“A college computer technician who offered his school’s unused computer processing power for an encryption research project will be tried next month in Georgia for computer theft and trespassing charges that carry a potential total of 120 years in jail.” Read the unusual story at TheRegister, where this technician is facing jail because he installed the Distributed.NET client on some (mostly) idle computers. The authorities are charging him with “hacking” even if they realize that no hack took place. Our Take: When I left my pre-previous job, I left the distributed.NET client running on the Dell dual PII-450 PC I used to work with…
The Crime of the Distributed.NET Computing
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
But i do disable clients when I leave some place where has a consultant I do some work …
Unless the college authorities can prove, beyond any shadow of a doubt that the “lost” computer cycles did indeed deprive the college of valuable resources, this case is silly beyond belief.
This case IS silly BEYOND any reasonable BELIEF!!! Whether or NOT there were “computer cycles” lost.
What the hell are they smoking, down there in Georgia????
was supported in the acedemic realm. I though it was a means to do research on encryption, or at least a tool used by those working in that field.
also, all he did was install software, the most he could be liable for is loss of job, especialy if there was a stipulation in the computer handbook at that school or in his contract that did not allow the installation of software.
how is this any diffrent than installing AIM? both communicate out onto the net. Doesn’t Hacking only count when he
A)gained access to a system that he had no authority to access
B)knowingly caused damage to a computer system
C)steel information from a computer system
if that is the case, he will get off because installing D.Net does none of these, unless it was on a computer that he was not allowed to access.
I do think it’s stupid, but allow me to play devil’s advocate for a moment.
A)gained access to a system that he had no authority to access
As a technician, he had access to a variety of systems. However, that access was restricted to legitimate, sanctioned uses of those systems. He never asked his boss if it was OK to install it… Just because you can log in to a system doesn’t mean you can or should do anything you want with it.
B)knowingly caused damage to a computer system
While it probably didn’t damage the computer system – it did do the following:
Used more bandwidth. People generally pay for bandwidth outside of the halls of academia, so that can be construed as “damages”. It might also have caused the computers to stay on longer than normal, consuming more electricity.
C)steel information from a computer system
Steel (aka Steal) information? I doubt that distributed.net could be used to steal information, but it could be used (assuming someone hacked dist.net) to find out a lot about your organizations computing resources. That might not be information you want to be public.
if that is the case, he will get off because installing D.Net does none of these, unless it was on a computer that he was not allowed to access.
your points that you raise amount to nothing more than violating the company policies on how to handle the computer systems.
1)if installing a piece of software on a system that you had privleges to do so were gaining illegal access to the computer every person who puts solitare on thier PC is a hacker.
2)if costing a company money was a crime then I am sure anyone who plays the solitair or goes on the internet to down load solitair or takes 1 to many smoke breaks/ is late to work/ is late from lunch/ goes home early would be a hacker.
3)if unknowingly allowing a hacker to gain access to information on the company’s computer resources is hacking then anyone who clicks on a trojan horse can be considered a hacker.
do you think that any of those should be applied how they are?
the fact is, he had the privleges to do what he did<super>1</super>, he waisted money<super>2</super>, and he placed software on the system<super>1</super> that may or may not have unknowingly given a hacker access to information on the computer network<super>3</super>. he should have been fired, not prosecuted.
What I have read on this tells me:
1. He was the legitimate system administrator paid to administer the machines he installed distributed.net on.
2. He was told not to do it anymore.
3. He did it anyway.
4. He was fired/expelled.
5. Later he was sued under this vague, overreaching, harsh sorry excuse for a law.
It sounds like he shouldn’t have installed it after being told not to, but because he was the genuine administrator who had been granted access all they
should legally be able to do is fire him and expell him. Unless he did this
more after being fired/expelled this is a stupid lawsuit.
The liability lies with the company not the individual.
Can it be proved that this kid new it was against company policy?
Does the company have a policy that states such rules of use, did the kid see and sign it?
Until then it’s just another inane money grabbing lawyer fest.