hacking the law a hacker s safety guide to electronic
play

Hacking the Law: A Hackers Safety Guide to Electronic Crime Laws - PowerPoint PPT Presentation

Nov 13, 2023 •134 likes •347 views

Hacking the Law: A Hackers Safety Guide to Electronic Crime Laws of Pakistan Jawad A Sarwana Abraham & Sarwana P.I.D.C House Karachi Ph : 568 7360 / 568 7370 Fax : 568 7364 Email : abrahams@cyber.net.pk Overview

  1. Hacking the Law: A Hacker’s Safety Guide to Electronic Crime Laws of Pakistan Jawad A Sarwana Abraham & Sarwana P.I.D.C House Karachi Ph : 568 7360 / 568 7370 Fax : 568 7364 Email : abrahams@cyber.net.pk

  2. Overview • Is our computer system vulnerable? • Who should we look for help? • Can we trust them? • How can they help us? • What stops them from helping us? • Look before you Leap! • Conclusion Jawad A Sarwana Abraham & Sarwana

  3. Is our Computer System vulnerable? “Nearly 16,000 new viruses, worms and trojans have appeared in 2005” -- Security Management Report 2005 published by Sophos, an Anti-virus software company • In Sept 2004, SBP issued Business Continuity Guidelines to safeguard their IT based banking systems from act of terrorism and natural disasters. • Most recently, in the first week of Dec 2005, SBP issued Guidelines for Account Holders using Credit/Debit and Smart Cards. FIA – NR3C – National Response Center for Cyber Crimes • Jawad A Sarwana Abraham & Sarwana

  4. Where do we look for help? Jawad A Sarwana Abraham & Sarwana

  5. Computer hackers: Evil or Good? Black Hat v. White Hat Malafide Bonafide Intention Intention Grey Hat Jawad A Sarwana Abraham & Sarwana

  6. Can We Trust Them? Hacker Ethic - A brief History Jawad A Sarwana Abraham & Sarwana

  7. Steven Levy’s Principal of the Hacker Ethic • Access to computers—and anything which might teach you something about the way the world works—should be unlimited and total. Always yield to the Hands-on Imperative! • All information should be free. • Mistrust authority—promote decentralization. • Hackers should be judged by their hacking, not bogus criteria such as degrees, race, or position. • You can create art and beauty on a computer. • Computers can change your life for the better. Jawad A Sarwana Abraham & Sarwana

  8. The 21st Century Hacker’s Ethics: • the belief that information-sharing is a powerful positive good, and that it is an ethical duty of hackers to share their expertise by writing free software and facilitating access to information and computing resources wherever possible; and/or • the belief that system hacking for fun and exploration is ethically acceptable as long as the hacker commits no theft,vandalism, or breach of confidentiality. Jawad A Sarwana Abraham & Sarwana

  9. How can they help us? • Educating Government and Business Houses on IT Security • Examples: Penetration testing, Port scanning, etc. • Ensuring Product Quality Jawad A Sarwana Abraham & Sarwana

  10. What stops them from helping us? The Law!!!!!!! Jawad A Sarwana Abraham & Sarwana

  11. Section 36 of the Electronic Transaction Ordinance, 2002 states: Violation of Privacy of Information "Any person who gains or attempts to gain access to any information system with or without intent to acquire the information contained therein or to gain knowledge of such information, whether or not he is aware of the nature or contents of such information, when he is not authorized to gain access, as aforesaid, shall be guilty of an offence under this ordinance punishable with either description of a term not exceeding seven years, or fine which may extend to one million rupees or with both." Jawad A Sarwana Abraham & Sarwana

  12. Section 37 of the Electronic Transaction Ordinance, 2002 states: Damage to Information System, etc: 1. Any person who does or attempts to do any act with intent to alter, modify, delete, move, generate, transmit, or store any information through or in any information system knowingly that he is not authorized to do any of the foregoing shall be guilty of an offence under this ordinance. 2. Any person who does or attempts to do any act with intent to impair the operation of or prevent or hinder access to, any information contained in any information system, knowingly that he is not authorized to do any of the foregoing, shall be guilty of an offence under this ordinance. 3. The offences under sub sections (1) and (2) of this section will be punishable with either description of a term not exceeding seven years or fine which may extend to one million rupees or with both. Jawad A Sarwana Abraham & Sarwana

