[Dshield] South Carolina, Computer Crime, Bell South, and Related Frustrations (I'm as mad as Hell, and I'm not going to take this anymore!)

Ed Truitt ed.truitt at etee2k.net
Fri Aug 23 23:36:16 GMT 2002


<B>UNOFFICIAL</B> S.C. Code of Laws Title 16 Chapter 16 -- Computer Crime
Act - As Ammended by 2002 Legislative Session <B>UNOFFICIAL</B>I don't know
about you, but this scares the hell out of me!

I Am Not A Lawyer, but the way I read this (as a layman) it says that if
someone nails my system with Nimda one night, and before I can get to it the
next morning it hits a class C network hosted in SC and scans it 10 times, I
could be prosecuted for over a half-MILLION felony counts!  And, at $200 per
offense, the total fine would be up around $130 MILLION dollars!  Make that
a class B network, and the fine is larger than the federal budget deficit
for this FY (on the order of 335 BILLION dollars!)

And, if some DA wanted to get particularly anal, if the packets travelled
through a ROUTER in SC, could they not classify the router as "anything used
to commit the crime" (specifically, as an "accessory" to the crime)?

Once again, our lawmakers manage to take a good concept and screw up the
execution, big time.

If you don't mind, I have got to research all the SC-based IP addresses, and
update my router DENY lists... ;-)

Cheers,
Ed Truitt
PGP fingerprint:  5368 D25E 468C A250 9833  CCD6 DBAE 9C25 02F9 0AB9
http://www.etee2k.net
http://www.bsatroop148.org

"Note to spammers:  my 'delete' key is connected to YOUR ISP.
 Also, if you send me UCE, I reserve the right to post your spew
on my Web site, with the appropriate color commentary, so that
others may have a good laugh at your expense."


----- Original Message -----
From: Jon R. Kibler
To: list at dshield.org
Sent: Friday, August 23, 2002 10:18 AM
Subject: [Dshield] South Carolina, Computer Crime, Bell South, and Related
Frustrations (I'm as mad as Hell, and I'm not going to take this anymore!)

[SNIP]

The law has some significant changes that I believe have the potential to
make it easier to prosecute hackers and pressure ISPs. Some of the changes I
like most are:
   o  Just about any device containing a microprocessor is now considered a
'computer' and subject to the offenses covered under this law.
   o  Any attempt to commit an offense under this law is equivalent to the
successful commission of the offense.
   o  The venue of the law is such that a crime is defined to have occurred
in the State of South Carolina if the person committing the crime, anything
used to commit the crime, or the target of the crime is in South Carolina.
   o  Each and every attempted or actual act is considered a separate
violation of the law, AND each computer and/or network affected by the
violation of the law constitutes a separate violation.
   o  The changes also make illegal unauthorized port scans and related
probes to obtain "information about a computer, computer system, or computer
network not necessary for the normal and lawful operation of the computer
initiating the access."
   o  The law also explicitly criminalizes using MTAs to send mail to
parties other than the authorized users of that computer or computer network
(i.e., use of open relays to send SPAM), using open proxies to access other
systems, and other similar hacks.
   o  The law makes the unauthorized installation of a root-kit, the
intentional contamination of a system with a virus or worm, the introduction
of a Trojan Horse, or taking unauthorized control of a system a felony.

Again, I have attached an unofficial copy of this new law for your
perusal... these are just some of my favorite highlights.


[SNIP]




More information about the list mailing list