BBC Botnet: Another View or Two

And still the controversy rages: several people have pointed out that it’s unlikely that the PCs in the BBC’s botnet are all in the UK, suggesting that there could be additional legal issues relating to other jurisdictions. The H reiterated the point that Ofcom regulations state that payment shouldn’t be made to "convicted or confessed criminals… for a programme contribution by the criminal … relating to his/her crime/s." It appears that there is only a possible exception where it is in the public interest .

So it’s not only law enforcement who have to be convinced that the purity  of the BBC’s intent nullifies any question about the legality of their actions.

Some are proclaiming the value of its "investigation", but the BBC are not law enforcement, and don’t have any automatic rights to special treatment before the law. They didn’t really investigate anything in a forensic sense: law enforcement agencies and the security industry have, for many years, known more than the programme "revealed". What they did was demonstrate known phenomena for the benefit of their viewers.

Here are a few more interesting links: 

Of course, it’s perfectly reasonable to -inform- the public about these issues in the public interest: that’s not the same as trying out criminal techniques. Sometimes journalists will, technically, break the law in order to demonstrate that it’s possible or even easy to do so, and sometimes that public interest argument can be made quite convincingly. The question here is whether the public interest was served any better by the BBC’s sailing close to the legal wind than it would have been by an entirely legal simulation.

David Harley BA CISSP FBCS CITP
Director of Malware Intelligence

 

 

Author David Harley, ESET

  • Gonzalo

    IMHO, the BBC only broken the law in section 3-1 of the “Misuse Act”, changing the wallpaper, without autorization.

    The other things are “law fight” for advocats
    (a 300 years discuss) ;-)

    • Randy Abrams

      Considering the compromised machines may have been in many different countries, it is hard to know how many laws may have been broken.

  • David Harley

    It looks to me as if the legal eagles consider that the section 1 offense (unauthorized access) would be a safer bet if anyone was looking for a conviction. But as Randy says, the BBC don’t seem to have considered the jeopardy in which they placed themselves in other jurisdictions.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

6 articles related to:
Hot Topic
16 Mar 2009
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.