  13. Look before you Leap Jawad A Sarwana Abraham & Sarwana

  14. Sections 4 of the Electronic Crimes Bill 2004 states Criminal access “Whoever gains unauthorized access to the whole or any part of an electronic system with or without infringing security measures with intent to infringe privacy or commit further offence is said to commit the offence of criminal access. Whoever commits the offence of criminal access shall be punished with imprisonment of either description for a term which may extend to two years, or with fine not exceeding three hundred thousand rupees or with both.” Jawad A Sarwana Abraham & Sarwana

  15. Sections 5 of the Electronic Crimes Bill 2004 states: Criminal data access Whoever intentionally causes electronic system to perform any function for the purpose of gaining unauthorized access to any data held in any electronic system is said to commit the offence of criminal data access. Whoever commits the offence of criminal data access shall be punished with imprisonment of either description for a term which may extend to three years, or with fine or with both.” Jawad A Sarwana Abraham & Sarwana

  16. Other Jurisdictions • Budapest Convention on Cyber Crime, 2001 • The U.S. Constitution’s First Amendment • UCITA, 2000 (USA) Jawad A Sarwana Abraham & Sarwana

  17. UCITA A State's Consumer Protection Law Trumps UCITA. An information • contract is expressly subject to and may not waive any consumer protection provided in state or federal law. Included are laws providing for conspicuous disclosure, unfair or deceptive trade practice laws, and laws relating to electronic signatures and records. Right to Criticize Protected. Information contract terms that prohibit • criticism of an information product are unenforceable. Parties may contract in a manner consistent with other law such as the law of trade secrets. UCITA --- Continued Jawad A Sarwana Abraham & Sarwana

  18. UCITA Remedies for Known Material Defect Preserved . Remedies for a known • material defect of a product are expressly made available as fully as for defective goods or services. Reverse Engineering for Interoperability Expressly Authorized . An • information contract may not prohibit reverse engineering that is done for the purpose of making an information product work together with other information products. Jawad A Sarwana Abraham & Sarwana

  19. • The Internet Engineering Task Force (IETF) 45 Days Notice Period for Reporting Security Vulnerabilities

  20. Conclusion Jawad A Sarwana Abraham & Sarwana

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical?

ETHICAL HACKING Daniel Cloherty CAN HACKING BE ETHICAL? What makes hacking ethical? Legality VS Ethics State Sanctioned hacking BLACK HAT - Stereotypical Hacker -Stealing data for personal gain -Obviously not ethical -Using

1.17k views • 10 slides
Hacking in Popular Culture Week 2 Frank Chen | Spring 2017 Agenda Administrative Review

Hacking in Popular Culture Week 2 Frank Chen | Spring 2017 Agenda Administrative Review

Mr. Robot, an Emmy Award-winning TV drama starring a vigilante hacker CS 88S Hacking in Popular Culture Week 2 Frank Chen | Spring 2017 Agenda Administrative Review last weeks material Hack Hollywood Hacking: The Good, The

718 views • 45 slides
Hacking Magento: Creating an HTML5 Canvas Customizer on Magento Bundles Phillip Jackson

Hacking Magento: Creating an HTML5 Canvas Customizer on Magento Bundles Phillip Jackson

Hacking Magento: Creating an HTML5 Canvas Customizer on Magento Bundles Phillip Jackson @philwinkle Lead Magento Architect Something Digital NEW Hacking Magento Hacker: 1. who makes innovative customizations or combinations of

850 views • 62 slides
Hacking Joshua Lackey, Ph.D. Ph.D., Mathematics. University of Oregon. 1995 2000

Hacking Joshua Lackey, Ph.D. Ph.D., Mathematics. University of Oregon. 1995 2000

Hacking Joshua Lackey, Ph.D. Ph.D., Mathematics. University of Oregon. 1995 2000 Background Senior Ethical Hacker. IBM Global Services. 1999 2005 Security Software Developer. Microsoft SWI Attack Team. 2005

943 views • 62 slides
Package Tracking System Hacking's guide By Raphal Hertzog <hertzog@debian.org> September

Package Tracking System Hacking's guide By Raphal Hertzog <hertzog@debian.org> September

