    If Ford, for example, made a car that due to a glitch caused it to run poorly and eat gas, there would be a lawsuit against them in no time flat. If they did it consistently, people would stop buying from them.

    That doesn't happen in the software industry. People write crap software that costs "profitability" when it goes haywire ( which happens often ), and the decision makers just shake their heads and mutter something about being the nature of the game.

    Virus-jerks aren't the problem, they are a symptom.
  • Why Stop There? (Score:5, Insightful)

    by NickFortune (613926) on Tuesday July 12, 2005 @11:47AM (#13042965) Homepage Journal
    Death for virus writers. Whoo. Why'd no one think of this sooner?

    And we don't have to stop there. Let's do the spammers too. They are the ones who profit. And the DDOS cartels; death to them too.

    Lazy sysadmins who fail to patch their servers promptly: they're costing industry millions. They gotta die.

    Who else? Howabout billionaires who aggressivley market insecure operating systems? It's all their fault, after all. Sayonara, Billy-Boy,

    And as long as we're motivated by financial loss, let's have people who download illegal MP3 files. Get 'em up against the wall! Offering movies over BitTorrent? Off with yer head! Run Warez? Bye-bye! Say "Hi" to Bill for me...

    What else can we do? Employee sickness costs billions to industry. Let's have the death penalty for catching a cold! It doesn't just serve as an incentive - it improves the gene pool as well!

    How about criticsing the government? I'll bet millions are spent on spinning the facts every time some ungrateful fool goes and blows the whistle. Let's string 'em up today!

    Think you're clever writing open source software do you? you're costing illegal software monopolies money with every line code. Don't think you've escaped our notice.

    Oh, and let's include mindless trolls who write idiot stories for major newspapers, and the brain damaged editors who dignify such claptrap by printing it. Let's off them as well. I can't think of a good reason why, but in amidst all this bloodshed, who the hell's going to notice?

    +++ SARCASM OFF

  • Great Idea! (Score:3, Interesting)

    by Irvu (248207) on Tuesday July 12, 2005 @12:06PM (#13043241)
    I'll begin spelling out the sentencing issue then get onto the humour.

    Extrme Punishment
    Really, I'm not kidding this is a first-class idea. After all extending sentences to the point of life has worked so well for us in the War on Drugs! Really, you may think I'm being sarcastic but I'm not.

    Over the years we have steadily increased the minimum punishments available for certain crimes on the general assumption that more fear for the criminals is better. This has reached an extreme in places like California whose 3-strikes law mandates that all triple felons (tax cheats and teenagers using the wacky weed included) go to jail For Life.

    This benevolent program has blessed the state with a large and growing prison population that can make things like license plates, or just sit around and be a drain on the economy when they are no threat to anyone. It has also given California a large commercial prison system which cost the state untold dollars, and employs many fine and underpaid guards as well as passing large amounts of money off to contractors to build ever more large and dangerous prisons.

    At present the state has found that by diverting at least drug addicts into treatment rather than the 3-strikes system they save as much as $300,000 per.

    Moreover, despite ever-tougher sentencing there is no proof, in California, New York or anywhere else that these sentences have acted to reduce crime in any meaningful sense. One could argue that people should be afraid of the law and I will grant you that people are but there is no evidence that I have seen which proves (in a meaningful sense) that this changes the actions of criminals in any overall sense. Crime existed before, and it still exists.

    As to the death penalty, despite normative arguments to the contrary there is no hard evidence that it has deterred even one criminal. States that use it have as much or more crime than those that don't. Similarly, states that have abandonded it (Illinois) have seen no attendent growth in crime. One could argue that this is a fluke I suppose but one cannot argue that it is positive evidence for the penalty.

    At best the death penalty gives us a "Cathartic Release" as one author put it. But as Illinois' last governor noted that catharsis is not worth the lives of innocent people who are executed. And make no mistake, innocent people sometimes do get sent to jail.

    So yeah, in light of the staggering evidence that meting out unreasonable and excessive punishments does nothing to reduce crime but only costs us unreasonable amounts of money and, probably, gets in the way of real solutions to our problems, I think that we should dive headfirst onto that rock.

    Humour
    The real purpose of the column, I suspect, was not to advocate the death penalty (but you never know) I suspect that it was really his attempt to make humour out of the situation (smelly socks) and to complain that the Germans aren't punishing their crackers enough. This is, as I see it, basically a joke. The problem is that at the core of the joke is the idea that more extreme sentencing is needed.

