Электронная библиотека
Библиотека .орг.уа
Поиск по сайту
Фантастика. Фэнтези
   Зарубежная фантастика
      Bruce Sterling. The hacker crackdown -
Страницы: - 1  - 2  - 3  - 4  - 5  - 6  - 7  - 8  - 9  - 10  - 11  - 12  - 13  - 14  - 15  - 16  -
17  - 18  - 19  - 20  - 21  - 22  - 23  - 24  - 25  - 26  - 27  - 28  - 29  - 30  - 31  - 32  - 33  -
34  - 35  -
take strong measures to avoid any publicity; this is especially true of banks, who fear a loss of investor confidence should an embezzlement-case or wire-fraud surface. And some victims are so helplessly confused by their own high technology that they never even realize that a crime has occurred -- even when they have been fleeced to the bone. The results of this situation can be dire. Criminals escape apprehension and punishment. The computer-crime units that do exist, can't get work. The true scope of computer-crime: its size, its real nature, the scope of its threats, and the legal remedies for it -- all remain obscured. Another problem is very little publicized, but it is a cause of genuine concern. Where there is persistent crime, but no effective police protection, then vigilantism can result. Telcos, banks, credit companies, the major corporations who maintain extensive computer networks vulnerable to hacking -- these organizations are powerful, wealthy, and politically influential. They are disinclined to be pushed around by crooks (or by most anyone else, for that matter). They often maintain well-organized private security forces, commonly run by experienced veterans of military and police units, who have left public service for the greener pastures of the private sector. For police, the corporate security manager can be a powerful ally; but if this gentleman finds no allies in the police, and the pressure is on from his board-of-directors, he may quietly take certain matters into his own hands. Nor is there any lack of disposable hired-help in the corporate security business. Private security agencies -- the 'security business' generally -- grew explosively in the 1980s. Today there are spooky gumshoed armies of "security consultants," "rent-a- cops," "private eyes," "outside experts" -- every manner of shady operator who retails in "results" and discretion. Or course, many of these gentlemen and ladies may be paragons of professional and moral rectitude. But as anyone who has read a hard-boiled detective novel knows, police tend to be less than fond of this sort of private-sector competition. Companies in search of computer-security have even been known to hire hackers. Police shudder at this prospect. Police treasure good relations with the business community. ъarely will you see a policeman so indiscreet as to allege publicly that some major employer in his state or city has succumbed to paranoia and gone off the rails. Nevertheless, police -- and computer police in particular -- are aware of this possibility. Computer-crime police can and do spend up to half of their business hours just doing public relations: seminars, "dog and pony shows," sometimes with parents' groups or computer users, but generally with their core audience: the likely victims of hacking crimes. These, of course, are telcos, credit card companies and large computer- equipped corporations. The police strongly urge these people, as good citizens, to report offenses and press criminal charges; they pass the message that there is someone in authority who cares, understands, and, best of all, will take useful action should a computer-crime occur. But reassuring talk is cheap. Sundevil offered action. The final message of Sundevil was intended for internal consumption by law enforcement. Sundevil was offered as proof that the community of American computer-crime police had come of age. Sundevil was proof that enormous things like Sundevil itself could now be accomplished. Sundevil was proof that the Secret Service and its local law-enforcement allies could act like a well- oiled machine -- (despite the hampering use of those scrambled phones). It was also proof that the Arizona Organized Crime and ъacketeering Unit -- the sparkplug of Sundevil -- ranked with the best in the world in ambition, organization, and sheer conceptual daring. And, as a final fillip, Sundevil was a message from the Secret Service to their longtime rivals in the Federal Bureau of Investigation. By Congressional fiat, both USSS and FBI formally share jurisdiction over federal computer-crimebusting activities. Neither of these groups has ever been remotely happy with this muddled situation. It seems to suggest that Congress cannot make up its mind as to which of these groups is better qualified. And there is scarcely a G-man or a Special Agent anywhere without a very firm opinion on that topic. # For the neophyte, one of the most puzzling aspects of the crackdown on hackers is why the United States Secret Service has anything at all to do with this matter. The Secret Service is best known for