How come I never hear about any prosecutions for people who spread spyware and computer viruses? If they’re coming from some podunk country in Asia couldn’t that country execute them and send their family a bill for the rope? Seriously, I want these pricks dead!:mad:
I have good spy/virus software but one got past the goalie today. A real nasty fucker called Security Tool. I accidentally told spy sweeper to ignore it when it was in-coming. Thing messed up my computer and ate my head. It sets itself up so it’s incredibly hard to fight it, blocking you from getting into most files. I was able to defeat it, but it took a while.
While it was my screw up that it got on, these things shouldn’t exist in the first place. A few years ago I got an even nastier one called “About: Blank” that just “About” drove me out of my mind.
So, have there been any big prosecutions lately because of this bullshit?
Not many, and not in years. The problem nowadays is that the people coming up with these things are not situated in the US, so it’s up to other jurisdictions to prosecute. The biggest of them have in the past come from Russia – and the spyware was designed so it didn’t install on any computer whose language setting is Russian. Thus, they don’t break the law where they are located.
So to find it, you need to find who sent it out (and nowadays, it’s usually a well-organized group who creates hundreds of variations to fool antivirus), their location, and whether they have done anything illegal in the place where they’re located. It’s too expensive and complex to catch someone who has done nothing but installing something on your computer.
I recently read somewhere that Microsoft wants ISP’s to accept some of the responsibility for shutting down botnets - even though many times they infiltrate computers through vulnerabilities in Microsoft’s code. They want ISP’s to essentially quarantine users whose machines are infected. Not a bad idea actually, but I don’t see it happening.
International law has a number of grounds on which a state’s jurisdiction to legislate on an issue and prosecute violators can be founded, and territoriality (the place where the action took place) is one of them. It is now an established principle that jurisdiction may also be founded on the nationality of either perpetrator or victim (which is why states can, and do, prosecute foreigners who killed one of their nationals abroad); there is also an increasingly accepted principle that states have universal jurisdiction to protect vital national interest, which is why states can, and do, prosecute people counterfeiting their currency abroad. In this light, I think you would be on safe grounds arguing that, under international law, the U.S. may prosecute foreigners starting computer viruses abroad, if these viruses affect American computer systems. Of course, the problem would be getting hold of the guy in the first place; but once you have him - e.g. if he is dum enough to travel to the U.S. -, it would be in accordance with international law to arrest and try him.