    While the cathartic joy of knowing that the latest Sasser guy is sent to AOL's Helldesk for life is there that relly won't help anyone but AOL.

    Personally I favor the idea of community service (perhaps more than 30 hours perhaps not). I want to see someone who causes such destruction help others in a meaningful way. I want to see them giving free computer classes to children in public schools, or helping libraries to setup their systems (under supervision) or help build something of value.

    The bottom line is that there are two ways to think about crime and punishment. The first is to seek catharsis, to salve the basic desires for vengance or some public demonstration of retribution. This view favors things like the death penalty and lends itself to the state of affairs we have now, ever increasing prison terms, ever increasing pri
  • by iwadasn (742362) on Tuesday July 12, 2005 @12:18PM (#13043394)

    Here's the problem. Design a system that is completely succeptable to malicious people, and be shocked when somewhere, among the 6 billion people out there, one is malicious. Here are your two solutions....

    1) Make the system less succeptable to the darker aspects of human nature.

    2) Just take out your fury on the guy who installed seti at home on a work computer.

    In the physical world, this argument doesn't even pass the laugh test. Lets say there's a military base, but it has no fence around it. When children wander in and screw with things (perhaps causing serious damage), they are shot. That's hardly a solution. Put up a fence so some five year old doesn't wander in and drive a tank on the freeway, then maybe talk about giving more severe punishments to organized and competent attackers.

    Here's another example. At Columbia a few years ago, an elevator in one of the dorms plunged several floors, though fortunately nobody was hurt. They had to repair the elevator. Let's assume that the cost of this came out to $100,000. Columbia blamed the students for jumping up and down in the elevator, nobody knows if those claims are true. In the end, it doesn't matter. An elevator is a moving piece of floor, if jumping on a piece of floor endangers you and causes damage to the building, it's the designer's fault, not yours. If you try to steal $100,000 from a liquor store you'd be shot, should you be shot for jumping in an elevator? No, because reasonable precautions would have prevented that. Save severe punishments for serious malicious attacks that threaten human life and for which there is very little that can be done. If you can build a fence, or a decent elevator, then just start with that, and worry about your bloodthirst later.

  • by karlandtanya (601084) on Tuesday July 12, 2005 @01:01PM (#13043957)
    There are at least two schools of thought on this:

    The authoritarian view is that the law is absolute. No infraction is acceptable and the importance of the law always trumps the importance of the individual.

    In this case, the concept of an "unjust law" is meaningless. If the law says I can cause you harm, then I can do it. If the law requires you do something that is harmful or evil to you, then you must do it. If you disobey or complain, it's you, not the law who are wrong. The law is never wrong.

    In the context of this particular discussion, collective punishment becomes significant. The idea is that some particular group of people, as a whole, is perceived to be bad for society. (again, avoiding the oh so tempting inflammatory examples!). When an individual member of that class is caught breaking the law, they are held accountable for the perceived harm caused by the entire class.

    The absolutist view appeals to our sense of righteousness. Holding one idea and never under any circumstances questioning that idea gives us a sense of surety. (there's a word for that; can you name it?).The promise is that with perfect compliance we will have peace and safety. Give us, your leaders absoulte powers and provide those who we will point out for you these extreme penalties and we promise you safety, security, peace, and quiet.

    What is delivered, however, is never perfect compliance. So we feel moral outrage. We were lied to! We know what's right, and it's the law. So, it must be the violator who is wrong. Obedience is an absolute.

    The penalty for disobedience becomes retribution, not justice. The motive for this penalty is moral outrage, not concern for society. In this context, the harshest possible penalty is perfectly reasonable. And, as morally outraged people, we dissociate ourselves from the person we penalize. They are not like us. We can do anything we like to them. Our judgement will never be applied similarly to us because they are wrong and we are right.

    The pragmatic view is that society can tolerate a certain amount of non-compliance from its individuals.

    This non-compliance, beyond being simply tolerated, is valued and honored with terms like "civil disobedience" and "conscientious objection". When the law is no longer absolute, the term "unjust law" has meaning.

    The idea here is that a violation of the law is a discrepancy between the perpetrator and the law. Maybe the perpetrator is wrong. Maybe the law is wrong.

    Here, the justification for any penalty is the good of society. Do we punish this person for what he did? For what he might have done? For what he might do in the future? These are decisions that we have to make now--judgements, not application of an absolute forumla.