its primary public role: its agents protect the President of the United States. They also guard the President's family, the Vice President and his family, former Presidents, and Presidential candidates. They sometimes guard foreign dignitaries who are visiting the United States, especially foreign heads of state, and have been known to accompany American officials on diplomatic missions overseas. Special Agents of the Secret Service don't wear uniforms, but the Secret Service also has two uniformed police agencies. There's the former White House Police (now known as the Secret Service Uniformed Division, since they currently guard foreign embassies in Washington, as well as the White House itself). And there's the uniformed Treasury Police Force. The Secret Service has been charged by Congress with a number of little-known duties. They guard the precious metals in Treasury vaults. They guard the most valuable historical documents of the United States: originals of the Constitution, the Declaration of Independence, Lincoln's Second Inaugural Address, an American-owned copy of the Magna Carta, and so forth. Once they were assigned to guard the Mona Lisa, on her American tour in the 1960s. The entire Secret Service is a division of the Treasury Department. Secret Service Special Agents (there are about 1,900 of them) are bodyguards for the President et al, but they all work for the Treasury. And the Treasury (through its divisions of the U.S. Mint and the Bureau of Engraving and Printing) prints the nation's money. As Treasury police, the Secret Service guards the nation's currency; it is the only federal law enforcement agency with direct jurisdiction over counterfeiting and forgery. It analyzes documents for authenticity, and its fight against fake cash is still quite lively (especially since the skilled counterfeiters of Medellin, Columbia have gotten into the act). Government checks, bonds, and other obligations, which exist in untold millions and are worth untold billions, are common targets for forgery, which the Secret Service also battles. It even handles forgery of postage stamps. But cash is fading in importance today as money has become electronic. As necessity beckoned, the Secret Service moved from fighting the counterfeiting of paper currency and the forging of checks, to the protection of funds transferred by wire. From wire-fraud, it was a simple skip-and-jump to what is formally known as "access device fraud." Congress granted the Secret Service the authority to investigate "access device fraud" under Title 18 of the United States Code (U.S.C. Section 1029). The term "access device" seems intuitively simple. It's some kind of high-tech gizmo you use to get money with. It makes good sense to put this sort of thing in the charge of counterfeiting and wire- fraud experts. However, in Section 1029, the term "access device" is very generously defined. An access device is: "any card, plate, code, account number, or other means of account access that can be used, alone or in conjunction with another access device, to obtain money, goods, services, or any other thing of value, or that can be used to initiate a transfer of funds." "Access device" can therefore be construed to include credit cards themselves (a popular forgery item nowadays). It also includes credit card account *numbers,* those standards of the digital underground. The same goes for telephone charge cards (an increasingly popular item with telcos, who are tired of being robbed of pocket change by phone-booth thieves). And also telephone access *codes,* those *other* standards of the digital underground. (Stolen telephone codes may not "obtain money," but they certainly do obtain valuable "services," which is specifically forbidden by Section 1029.) We can now see that Section 1029 already pits the United States Secret Service directly against the digital underground, without any mention at all of the word "computer." Standard phreaking devices, like "blue boxes," used to steal phone service from old-fashioned mechanical switches, are unquestionably "counterfeit access devices." Thanks to Sec.1029, it is not only illegal to *use* counterfeit access devices, but it is even illegal to *build* them. "Producing," "designing" "duplicating" or "assembling" blue boxes are all federal crimes today, and if you do this, the Secret Service has been charged by Congress to come after you. Automatic Teller Machines, which replicated all over America during the 1980s, are definitely "access devices," too, and an attempt to tamper with their punch-in codes and plastic bank cards falls directly under Sec. 1029. Section 1029 is remarkably elastic. Suppose you find a computer password in somebody's trash. That password might be a "code" -- it's certainly a "means of account access." Now suppose you log on to a computer and copy some software for yourself. You've certainly obtained "service" (computer service) and a "thing of value" (the