[ BY SHUMANI GEREDA, 30 Jul 2003 ] — Hi there

My name is Shumani Gereda, an attorney in Johannesburg specialising in IT Law & Telecomms related aspects.

I believe the word "hacker" is being used loosely in this article. The ECT Act does not define what a hacker is, neither does it define cyber crime. It only gives an explanation of what constitutes cyber [computer-related] crime.

It is therefore important that experts make it clear in their comments that the practice of hacking, as loosely defined in various dictionaries, do constitute cyber crime as provided for in section 85-6 of the ECT Act, and not that the ECT Act itself defines what a "hacker" is.
The ECT Act`s provision relating to cyber crime is wide enough to be restricted only to "hacker". It includes both people who accesses data without authority, for gain, and those who just do it for fun (crackers- A person who breaks into computer systems, using them without authorization, either maliciously or just to show off).

Crackers are normally software experts who just want to show big IT companies that their security systems is flawed. Hackers are criminals who are not experimenting, but intending to commit a crime. E.g. A person who enters ABSA Bank`s computer programme system without authority, and then calls the bank manager to say, "Hey mate, you better work on your security system. It is hackable.", is a cracker.

Section 88 of the ECT Act also criminalises the conduct of a person who gives access, e.g. office keys, to a would-be hacker, i.e. aiding and abetting. This is therefore a cyber crime, and clearly not an act of hacking.

The ECT Act also criminalises the conduct of a person who reads my email messages without authorisation, whether or not my Inbox was open or not. Though this is an act of cyber crime as provided for in the ECT Act, it surely is not an act of hacking.

In the ABSA case, if it is true that the offender/s gained access to their victims` personal data/security information, sometime before commiting the much publicised crime, they would then have to be prosecuted for more than one crime, including the very first act accessing those personal information, to entering ABSA`s system.

Lastly, the ECT Act recognises automated / electronic agents, and as such it should be possible for a hacker/cracker to be prosecuted under section 87 of the ECT Act, for fraud. My qualified opinion is that the ABSA case is indeed a fraud-related case.

Thanks

[ BY ANDRE JONKER, 30 Jul 2003 ] — The media may decide eventually what a hacker is, by continually using the term in a certain fashion. But how you decided that hackers are bad and crackers are good - I don`t understand.

Traditionally a cracker is up to no good as well. And a white hat hacker is one that finds flaws and vulnerabilities and reports them. And a black hat hacker is the evil one who exploits vulnerabilities for personal gain.

Ok - I may be wrong too - I suppose there`s someone out there who`s got the better explanation - but I am a red hat hacker ;-) and there`s nothing wrong with that.

(The term red hat hacker refers to the act of trying to configure (and figure out) how red hat linux works - or someone who has already mastered the red hat linux operating system. No evil or malicious meaning intended.)

[ BY JOHN PLASKETT, 29 Jul 2003 ] — Can an independent electronic lawyer be taken seriously when he questions whether or not a machine can be defrauded? Is an electronic lawyer defined as a real or virtual entity?

In the community of machines, wherein he is clearly affiliated, will any precedent resulting from sentencing under the ECT act apply equally to humans, assuming that the act makes provision for virtual representation or prosecution?

	Comment * Comment headline If you leave the headline field empty, we will supply one on your behalf.
	Nickname (to be displayed)*	E-mail address*
	Your e-mail address and other personal details will be kept strictly confidential. Click here to read more about ITWeb's privacy or readers letters policy.