Computer Crime: A Increasing Problem Essay, Research Paper

Computer Crime: A Increasing Problem

ABSTRACT

Computer crimes seem to be an increasing problem in today’s society. The main

aspect concerning these offenses is information gained or lost. As our

government tries to take control of the information that travels through the

digital world, and across networks such as the InterNet, they also seem to be

taking away certain rights and privileges that come with these technological

advancements.

These services open a whole new doorway to communications as we know it. They

offer freedom of expression, and at the same time, freedom of privacy in the

highest possible form. Can the government reduce computer crimes, and still

allow people the right to freedom of expression and privacy?

INFORMATION CONTROL IN THE DIGITIZED WORLD

In the past decade, computer technology has expanded at an incredibly fast rate,

and the information stored on these computers has been increasing even faster.

The amount of money, military intelligence, and personal information stored on

computers has increased far beyond expectations. Governments, the military, and

the economy could not operate without the use of computers. Banks transfer

trillions of dollars every day over inter-linking networks, and more than one

billion pieces of electronic mail are passed through the world’s networks daily.

It is the age of the computer network, the largest of which is known as the

InterNet. A complex web of communications inter-linking millions of computers

together — and this number is at least doubling every year. The computer was

originally designed as a scientific and mathematical tool, to aid in performing

intense and precise calculations. However, from the large, sixty square foot

ENIAC (Electronical Numerical Integrator and Calculator) of 1946, to the three

square foot IBM PC of today, their uses have mutated and expanded far beyond

this boundary. Their almost infinite capacity and lightning speed, which is

increasing annually, and their low cost, which is decreasing annually, has

allowed computers to stabilize at a more personal level, yet retain their

position in mathematical and scientific research1 . They are now being used in

almost every aspect of life, as we know it, today. The greatest effect of

computers on life at this present time seems to be the InterNet. What we know

now as the InterNet began in 1969 as a network then named ArpaNet. ArpaNet,

under control by the pentagon’s Defense Advanced Research Projects Agency, was

first introduced as an answer to a problem concerning the government question of

how they would communicate during war. They needed a network with no central

authority, unlike those subsequent to this project. A main computer controlling

the network would definitely be an immediate target for enemies. The first test

node of ArpaNet was installed at UCLA in the Fall of 1969. By December of the

same year, three more nodes were added, and within two years, there was a total

of fifteen nodes within the system. However, by this time, something seemed to

be changing concerning the information traveling across the nodes. By 1971,

government employees began to obtain their own personal mail addresses, and the

main traffic over the net shifted from scientific information to personal mail

and gossip. Mailing lists were used to send mass quantities of mail to hundreds

of people, and the first newsgroup was created for discussing views and opinions

in the science fiction world. The networks decentralized structure made the

addition of more machines, and the use of different types of machines very

simple. As computer technology increased, interest in ArpaNet seemed only to

expand.

In 1977, a new method of transmission was put into effect, called TCP/IP. The

transmission control protocol (TCP) would convert messages into smaller packets

of information at their source, then reassemble them at their destination, while

the InterNet protocol (IP) would control the addressing of these packets to

assure their transmission to their correct destinations. This newer method of

transmission was much more efficient then the previous network control protocol

(NCP), and became very popular. Corporations such as IBM and DEC began to

develop TCP/IP software for numerous different platforms, and the demand for

such software grew rapidly. This availability of software allowed more

corporations and businesses to join the network very easily, and by 1985,

ArpaNet was only a tiny portion of the newly created InterNet. Other smaller

networks are also very widely used today, such as FidoNet. These networks serve

the same purpose as the InterNet, but are on a much smaller scale, as they have

less efficient means of transferring message packets. They are more localized,

in the sense that the information travels much more slowly when further

distances are involved. However, the ease of access to these networks and

various computers has allowed computer crimes to increase to a much higher scale.

These computers and networks store and transfer one thing — information. The

problem occurs when we want to determine the value of such information.

Information lacks physical properties, and this intangible aspect of data

creates problems when developing laws to protect it. The structure of our

current legal system has, to this point, been based on ascertainable limits.