Package Tracking System Hacking's guide By Raphal Hertzog <hertzog@debian.org> September 2005 in Darmstadt Debian-QA mini-conference Plan Introduction Where to get the sources Directory overview The mail part The web

536 views • 15 slides
Security and Internet Security Censorship Hacker Viruses Computer Literacy 1 Lecture

Security and Internet Security Censorship Hacker Viruses Computer Literacy 1 Lecture

Topics Security and Internet Security Censorship Hacker Viruses Computer Literacy 1 Lecture 24 Phishing 13/11/2008 Firewall Censorship of the Internet 2 Examples Hacking or Cracking Virus Cracking = Subverting

462 views • 6 slides
OWASP BELGIUM APPSEC 2008 CONFERENCE pdp information security researcher, hacker, founder of

OWASP BELGIUM APPSEC 2008 CONFERENCE pdp information security researcher, hacker, founder of

OWASP BELGIUM APPSEC 2008 CONFERENCE pdp information security researcher, hacker, founder of GNUCITIZEN SALES PITCH Cutting-edge Think Tank THERE ISN'T ANY! CLIENT-SIDE SECURITY Overview of various Client-Side Hacking Tricks and

766 views • 64 slides
CAN WE FIX IT? SEBASTIUS, HACKER HOTEL 2016 About me Sebastian Oort Teacher by day Self taught

CAN WE FIX IT? SEBASTIUS, HACKER HOTEL 2016 About me Sebastian Oort Teacher by day Self taught

CAN WE FIX IT? SEBASTIUS, HACKER HOTEL 2016 About me Sebastian Oort Teacher by day Self taught hacker/fixer Love retro-hardware CAN WE FIX IT? PROJECT 4 PRACTICAL REPAIRS FOR EVERYONE APRIL 2, 2016 HACKER HOTEL DATUM KLANT REFLOW BAKE

447 views • 23 slides
Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking

Hacking Reinforcement Learning Guillem Duran Ballester Guillemdb @Miau_DB A tale about hacking AI-Corp Hacking RL 1. Information gathering 2. Scanning 3. Exploitation & privilege escalation 4. Maintaining access & covering tracks

960 views • 62 slides
Hacking Attacks The power of IPv6 driven malware m-r Mane Piperevski IT Security Researcher

Hacking Attacks The power of IPv6 driven malware m-r Mane Piperevski IT Security Researcher

Hacking Attacks The power of IPv6 driven malware m-r Mane Piperevski IT Security Researcher Ethical Hacker mane@piperevski.com Piperevski & Associates Skopje, Macedonia What's your favorite Malware? Who we are? A. Popup

297 views • 13 slides
Neurovascular Assessment A guide to using the NSW electronic observation form August 2018

Neurovascular Assessment A guide to using the NSW electronic observation form August 2018

Neurovascular Assessment A guide to using the NSW electronic observation form August 2018 Musculoskeletal Network The ACI acknowledges the traditional owners of the land that we work on the Cammeraigal People of the Eora Nation. We pay our

735 views • 38 slides
APPENDI X Z Pre-Proposal Conference Guide and Presentation RFP # 3516R09 Motorcycle Safety

APPENDI X Z Pre-Proposal Conference Guide and Presentation RFP # 3516R09 Motorcycle Safety

APPENDI X Z Pre-Proposal Conference Guide and Presentation RFP # 3516R09 Motorcycle Safety Program Addendum 2 Appendix Z Pre-Proposal Conference Guide PREPROPOSAL CONFERENCE GUIDE 1. Ladies and Gentlemen, my name is Holly Zeiders.

307 views • 19 slides
Warm Handoff AHRQ Guide to Improving Patient Safety in Primary Care Settings by Engaging

Warm Handoff AHRQ Guide to Improving Patient Safety in Primary Care Settings by Engaging

Warm Handoff AHRQ Guide to Improving Patient Safety in Primary Care Settings by Engaging Patients and Families 1 Speaker Kelly Smith, PhD Scientific Director, Quality & Safety Co-PI, AHRQ Guide to Improve Patient Safety in Primary Care

681 views • 23 slides
Think Like a Hacker Assaf Harel, Chief Scientist and Co-Founder What Does it Mean? 2 |

Think Like a Hacker Assaf Harel, Chief Scientist and Co-Founder What Does it Mean? 2 |