    When we make these judgements, we must also realize that the person we are judging could be one of us. That person is, actually, one of us. The disobedient member of society is no longer a moral outcast, and that means that whatever penalty we pass on him could be applied to us. Maybe we do choose to penalize the individual. Maybe he has harmed us. But it's not quite so easy to dismiss our frustration by beating up on a guilty person.

    This mindset considerably devalues obedience for the sake of obedience. In this view, law provides that if a violator causes harm he is punished. But, typically, if the harm is less significant, even if the law has been broken, the penalty is similarly light.

    The cost to individual freedom is taken into account when laws are written. It is possible for the lawmaker to say "it costs more of our individual freedom than the value we get by controlling this behaviour." The law then provides some incentive for obedience, but disobedience is expected and largely tolerated.

    The cost of this view is that the individuals, being placed

  • by Simonetta (207550) on Tuesday July 12, 2005 @01:22PM (#13044202)
    Over harsh punishment for computer crimes is a bad idea.

    1) It's too easy to make someone else look guilty. If you like the girlfriend of the guy in the next cubicle, buy a virus from your local friendly illegal substances dealer and make it appear that it was originated by the guy in the next cubicle. Then offer your most 'deepest' condolences to his newly-available girlfriend.

    2) The hackers/virus specialists aren't the cause of the problem. The problem is poorly designed and written operating systems. Killing people who develop applications for the OS isn't going to help fix the OS.

    3) The courts can't differenciate those who develop rogue code for 'national security' regardless of the nation from those who write it for amusement or corporate interests.

    The best way to deal with virus writers is to make them liable to civil lawsuits for the damage that they cause. Straightforward tort law. Any 17-year-old hacker who realizes that he is going to have to write database front-ends in Visual Basic for the next thirty years to pay off the damage his cool virus has done will reconsider releasing it.

    Also remind business leaders that using proprietary operating systems exposes them to underground attack because there isn't an open feedback loop where thousands of qualified people are constantly examining the OS source for flaws.
  • Junk Columnist (Score:5, Interesting)

    by Corydon76 (46817) on Tuesday July 12, 2005 @01:31PM (#13044295) Homepage
    Everybody (and Slashdot) just got played. This is par for the course for John Tierney. He lives to make really stupid suggestions in his columns, just to get people to respond. It's his own way of feeling important in the world. If enough people ignore his garbage columns, he will eventually go away.

    For more perspective on this, and to see some of the subjects of his past columns, see here. [prospect.org]

  • Perspective (Score:3, Interesting)

    by TechnoGrl (322690) on Tuesday July 12, 2005 @03:04PM (#13045353)
    Deterring a mere one-fifth of 1 percent of those crimes - one in 500 hackers - would save society $100 million.
    You want to save society some money?

    In 2000 Micro$oft paid ZERO Federal taxes.
    For the last FIVE years before Enron becoame defunct it also paid ZERO Federal taxes.
    Boeing corporation, in 2003 paid ZERO federal taxes as well.

    That's right - YOU paid more federal tax a few years ago then fricking M$, Boeing or Enron.

    You want to save society some cash?

    How about we start knocking off a few corporate monopolists before we start on the script kiddies?

  • Utopia. (Score:3, Insightful)

    by Amiasian (157604) on Tuesday July 12, 2005 @03:11PM (#13045437)
    I remember reading Moore's Utopia a while ago, and one of the more interesting ideas in it went something like this:

    If all crimes, regardless of severity, were punished equally, there would be no incentive not to commit more serious crimes.

    In other words, if a "hacker" knows the death penalty is the consequence, what's to stop them from using deadly force in their defense? Murder usually equals the death sentence, and since death is already a given for being a hacker, there is no loss for choosing to kill.

    For getting a reaction, I commend the author. I commend them in the same way I'd commend John C. Dvorak. Well done, good troll, but your opinion is ultimately moronic.
  • by maxpublic (450413) on Tuesday July 12, 2005 @04:26PM (#13046657) Homepage
    Sounds to me like this asshole properly failed to secure his computer, got hit with a virus, and now wants to go on a government-sanctioned killing rampage against everyone he believes is the source of his irritation.

    Hey, if we aren't going to dick around why not just make ALL 'serious' crimes punishable by death? And while we're at it, let's harvest the organs of these evil lawbreakers and use them to save the lives of countless upright citizens! I think Niven had something to say about that....

    Max

...when fits of creativity run strong, more than one programmer or writer has been known to abandon the desktop for the more spacious floor. - Fred Brooks, Jr.

Working...