Physical properties have always been at its main core2 . In the past, this

information, or data, has been ‘converted’ into tangible form to accommodate our

system. A prime example is the patent, which is written out on paper. Today,

however, it is becoming much more difficult to ‘convert’ this data into a

physical form, as the quantity is increasing so rapidly, and this quantity of

information is being stored in a virtual, digitized space3 . It is very

important to realize and emphasize that computers and networks store and

transfer only information, and that most all of this information can be altered,

in some way, undetectably. For example, when a file is stored in the popular

DOS environment (and also in environments such as Windows, OS/2, and in similar

ways, UNIX), it is also stored with the date, time, size, and four attributes –

read-only, system, hidden, and archive. One may consider checking the date at

which the document, or information stored on the computer, was saved to

determine if it was modified. However, this is also digital information, and

easily changed to whatever date or time the operator prefers. One may also

consider the attributes stored with the file. If a file is flagged as ‘read-

only,’ then perhaps it cannot be overwritten. This is surely the case –

however, this attribute is easily turned off and on, as it is also information

in a digitized sense, and therefore very easily changed. This is the same case

when a file is ‘hidden’. It may very well be hidden to the novice user, but it

is easily seen to anyone who has even a slight knowledge of the commands of the

system. One may also consider moving this information to a floppy disk in order

to preserve its originality; but we are once again giving it a physical aspect,

which we earlier addressed as being a close to impossible task when involved

with the amount of information involved in this area today. Digital information

is infinitely mutable, and the information that protects this information is

infinitely mutable4 . In order to understand how to control this information, we

must first understand what information and it’s value — especially that of a

digital nature — is. One cannot specifically define information in a whole.

In today’s society, ‘knowledge is power’ seems to be a common phrase, and a

quite true one. It would be even more true to say ‘knowledge can be power.’

It’s how we use this knowledge that determines it’s power. In the same sense,

it is how we use and distribute this knowledge that determines it’s value.

Information can be used in so many ways that it is virtually impossible to value

it. What information is of value to one person may be completely worthless to

another. The availability of this knowledge also determines it’s worth. If

information is as free as air, it has virtually no worth5 . Therefore, it is

also a privacy issue. We can now base the value of information on three things:

it’s availability, it’s use, and it’s user.

In order to protect information in our current government, we must first value

it. Those three aspects of information can be so differentiated, that this is

close to impossible to do so. In addition to this, how do we determine who

“owns” the information? Information itself is not a physical thing which only

one person has in their possession at any time. If information is given away,

it is still held by the giver, as well as the taker. It is impossible to

determine exactly who has this information. If someone steals information, we

cannot take it away from them — it is intangible in almost every aspect. We

must also understand the way in which our government, and most governments,

create laws and attempt to desist illegal actions. As stated earlier, the

American government, and many other governments, are based on a physical center,

which I exemplified with the case of the US patent. When our government creates

laws, the subjects of the laws are given a definable, ascertainable limit. When

someone commits grand theft auto, breaking and entering, or murder, we

understand what has occurred and have definite ways to prove what has occurred,

where and when it has occurred, how it has occurred, and, if applicable, what

has been harmed and what is its value. However, when we look at computer crimes,

such as unauthorized access, we cannot be as clear on these aspects, and we do

not have definite ways to prove the crime, or who committed it, nor do we have a

way in which to define the value of anything damaged, if it had even been

damaged. It is hard to convict a person when all they did was slow down a

computer network for a few days, or look at a credit profile on John Doe.

Problems also occur because people, including those in the legal profession as

well as jurors, do not always understand technology. They do not always

understand how mutable digital information can be, and how easily accessible and

distributed it can be. When a jury does not understand, one cannot truly be

declared guilty “beyond a reasonable doubt”. “Technically, I didn’t commit a

crime. All I did was destroy data. I didn’t steal anything.6 ” How can this

be argued? Crimes committed in the computer world do not exactly adhere with

current laws that address physical crimes. We cannot adapt current laws to

those involving information crimes, and trying to do that will cause too many

problems and confusions because of the variety, extent, and value of information

as a whole. However, this is exactly what the government is trying to do. It

must also be considered that this information is not strictly a US problem, nor

is it more geared towards the US. Although started by the United States

government, the InterNet has grown world wide, reaching over seventy countries.