Think Like a Hacker Assaf Harel, Chief Scientist and Co-Founder What Does it Mean? 2 | Confidential Provided for Workshop use only Why Would a Hacker Want to Hack a Car? Cryptocurrency Personal Information Ransomware Mining

517 views • 17 slides
Supervisors Discussion Guide for Food Safety Presentation This guide is meant to help staff process

Supervisors Discussion Guide for Food Safety Presentation This guide is meant to help staff process

Supervisors Discussion Guide for Food Safety Presentation This guide is meant to help staff process what they learn in this presentation and answer any questions that may come up during the presentation. Along with this discussion guide, you have

356 views • 9 slides
ATC-20-1: A Rough Guide to Using Your Trusty Field Manual for Safety Assessment and

ATC-20-1: A Rough Guide to Using Your Trusty Field Manual for Safety Assessment and

1 ATC-20-1: A Rough Guide to Using Your Trusty Field Manual for Safety Assessment and Reconnaissance David Ojala, S.E., LEED AP, CWI EERI Annual Meeting 3 April 2015 2 Outline Reconnaissance vs. Safety Assessment Overview of ATC-20

888 views • 86 slides
Envir Environmental onmental Social Movements Social Movements & Pr & Protest

Envir Environmental onmental Social Movements Social Movements & Pr & Protest

Envir Environmental onmental Social Movements Social Movements & Pr & Protest Rhetoric otest Rhetoric FRAMES Interpre've structures through which individuals organize an ambiguous stream of

428 views • 4 slides
SR 39 Im Improvements in in Martinsville Public Information Meeting May 13, 2019 WHY ARE WE

SR 39 Im Improvements in in Martinsville Public Information Meeting May 13, 2019 WHY ARE WE

SR 39 Im Improvements in in Martinsville Public Information Meeting May 13, 2019 WHY ARE WE HERE TODAY? Communicate information about SR 39 Improvements including Purpose Design Elements Schedule 2 LOCAL IMPROVEMENTS

424 views • 16 slides
rs t

rs t

trt r t rs t sss ts r

1.02k views • 74 slides
Workplace Wellbeing & Delivery Hacks Tuesday 20 September 2016 John Williams Melanie

Workplace Wellbeing & Delivery Hacks Tuesday 20 September 2016 John Williams Melanie

Workplace Wellbeing & Delivery Hacks Tuesday 20 September 2016 John Williams Melanie Woolcott Sam Addison Workspace Hacks 1 #Hacks? Hack /hak/ Verb 1. Cut with rough or heavy blows 2. Gain unauthorised access to date in a

679 views • 51 slides
Categories for the Working Hacker Philip Wadler University of Edinburgh QCon SF, 15 Nov 2017

Categories for the Working Hacker Philip Wadler University of Edinburgh QCon SF, 15 Nov 2017

Categories for the Working Hacker Philip Wadler University of Edinburgh QCon SF, 15 Nov 2017 Products in Java public class Product<A,B> { private A fst; private B snd; public Product(A fst, B snd) { this.fst = fst; this.snd = snd; }

829 views • 36 slides
Presentation to fixed income investors October 2018 https://investors.bpha.org.uk/ Disclaimer

Presentation to fixed income investors October 2018 https://investors.bpha.org.uk/ Disclaimer

Presentation to fixed income investors October 2018 https://investors.bpha.org.uk/ Disclaimer This Presentation and its contents are strictly confidential, are intended for use by the recipient for information purposes only and may not be

650 views • 36 slides
National Council of County Association Executives Kristin Judge Executive Director Trusted

National Council of County Association Executives Kristin Judge Executive Director Trusted

National Council of County Association Executives Kristin Judge Executive Director Trusted Purchasing Alliance Center for I nternet Security William F . Pelgrin CIS President & CEO MS-ISAC Chair Center for Internet Security CIS

488 views • 34 slides
Itu regional workshop "K "Key ey Aspects ts of Cybersecuri rity ty in th the

Itu regional workshop "K "Key ey Aspects ts of Cybersecuri rity ty in th the

Itu regional workshop "K "Key ey Aspects ts of Cybersecuri rity ty in th the Context t of of Internet of of Things (Io IoT) ) Na Natalia alia SPINU NU 18 September, 2017 Tashkent, Uzbekistan AGENDA 1.INTRODUCTI

695 views • 23 slides

More recommend