Re: News: House votes life sentences for hackers (fwd)
On Fri, Nov 15, 2002 at 10:20:42PM -0800, Steve Schear wrote: At 11:59 PM 11/15/2002 -0500, Dave Emery wrote: And I am on record as advising some of the folks doing gnu-radio that in my personal opinion it was rather unlikely that a user programmable open source software radio would ever get FCC approval or be legally sold in the USA under current regulations on scanning radio receivers. No FCC approval should be required. GNURadio is not a RADIO but an extensible toolkit of signal processing software for building test instruments. Test instruments are essentially unregulated by the FCC. See for yourself by checking out the regulatory compliance section a spectrum analyzer or signal generator from HP or Tektronix. This probably will work as long as software is not sold with hardware as a complete integrated package and as long as neither is marketed as a scanning radio receiver or a kit to make one. But the FCC looks very dimly on attempts to market test equipment that is really an otherwise banned scanner and they have pushed a couple of such products off the market. There is very little doubt that the gnuradio package has lots of applicablity to test equipment use and to various kinds of measurement and calibration requirements in real radio systems as well as use in RD simulating and analyzing radio systems. And clearly hams can use it as they wish for ham projects. And perhaps someone will come up with a sufficiently closed and secured application to pass FCC muster for use in a real radio system sold to the general public - but likely that would have to be more or less a sealed box (like Linux in Tivo units) which could not be user altered or added to and might well have to include digital signatures or other mechanisms to ensure this. Of course I probably have an axe to grind here as a collector and user of test equipment and related professional electronics of various sorts - I'd sure as hell not like to see private ownership or purchase or sale of such licensed, regulated or even banned. And there already was one such attempt by the cellular industry to persuade the FCC to restrict private ownership of certain RF test equipment back in the late 90s which fortunately the ham community was able to persuade the FCC was foolish and would damage the ability of hams to serve the country in times of emergency. Had the FCC gone along with the cellular industry proposals, virtually all rf test equipment such as spectrum analyzers, modulation meters, service monitors, signal generators, network analyzers, protocol analyzers, microwave counters, test and measurement receivers and the like and perhaps even things like certain logic analyzers and scopes would have become controlled items that could only be bought or sold by communications carriers and companies making or servicing equipment for them or government and military agencies. Private sale oe ownership would have been banned, and might even have become a crime. As it was finally resolved, the FCC ruled that as long as test equipment was not marketed to the general public it could be bought, sold, used and possessed by members of the public - especially hams - without any restrictions on what an individual could buy or own. But in the NPRM the FCC made quite clear that if someone was trying to sell otherwise banned or unapproved electronics to the general public as test equipment they would take action. steve -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18
Re: News: House votes life sentences for hackers (fwd)
On Fri, Nov 15, 2002 at 12:11:35PM -0500, Declan McCullagh wrote: On Fri, Nov 15, 2002 at 10:09:37AM -0500, Tyler Durden wrote: Holy Shit! Does that mean that some 18-year-old script kiddie could get LIFE? Yes, that's what the law says. Has to be a malicious attack, etc. I linked to the text of the bill -- you may want to read the gory details for yourself. -Declan I might hasten to add that as I am sure Declan knows, this addition to the Homeland Defense Act also includes the CSEA provisions that turn hobby listening to certain easy to receive but off limit radio signals from an offense with a maximum penalty of a $500 fine to a federal felony with 5 years in prison as penalty. When this legislation is signed into law ANY violation of the radio listening bans in the ECPA will be a serious felony, no lesser penalty for the first offense or because the intercept was done out of curiosity or the desire to experiment with radio gear. And no lesser penalty because the offense was not for private financial gain or commercial advantage or in furtherance of a crime as the current law allows. What this means is that while one would have been hard pressed to do more than commit a federal offense with a $500 fine by purchasing a scanner or receiver from Radio Shack and tuning around just to see what one hears, one can now commit a serious felony by doing this extremely easily. The radio spectrum allocations in use at the moment are arcane and complex, and making sure that everything one listens to is legal requires a great deal more FCC and ECPA knowlage that most of the public possesses. An example of this is that the ECPA currently includes an obscure ban on listening to broadcast remote pickup signals used to relay audio back to the studio from remote sites like traffic helos. So tuning in the traffic helo feeds to find out about the traffic jam ahead will be technically a serious federal felony. And many of these signals are intermixed cheek to jowl with legal to listen to police and other public safety and business communications, so it is not that easy to be sure which is which. And certainly anyone reading my words here must realize that such draconian and essentially unenforcable laws will only be used in selective prosecutions to squash those the government doesn't approve of... they certainly won't increase communications privacy or security and may in fact decrease it if they allow the draconian penalties to be used as an excuse for not spending the money to implement secure and effective encryption of anything sensitive flowing over a radio link. -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18
Re: News: House votes life sentences for hackers (fwd)