Since the InterNet has such a decentralized structure, one cannot say that the

US is “in charge” of the network. The problem is, the US government does not see

this themselves. The United States government wants to censor the information

traveling across the InterNet and other telecommunication services, but this

cannot be the case any longer because of this situation. We cannot expect other

countries to adhere to the laws of the United States, just as most Americans

would not expect to have to agree to laws set by other countries. Therefore, it

could be easily said that the government would be invading privacy if they were

to attempt to censor the information which travels these networks. Individual

computers, are, of course, an individuals property, and it would, without a

doubt, be an invasion of privacy if the government wanted to, at any given time,

search your hard drive without just cause. I feel that the government wants too

much power this time. It would seem that they want to have access to and

control all digital information in America for their own benefit. The US

government created an encryption device called the Clipper chip, which was to

insure digital privacy among it’s users. However, our government seems to only

define privacy to an extent. They had also planned to keep, in their possession,

a duplicate of each chip. So much for total privacy. The government seems to

be on a quest for total control over it’s citizens, and the citizens of the

world. This may seem extreme at the present time, but our current legal system

does not allow for the undefinable limits that information control presents,

especially on a world wide basis. If the government tries to gain too much

control, it could very well lead to it’s failure. Control — the control we need

– is not a legal problem at all. It is a social, moral, and technological

problem7 . What is needed is a type of ‘information ethics’. A set of morals

and customs must be slowly adapted, and not pounded into the digital world by

the government. Virtual laws must be formed by a virtual government.

Information cannot be controlled by our government in it’s current form. In

order to control information, the government would have to induce a drastic

change. The first amendment, in reality, is the foundation of the rights of the

citizens of this country. This amendment, in it’s most basic form, guarantees

our right to inform and be informed. The government can not and will not be

able to control digital information as a whole, or govern the right to this

information without sacrificing the keystone of our nation and of our rights as

Americans.

1 We see about 50-70% more computing power per year, and hardware prices drop

about 25-50% per year. Since 1978, raw computing power has increased by over

500 times. “80×86 Evolution,” Byte, June 1994, pp. 19. 2 Curtis E.A. Karnow,

Recombinant Culture: Crime In The Digital Network. (Speech, Defcon II, Los

Vegas), 1994.

3 S. Zuboff, In the Age of the Smart Machine, New York; 1992.Michael Gemignani,

Viruses And Criminal Law. Reprinted in Lance Hoffman, Rogue Programs: Viruses,

Worms and Trojan Horses, New York, 1990.4 Lauren Wiener, Digital Woes, 1993.5

John Perry Barlow, “The Economy of Ideas”, Wired, March 1994.6 Martin Sprouse,

“Sabotage in the American Workplace: Anecdotes of Dissatisfaction, Mischief, and

Revenge”, New York; 1992. (Bank of America Employee who planted a logic bomb in

the company computer system).

7 Curtis E.A. Karnow, Recombinant Culture: Crime In The Digital Network.

(Speech, Defcon II, Los Vegas), 1994.

Works Cited

Addison-Wesley, Bernard. How the Internet Came to Be. New York: Vinton

Cerf, 1993.

Communications Decency Act. Enacted by the U.S. Congress on February 1,

1996.

Computer Fraud and Abuse Statute. Section 1030: Fraud and related activity

in connection with computers.

Denning, Dorothy. “Concerning Hackers Who Break into Computer Systems”.

Speech presented at the 13th National Computer Security Conference,

Washington, DC, 1990.

Gates, Bill. The Road Ahead. New York: Penguin Books USA, inc, 1995.

The Gatsby. “A Hackers Guide to the Internet”. Phrack. Issue 33, File 7; 15

September 1991.

Icove, David, Karl Seger, and William VonStorch. Fighting Computer Crime.

USA: O’Reilly Books, 1996.

Time Life Books. Revolution in Science. Virginia: Time Life Books, inc.,

1987.

Wallich, Paul. “A Rouge’s Routing.” Scientific American. May 1995, pp. 31.

34e