Hacked off: When the prison time doesn't fit the cyber crime

LulzSec, Windows 8, Margaret Thatcher, and Gollum also vie for attention in the latest love letters to Cringely -- so dig in

I write, you read and respond. Isn't that sort of give and take the reason God and Al Gore invented the InterPipes? Here's a sampling of the more interesting emails that flooded my inbox over the last month, covering such varied topics as hacking, cyber crime, justice, Donglegate, sexism, homophobia, Windows 8, deceased prime ministers, Facebook Home, and mythical beasts.

Pretty impressive range, don't you think?

[ Cash in on your IT stories! Send your IT tales to offtherecord@infoworld.com. If we publish it, we'll keep you anonymous and send you a $50 American Express gift cheque. | For a humorous take on the tech industry's shenanigans, subscribe to Robert X. Cringely's Notes from the Underground newsletter. | Get the latest insight on the tech news that matters from InfoWorld's Tech Watch blog. ]

Crimes and punishment
Let's start with some thoughts from reader T.M.B., who now sends me longish missives on a near-weekly basis. In posts like "Feds snag another 'hacker' while ignoring actual criminals" and "Think cyber crime laws are bad now? Wait till you see the latest proposals," T.M.B. feels I'm too soft on alleged hackers like Matthew Keys and Andrew "Weev" Auernheimer, as well as hacking groups like Lulzsec that sneer at authority and launch DDoS attacks on websites just for kicks:

I don't personally care about hacking the Pentagon. The Pentagon can take care of itself. But I do see two charges that I do care about: "constructing a botnet, making the botnet available for others." In other words, taking control of computers of people who haven't done anything to you and helping other criminals to do worse things. I think you'll see these as "minor" compared to the punishments they might face. But how do they see their crimes and the results of their crimes?...

If [LulzSec et al] don't think the penalties of justice are worth worrying about, who am I to disagree with their assessment? If they don't care, why do you? Trying to protect people from the consequences of their actions doesn't make sense, if they don't accept that the consequences are worth caring about.

I've never said hackers and their ilk shouldn't be punished, especially if they do actual damage; I've simply said the severity of the punishments often exceed the severity of the crimes, especially in the United States.

The LulzSec case in England is a good example. This group of four former Anons have entered guilty pleas for a wide range of offenses involving attacks on Sony Networks, HBGary Federal, Nintendo, and dozens of others, costing some of the companies millions of dollars to fix. The LulzSec clan are facing up to 10 years apiece and most likely will receive sentences of two to three years apiece. Another LulzSec hacker, Cody Krestinger, received a year in federal lockup followed by a year of home detention and a $600,000 fine.

Compare that to the 25 years Matt Keys is facing for giving the Anons the logins to the LA Times website. That is my point: Punishments for computer crimes are seriously out of whack. If hackers seem not to care (at least until they're in the docks before the judge), isn't that proof that these "tough on cyber crime" rules are not the deterrent lawmakers think them to be?

Civil disunion
In "Come back, civility, the Internet misses you," I wrote about the kerfuffle that erupted when a woman attending a technical conference tried to shame two guys sitting behind her who were making sexually tinged jokes by posting a photo of them on Twitter. The controversy went viral, and both the woman and one of the men ended up losing their jobs over it.

1 2 Page 1