On Fri, Nov 15, 2002 at 08:01:08PM -0800, Tim May wrote: And software-defined radios, which are now coming from at least two sources, will make this even easier. Indeed, trespassing into the Big Brother-owned frequencies will be even easier. We may even see SDRs outlawed from the outset as terrorist tools. (Inasmuch as tuning an SDR is nothing more than entering numbers, or running simple programs, we may also see coding as speech arguments resurrected. All for naught, though, as Camp Liberty in Guantanamo Bay has room for 12,000 more Thought Criminals.) Rumor has it that the ECPA hobby listening penalty increase in the CSEA was, surprisingly, not originated by the House Republicans burned by the intercept of the Newt call or by cellphone lobbyists tying to save money on encryption but by the Bush Justice Department. The DOJ is supposed to have asked for the added penalties as an addition to the original CSEA. This is an interesting turnabout from their attitude back in 1985 when the ECPA was being crafted when they described such restrictions as unenforcable and something they didn't want to deal with. Whilst hardly (understatement of the year) a Washington insider, I would speculate that perhaps someone in the DOJ has gotten concerned about recent white hat hacker projects like gru-radio and takes the potential threat from bright hackers with IQs 40-60 or more points over the scanner crowd far more seriously than some truck driver with a modified Radio Shack scanner. And I am on record as advising some of the folks doing gnu-radio that in my personal opinion it was rather unlikely that a user programmable open source software radio would ever get FCC approval or be legally sold in the USA under current regulations on scanning radio receivers. So I share Tim's assessment about the likelyhood of such being banned or tightly restricted, though it seems hard to see how they can be kept out of the hands of hams for use on ham bands (and more such ham projects appear every day). -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0 24 88 C3 18
Re: News: House votes life sentences for hackers (fwd)
At 11:59 PM 11/15/2002 -0500, Dave Emery wrote: On Fri, Nov 15, 2002 at 08:01:08PM -0800, Tim May wrote: Whilst hardly (understatement of the year) a Washington insider, I would speculate that perhaps someone in the DOJ has gotten concerned about recent white hat hacker projects like gru-radio and takes the potential threat from bright hackers with IQs 40-60 or more points over the scanner crowd far more seriously than some truck driver with a modified Radio Shack scanner. And I am on record as advising some of the folks doing gnu-radio that in my personal opinion it was rather unlikely that a user programmable open source software radio would ever get FCC approval or be legally sold in the USA under current regulations on scanning radio receivers. No FCC approval should be required. GNURadio is not a RADIO but an extensible toolkit of signal processing software for building test instruments. Test instruments are essentially unregulated by the FCC. See for yourself by checking out the regulatory compliance section a spectrum analyzer or signal generator from HP or Tektronix. steve
Re: News: House votes life sentences for hackers (fwd)
You only need to send it to the list, I'll get it ;) I don't really like getting private email from total strangers. For obvious reasons. -- We don't see things as they are, [EMAIL PROTECTED] we see them as we are. www.ssz.com [EMAIL PROTECTED] Anais Nin www.open-forge.org On Fri, 15 Nov 2002, Tyler Durden wrote: Holy Shit! Does that mean that some 18-year-old script kiddie could get LIFE? If this wasn't such an immense pile of stupidity, I'd get angry over the obvious invasions of privacy, etc... Having worked in many a company, I KNOW how most management systems work. Let's say there's something as simple as a DoS attack that could take down Company A. Programmer Joe Shmo recognizes this and tells his boss, who wants to cover his own ass and tells HIS boss about the problem. This boss will then think about the issue for 3 seconds, and reply well, hackers get life in prison now so no one will ever try it. Meanwhile, guys who don't care about getting life (Osama's posse, who probably won't even live in the US for this) will say: Shit these guys are stupid! We just found a way to take down the whole US economy with 20 lines of code! Send script kiddies away for life? How about sending the CTOs of publically traded companies away for life if something as simple as a DoS attack robs little old ladies of their retirement $? From: Jim Choate [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: News: House votes life sentences for hackers (fwd) Date: Fri, 15 Nov 2002 07:31:38 -0600 (CST) http://zdnet.com.com/2100-1105-965750.html -- We don't see things as they are, [EMAIL PROTECTED] we see them as we are. www.ssz.com [EMAIL PROTECTED] Anais Nin www.open-forge.org _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
Re: News: House votes life sentences for hackers (fwd)
Holy Shit! Does that mean that some 18-year-old script kiddie could get LIFE? If this wasn't such an immense pile of stupidity, I'd get angry over the obvious invasions of privacy, etc... Having worked in many a company, I KNOW how most management systems work. Let's say there's something as simple as a DoS attack that could take down Company A. Programmer Joe Shmo recognizes this and tells his boss, who wants to cover his own ass and tells HIS boss about the problem. This boss will then think about the issue for 3 seconds, and reply well, hackers get life in prison now so no one will ever try it. Meanwhile, guys who don't care about getting life (Osama's posse, who probably won't even live in the US for this) will say: Shit these guys are stupid! We just found a way to take down the whole US economy with 20 lines of code! Send script kiddies away for life? How about sending the CTOs of publically traded companies away for life if something as simple as a DoS attack robs little old ladies of their retirement $? From: Jim Choate [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: News: House votes life sentences for hackers (fwd) Date: Fri, 15 Nov 2002 07:31:38 -0600 (CST) http://zdnet.com.com/2100-1105-965750.html -- We don't see things as they are, [EMAIL PROTECTED] we see them as we are. www.ssz.com [EMAIL PROTECTED] Anais Nin www.open-forge.org _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
Re: News: House votes life sentences for hackers (fwd)
On Fri, Nov 15, 2002 at 10:09:37AM -0500, Tyler Durden wrote: Holy Shit! Does that mean that some 18-year-old script kiddie could get LIFE? Yes, that's what the law says. Has to be a malicious attack, etc. I linked to the text of the bill -- you may want to read the gory details for yourself. -Declan
