Assessing penalties in hacking incidents

Topic area	Hacking / Security
Target audience	All college students, especially computer science, computer science education, and information systems students.
Activity type	Small group discussion of handout describing cases where security was breached to determine whether hacking or cracking was involved and the use of role-playing to promote class discussion of issues such as intent, service and harm.
Time required	2 class periods. Form groups and distribute articles prior to first class period (start of group discussion).
Attachments	Worksheet
Additional materials	Copies of articles about two cases of computer intrusion (2 articles per case): "How the FBI tracked down alleged Pentagon hackers", ZDNet News, February 27, 1998, "FBI nabs small-town teens in Pentagon hack case" by Robert Lemos, ZDNet News, February 27, 1998; "Coast Guard beefs up security after back", Laura DiDio, Computerworld, July 20, 1998; "In U.S. first, court convicts female hacker", Laura DiDio, Computerworld, July 6, 1998.
Background needed to complete the assignment	Students need to be given a copy of the handout containing the case descriptions. Beyond this, no particular knowledge or skills are needed to complete the assignment.
References	None
Last modified	No date

Abstract:
Security can be a controversial issue when dealing with the question of hacking, cracking, and ownership and freedom of information. The cases examined involve unauthorized access to a computer system because it could be done or for illegal purposes. Discussion of these cases leads to application of ethical principles regarding rights of ownership, privacy, and freedom of information. In particular, the question of intent of the intruder is discussed both with regard to the characterization of the intrusion and to the determination of appropriate action, if any, to be taken against the intruder.

Goals for the activity:
The goal of this activity is to increase understanding of the issue of security in relation to the behaviors of hacking and cracking.

Knowledge / skills / attitudes to be developed (behavioral objectives):
Students should develop an understanding of the difference between hacking and cracking, the effects of both and the intent and meaning of the Fourth Amendment* as it relates to the rights of the hacker/cracker and those of the victim.

* Constitutional guarantees in the Fourth Amendment apply to all invasions on the part of government and its employees of the sanctity of a man's home and the privacies of life. It is not the breaking of his doors, and the rummaging in the drawers, that constitutes the essence of the offense; but it is the invasion of his indefeasible right of personal security, personal liberty and private property. Justice Joseph Bradley, Boyd v. United States.

Procedure:

Form groups of 3 to 5 students, preferably 3 if possible.
Distribute copies of articles and discussion questions to each group.
Assign one of the cases to each group for discussion.
Distribute article (1) and corresponding set of discussion questions for each case to the corresponding group.
Instruct students to read their articles individually, and when all group members have completed the reading, work as a group to construct essay answers to each of the discussion questions.
For the second part of the activity, randomly select students from the first case groups to represent the accused, the government attorney, and members of the affected group(s).
Have each student state/defend his/her role and lead a class discussion of the case.
Have the class make a recommendation as to the disposition of the case.
Repeat the procedure with the second case.
Distribute the remaining articles and lead a discussion of the actual disposition of the case, comparing that to the class recommendation.

Assessing outcomes:
None.

Additional remarks:
None.

Author contact information:
Professor Marcelle Bessman
Department of Mathematics
Jacksonville University
Jacksonville, FL 32224
E-mail: mbessma@ju.edu

Page maintained by: kwb@csee.usf.edu