Internet security: hacking, counterhacking

Is publishing malicious code protected by moral rights to free speech? Is it morally permissible for the government or individuals to actively conceal e-content? Internet Security: Hacking, Counterhacking, and Society is a valuable addition to the library of anyone concerned with the growing number of Internet security issues and intrusions facing society today. Get A Copy. Paperback , pages.

More Details Original Title. Other Editions 1. Friend Reviews. To see what your friends thought of this book, please sign up. To ask other readers questions about Internet Security , please sign up. Lists with This Book. This book is not yet featured on Listopia. Add this book to your favorite list ».

Community Reviews. Showing Average rating 4. Rating details. All Languages. More filters. Sort order. Tiffany rated it it was amazing May 25, Steve Shirkey rated it really liked it Feb 25, Tapiwa SHumba rated it it was amazing Nov 16, Taohidul Hassan marked it as to-read May 03, Chris marked it as to-read Feb 02, Vijay Veeraraghavan added it Oct 01, Anurag Reddy marked it as to-read Mar 06, Teajan Jallow marked it as to-read May 28, Sanjay Ram marked it as to-read Mar 08, Jerome Lee marked it as to-read Dec 09, Gort marked it as to-read Dec 24, Taswa marked it as to-read May 05, Jimmy Joe Jackson marked it as to-read Apr 29, Computer hackers.

Himma, Kenneth Einar. I57I Introduction iii Introduction From North America to South America to Asia, computer-related mis- conduct is posing an ever-growing problem in the public and the private sectors for several reasons.

First, nearly every nation, industrial and devel- oping, is becoming increasingly reliant on new digital information tech- nologies to perform legitimate commercial and governmental functions. While these new information technologies have impacted social well- being in a variety of beneficial ways, they have also exposed a number of important interests to possible intrusion or attack.

For example, a rea- sonably sophisticated distributed denial of service attack can take a com- mercial Web site down for hours, potentially resulting in the loss of revenue, value to shareholders, and, ultimately, jobs that may be spread across the globe.

The effects on the global economy are potentially sig- nificant. Second, the frequency of digital attacks and intrusions directed at pri- vate commercial interests has been steadily increasing over the years as the number of people with the appropriate motivations and technical skills continues to grow. Compounding the problem is the increasing availability on the Web of easy-to-use hacker tools that can be used by com- paratively unskilled users — so-called script kiddies — to stage malicious attacks and intrusions against private networks.

These tools are available to anyone, anywhere in the world, who has access to the Internet. Third, at this point in time, not a single nation has adequate law- enforcement resources to pursue investigations into the vast majority of computer intrusions involving that nation.

But even in those occasions where a nation has sufficient resources to warrant intervention, the response is likely to come long after the damage is done. It is uncontro- versial that law enforcement agencies have not been able to keep pace with the rapidly growing problems posed by digital attackers. Hackers believe that, at the very least, non-malicious intrusions are morally permissible and have offered a number of arguments purporting to justify such intrusions. This, therefore, promotes the development of technologies that will ultimately help make the Internet more secure.

Recently, a number of writers have begun to suggest that attacks on gov- ernment and corporate sites might be justified as a form of political activism. On this influential line of analysis, acts that are otherwise eth- ically impermissible or unlawful might be morally and legally acceptable if motivated by a political concern to protest unjust laws or institutions.

Active defense measures exhibit varying levels of force. Some active defense meas- ures are, however, intended simply to gather intelligence about the attack and are significantly less aggressive in character. One increasingly com- mon active defense measure involves an attempt to follow an attack path in reverse through intermediate networks and systems in order to iden- tify the parties ultimately culpable for that attack. While there are more benign, cooperative tactics for tracing the path of an attack, these more invasive traceback technologies follow attack paths by entering into machines and networks involved in the attack.

Introduction v Many individuals have come to believe that private persons and firms have a right to protect themselves against hacker attacks because 1 such attacks are, contrary to the arguments of hackers, unjustified and 2 law enforcement is currently unable to protect them.

For example,Tim Mullen argues that the right to self-defense implies a right on the part of firms to adopt even aggressive active defense in response to a digital attack: I propose that we have the right to defend our systems from attack.

I am not talking about some vigilante strike upon script kiddies at the drop of a packet. I am not talking about a rampant anti-worm. I am talking about neutraliz- ing an attacking machine in singularity when it is clearly and definitively infected with a worm that will continue to attack every box it can find until stopped.

Whereas a person need not perform any affirmative acts to be victimized by a hacker attack, he or she must perform some sort of act, such as open- ing an email attachment, to be victimized by a virus or a worm.

Further, some commentators argue that benevolent e-organ- isms, those designed to install a helpful fix or patch of some kind, are morally justified. There are, of course, other important Internet security issues that arise directly from unwanted computer intrusions. These intrusions, for exam- ple, are becoming increasingly common in the growing world of on-line gaming, which poses a host of security risks—some more important and some less important. Gamers, in every nation, are unfortunately vulnerable.

Still other important security problems are indirectly related to unwant- ed computer intrusions. For example, one concern pertains to the grow- ing number of Web sites all over the world that are devoted to discussing code contrived to facilitate the commission of such intrusions. Other problems arise in connection with certain technologies that have been developed to protect persons from these various intrusions—tech- nologies that raise a host of ethical questions themselves.

There are many technologies, such as encryption and steganography, that enable a person to conceal the content of certain messages from potential hackers and crack- ers. These technologies, however, can also be used in ways that have social costs, raising the issue of whether, and to what extent, they may permissi- bly be used. In any event, the problems associated with unwanted computer intru- sions are of significant interest to ethicists and policymakers because they implicate a variety of morally significant considerations across the globe.

Digital attacks, for example, not only affect the financial and pri- vacy interests of victims, they can also affect other important interests. At best, a digital intrusion forces its immediate victim to shift resources from more productive uses to less productive security uses, costs that are passed on to consumers in the form of higher prices. At worst, a coordi- nated digital attack that takes key commercial firms offline for significant periods can result in millions of dollars in lost revenue and employment.