software). Suppose you tell a dozen friends about your swiped password, and let them use it, too. Now you're "trafficking in unauthorized access devices." And when the Prophet, a member of the Legion of Doom, passed a stolen telephone company document to Knight Lightning at *Phrack* magazine, they were both charged under Sec. 1029! There are two limitations on Section 1029. First, the offense must "affect interstate or foreign commerce" in order to become a matter of federal jurisdiction. The term "affecting commerce" is not well defined; but you may take it as a given that the Secret Service can take an interest if you've done most anything that happens to cross a state line. State and local police can be touchy about their jurisdictions, and can sometimes be mulish when the feds show up. But when it comes to computer- crime, the local police are pathetically grateful for federal help -- in fact they complain that they can't get enough of it. If you're stealing long-distance service, you're almost certainly crossing state lines, and you're definitely "affecting the interstate commerce" of the telcos. And if you're abusing credit cards by ordering stuff out of glossy catalogs from, say, Vermont, you're in for it. The second limitation is money. As a rule, the feds don't pursue penny-ante offenders. Federal judges will dismiss cases that appear to waste their time. Federal crimes must be serious; Section 1029 specifies a minimum loss of a thousand dollars. We now come to the very next section of Title 18, which is Section 1030, "Fraud and related activity in connection with computers." This statute gives the Secret Service direct jurisdiction over acts of computer intrusion. On the face of it, the Secret Service would now seem to command the field. Section 1030, however, is nowhere near so ductile as Section 1029. The first annoyance is Section 1030(d), which reads: "(d) The United States Secret Service shall, *in addition to any other agency having such authority,* have the authority to investigate offenses under this section. Such authority of the United States Secret Service shall be exercised in accordance with an agreement which shall be entered into by the Secretary of the Treasury *and the Attorney General.*" (Author's italics.) The Secretary of the Treasury is the titular head of the Secret Service, while the Attorney General is in charge of the FBI. In Section (d), Congress shrugged off responsibility for the computer-crime turf-battle between the Service and the Bureau, and made them fight it out all by themselves. The result was a rather dire one for the Secret Service, for the FBI ended up with exclusive jurisdiction over computer break-ins having to do with national security, foreign espionage, federally insured banks, and U.S. military bases, while retaining joint jurisdiction over all the other computer intrusions. Essentially, when it comes to Section 1030, the FBI not only gets the real glamor stuff for itself, but can peer over the shoulder of the Secret Service and barge in to meddle whenever it suits them. The second problem has to do with the dicey term "Federal interest computer." Section 1030(a)(2) makes it illegal to "access a computer without authorization" if that computer belongs to a financial institution or an issuer of credit cards (fraud cases, in other words). Congress was quite willing to give the Secret Service jurisdiction over money-transferring computers, but Congress balked at letting them investigate any and all computer intrusions. Instead, the USSS had to settle for the money machines and the "Federal interest computers." A "Federal interest computer" is a computer which the government itself owns, or is using. Large networks of interstate computers, linked over state lines, are also considered to be of "Federal interest." (This notion of "Federal interest" is legally rather foggy and has never been clearly defined in the courts. The Secret Service has never yet had its hand slapped for investigating computer break-ins that were *not* of "Federal interest," but conceivably someday this might happen.) So the Secret Service's authority over "unauthorized access" to computers covers a lot of territory, but by no means the whole ball of cyberspatial wax. If you are, for instance, a *local* computer retailer, or the owner of a *local* bulletin board system, then a malicious *local* intruder can break in, crash your system, trash your files and scatter viruses, and the U.S. Secret Service cannot do a single thing about it. At least, it can't do anything *directly.