[ Features Index | Silicon Valley | Metroactive Home | Archives ]

Work One More Terrorist By Annalee Newitz Now that the anti-terrorist USA Act has passed, I am officially a terrorist. Yes, it's true. If you check out various and sundry definitions of "terrorist" in this bill, you might be a terrorist too. If you have broken into and "damaged" any Internet-connected computer within the last eight years, you are now deemed a terrorist. That means if you have ever been the sort of hacktivist who protests political websites by defacing them, or replacing their site's homepage with one full of dissenting information, your crime will be deemed terrorism and punished accordingly. Suddenly, stories about what I call Robin Hood hacks--cyber-crimes whose aim is not destruction, but to encourage techs to make their software more secure--are being perverted by government rhetoric into something evil and strange. A few weeks ago, a Robin Hood hacker changed some words in a Yahoo News story to demonstrate the security flaws in Yahoo's content management system. This hacker's point was not to "damage" anything, since obviously she or he could have done much worse than alter a quote from Ashcroft. All he or she wanted was for Yahoo to use better software, software that would protect the company and users alike. But now, this Robin Hood's crime--a crime that would normally lead to more protection for the defenseless--would be defined as terrorism according to the USA Act. And what about the person who hacked a hotlink in a C|Net news story, redirecting unwary readers who clicked on it to a picture of an extremely distended anus? Obviously a terrorist too. You are a terrorist even if you have (knowingly or unknowingly) harbored terrorists, so that makes me an über-terrorist no doubt. "Cyberterrorism," a new term that the government has invented to stigmatize people who were once just hackers, is defined as computer crimes which result in damage "aggregating at least $5,000 in value." I wonder if breaking copyright protection on a $20 game, then distributing it to several thousand of your good friends on a file-sharing system, constitutes cyberterrorism? After all, you've probably "damaged" some game company's sales to the tune of $5,000. To aid in the detection of dreaded cyberterrorists and other unsavory persons--especially ones involved in anti-globalization activism--the USA Act will allow the Feds (without judicial oversight) to use the Carnivore electronic surveillance system to read your email and figure out which sites you've visited on the web. Here's the truly creepy part: if law enforcement suspects just one person using your ISP is a terrorist, they can install Carnivore, which allows them to intercept mail from every single person using your ISP's servers. Feds are regulated only by the honor system. They promise not to read your mail if you're not a suspect, even though they can. And if you're a suspect, they also promise not to read the content of your email, only the "to" and "from" fields. That's reassuring. Frankly, I'd rather have the person who hacked Yahoo monitoring my mail. Given the USA Act's resounding success, the House has already started drafting another exciting anti-terrorism bill, this time to combat bioterrorism. It's called the "Bioterrorism Protection Act," and if passed, it would allocate $13.5 million to "biometric techniques to identify suicide biological bombs." These "bombs" are actually people who would (hypothetically) infect themselves with contagious diseases and try to cross the U.S. border to infect the population with whatever oogie virus they've managed to concoct. What hasn't been mentioned in discussion of this legislation is that border officials could use it as an excuse to accuse immigrants with infectious diseases of attempted bioterrorism. What freaks me out the most is that the tech community, despite its left-libertarian leanings, hasn't really responded to the USA Act or the Bioterrorism Act with any kind of coherent protest. Instead, we have Larry Ellison, CEO of Oracle, promising to use his cash to back the creation of national ID cards. You know, just a little high-tech gizmo to keep track of your movements when you aren't online. Where are the Robin Hoods, the Zorros, the People's Hackers? Why aren't high-tech citizens--and I don't mean civil rights lawyers, I mean coders, geeks, crypto experts, whatever the hell--getting their hands dirty and making some tools for us unprotected, innocent cybercitizens who are about to be electronically raped by our own government? It's time for the geeks to take matters into their own hands, and fight back the only way they know how: by being smarter. Surely, if we can defeat Microsoft's copyright encryption, we can defeat Carnivore. Annalee Newitz ([email protected]) is a surly media nerd who still believes in civil disobedience. [ Silicon Valley | Metroactive Central | Archives ]