
Zoombombing is a crime, not a prank, prosecutors warn - rahmaniacc
https://arstechnica.com/tech-policy/2020/04/zoombombing-is-a-crime-not-a-prank-prosecutors-warn/
======
Slikey
A security concept so vulnerable to this should be the real crime. Kids like
to troll, this has always been the case and will always be the case. I am
quite annoyed the internet culture is more and more invaded by these lawyers.
The internet has always and should always be built on the concept that
whatever can be exploited will be and the people who open themself to exploits
carry the majority of blame. Maybe that's just my wishful thinking for a more
wild west anarchistic internet...

~~~
crankylinuxuser
There's a term for this. "Victim Blaming".

Its also the same kind of excuses heard when a woman was dressing well and
gets raped. Then the refrain is "she was asking for it", or "she deserved it
with the way she dressed".

Notice that if a front door is unlocked and someone goes inside, its still
trespassing. Just because its easier to commit a crime doesnt make the thing
not a crime.

(Please note, that I'm making this argument in good faith. I'm sure many here
have digitally trespassed on others' computer systems without permission. It's
not "trolling"; its a straight-up violation of the CFAA.)

~~~
new2628
You make an interesting parallel, but the fact that you call out trespassing
through an unlocked door as a crime on a website called _hacker_ news is
remarkable.

~~~
belltaco
No.
[https://en.wikipedia.org/wiki/Hacker_culture](https://en.wikipedia.org/wiki/Hacker_culture)

------
non-entity
> disrupting a public meeting, computer intrusion, using a computer to commit
> a crime, hate crimes, fraud, or transmitting threatening communications

Uhh majority of those seem highly dependent and mostly disconnected from the
actual zoomboming act and moreso with what you do once you're in the session.

Also, I'm not sure offhand what all entail "computer intrusion", but from my
brief reading here[0], it seems that they must he stretching the definitions.
Are you really "hacking" if you just join a meeting that someone posted openly
on reddit, inviting others to troll? On the other hand, I've heard of people
being prosecuted successfully for typing /../ in a URL or something along
those lines.

Not defending people who do it, at least not on principle, but I'm just wary
of the application of those laws. Out of all of them the first is the only
that makes any sense, but zoom meetings are public now?

[0][https://www.wklaw.com/computer-intrusion-under-federal-
law/](https://www.wklaw.com/computer-intrusion-under-federal-law/)

~~~
belltaco
It's all about intent, not about how you did something or what.

>you just join a meeting that someone posted openly on reddit, inviting others
to troll?

If you joined the meeting with the full knowledge and intention of trolling
yes, that falls under statute. What that other person did doesn't really
matter in your prosecution, he might be prosecuted as an accessory to your
crime, but his actions don't provide you enough defensive cover.

What you're stating is like a gun murderer saying "I only pulled a lever,
which billions of people do every day".

If someone posted a deep URL to a hospital oxygen system inviting reddit to
troll, and you go there with the knowledge and intention to troll, and press
the off switch and kill a bunch of people, you're going to be prosecuted for
their deaths. "I just clicked a button lol" isn't a good defense and will
probably just make the judge and jury think even worse of you. Same with
typing /../, you're trying to access hidden and potentially protected
sensitive information. It's like trying the handles of the cars parked on the
road.

------
runawaybottle
For a lot of kids, this is the same as ringing a door bell and running with
your friends. Honestly if I were a kid today I wouldn’t be able to resist the
urge to troll our remote class meetings with my friends.

~~~
brink
I got a felony (which was later dropped) pressed against me for something like
this. Changed my highschool's website to a rickroll, ended up in cuffs.

~~~
flyGuyOnTheSly
So how did you do it?

~~~
brink
The system admins used the same password for everything. We ran the windows
password file against a rainbow table. Once we figured out the password and
that it worked on the admin portal to the website, we couldn't resist for the
laughs.

~~~
flyGuyOnTheSly
LOL I don't blame you! Nice work! Sounds like you were a bright, bored kid!

What are you doing these days?

~~~
brink
Thanks! Still a hacker. Mainly JS, React, Rails, and Flutter these days. :)

------
LinuxBender
This is an interesting topic. If I equate this to the physical world, would
this be similar to a public town meeting being held with no security and no
locked doors, then a protester walks in and starts protesting? What are the
protestors typically charged with successfully?

This also reminds me of Gary McKinnon who logged into NASA windows servers as
Administrator with a null password and no firewall. [1] He was looking for
proof of UFO's. Point being, there was no security on the systems and so Gary
basically walked in as a guest. No hacking required.

[1] - [https://www.theguardian.com/uk/2009/may/25/gary-mckinnon-
ext...](https://www.theguardian.com/uk/2009/may/25/gary-mckinnon-extradition-
pink-floyd-hacker-us)

~~~
elicash
Isn't it more like a private meeting, say, in your house that has a door
that's unlocked?

I personally dislike applying digital settings to real-world, but if you're
going to make a comparison these aren't for the public or on public property.

~~~
zajio1am
Private homes have special protection (and would be more analogous to private
computers).

This is more like invading rented lounge/room in a pub.

------
donatj
> Zoombombing isn't a harmless prank; it's a crime.

These are by no definition mutually exclusive, unless you’re considering the
harm of over litigious prosecutors on society.

------
CivBase
This rings as an especially empty threat. Even with account data and IP
addresses, it would be costly and time consuming for the police to track down
and charge the "zoombombers" \- _even if_ all the attackers were part of their
jurisdiction.

Their effort would be better spent recommending alternative services or
providing guidance for how to configure private Zoom calls.

~~~
emiliobumachar
They only need a couple dozen well-publicized arrests and prosecutions to
deter 99% of the trend.

~~~
laughingbovine
Yes, thankfully we don't have online drug sellers or ransomware hackers
anymore. Arrested a couple and all the online crime stopped.

------
laughingbovine
I don't understand why people are comparing this to realspace crimes. I get
that we have plenty of laws covering them, but the online world is completely
different. It's possible for people to commit cybercrime and still be
undetected. How can you arrest someone if you can't find them? The internet is
still very much the wild west, and it needs to be treated as such, with lots
of locks and keys. Doing anything less is negligence.

------
emiliobumachar
Key quote: "Zoombombers have exposed themselves to schoolchildren and shouted
racial slurs."

Kinda knocks down the "hacker kids having harmless fun" image in my book.

------
emilfihlman
Here we see out of touch people supporting actions that can destroy lives, for
no benefit.