* But the Secret Service will do plenty to help the local people who can. The FBI may have dealt itself an ace off the bottom of the deck when it comes to Section 1030; but that's not the whole story; that's not the street. What's Congress thinks is one thing, and Congress has been known to change its mind. The *real* turf- struggle is out there in the streets where it's happening. If you're a local street-cop with a computer problem, the Secret Service wants you to know where you can find the real expertise. While the Bureau crowd are off having their favorite shoes polished -- (wing-tips) -- and making derisive fun of the Service's favorite shoes -- ("pansy-ass tassels") -- the tassel-toting Secret Service has a crew of ready- and-able hacker-trackers installed in the capital of every state in the Union. Need advice? They'll give you advice, or at least point you in the right direction. Need training? They can see to that, too. If you're a local cop and you call in the FBI, the FBI (as is widely and slanderously rumored) will order you around like a coolie, take all the credit for your busts, and mop up every possible scrap of reflected glory. The Secret Service, on the other hand, doesn't brag a lot. They're the quiet types. *Very* quiet. Very cool. Efficient. High-tech. Mirrorshades, icy stares, radio ear-plugs, an Uzi machine-pistol tucked somewhere in that well-cut jacket. American samurai, sworn to give their lives to protect our President. "The granite agents." Trained in martial arts, absolutely fearless. Every single one of 'em has a top-secret security clearance. Something goes a little wrong, you're not gonna hear any whining and moaning and political buck- passing out of these guys. The facade of the granite agent is not, of course, the reality. Secret Service agents are human beings. And the real glory in Service work is not in battling computer crime -- not yet, anyway -- but in protecting the President. The real glamour of Secret Service work is in the White House Detail. If you're at the President's side, then the kids and the wife see you on television; you rub shoulders with the most powerful people in the world. That's the real heart of Service work, the number one priority. More than one computer investigation has stopped dead in the water when Service agents vanished at the President's need. There's romance in the work of the Service. The intimate access to circles of great power; the esprit- de-corps of a highly trained and disciplined elite; the high responsibility of defending the Chief Executive; the fulfillment of a patriotic duty. And as police work goes, the pay's not bad. But there's squalor in Service work, too. You may get spat upon by protesters howling abuse -- and if they get violent, if they get too close, sometimes you have to knock one of them down -- discreetly. The real squalor in Service work is drudgery such as "the quarterlies," traipsing out four times a year, year in, year out, to interview the various pathetic wretches, many of them in prisons and asylums, who have seen fit to threaten the President's life. And then there's the grinding stress of searching all those faces in the endless bustling crowds, looking for hatred, looking for psychosis, looking for the tight, nervous face of an Arthur Bremer, a Squeaky Fromme, a Lee Harvey Oswald. It's watching all those grasping, waving hands for sudden movements, while your ears strain at your radio headphone for the long-rehearsed cry of "Gun!" It's poring, in grinding detail, over the biographies of every rotten loser who ever shot at a President. It's the unsung work of the Protective ъesearch Section, who study scrawled, anonymous death threats with all the meticulous tools of anti- forgery techniques. And it's maintaining the hefty computerized files on anyone who ever threatened the President's life. Civil libertarians have become increasingly concerned at the Government's use of computer files to track American citizens -- but the Secret Service file of potential Presidential assassins, which has upward of twenty thousand names, rarely causes a peep of protest. If you *ever* state that you intend to kill the President, the Secret Service will want to know and record who you are, where you are, what you are, and what you're up to. If you're a serious threat -- if you're officially considered "of protective interest" -- then the Secret Service may well keep tabs on you for the rest of your natural life. Protecting the President has first call on all the Service's resources. But there's a lot more to the Service's traditions and history than standing guard outside the Oval Office. The Secret Service is the nation's oldest general federal law-enforcement agency. Compared to the Secret Service, the FBI are new-hires and the CIA are temps. The Secret Service was founded 'way back in 1865, at the suggestion of Hugh McCulloch, Abraham L

Страницы: 1  - 2  - 3  - 4  - 5  - 6  - 7  - 8  - 9  - 10  - 11  - 12  - 13  - 14  - 15  - 16  -
17  - 18  - 19  - 20  - 21  - 22  - 23  - 24  - 25  - 26  - 27  - 28  - 29  - 30  - 31  - 32  - 33  -
34  - 35  -

Все книги на данном сайте, являются собственностью его уважаемых авторов и предназначены исключительно для ознакомительных целей. Просматривая или скачивая книгу, Вы обязуетесь в течении суток удалить ее. Если вы желаете чтоб произведение было удалено пишите админитратору