Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Finns Outlaw Virus Writing

Hemos posted more than 14 years ago | from the don't-even-think-bad-thoughts dept.

News 173

Ecyrd pointed out that the Finnish Parliment has ratified an amendment making viruses illegal. It's actually not just illegal to use them - distributing them is illegal as well. The most interesting part of the legislation is that apparently isn't just using them - writing them is also a crime.

cancel ×

173 comments

Re:Hmmmm, (0)

Anonymous Coward | more than 14 years ago | (#1664892)

I hope so. :) (as a finn)

Re:Definition of a virus. (1)

Black Parrot (19622) | more than 14 years ago | (#1664893)

> the Bill cites the offence as a catch-all "Causing danger to data processing systems"

Oh-oh. Keep that coffee cup away from your keyboard!

Could denial-of-service be interpreted as a damage (1)

GCsoftware (68281) | more than 14 years ago | (#1664894)

if so, then, a type such as:

fork();
fork();

would make me a criminal :)

Stupid law, and I thought my country's politicians
had a clue.

Re:Flamebait: "viruses" (1)

Ed Avis (5917) | more than 14 years ago | (#1664905)

The plural for "virus" is viruses.

Yes, take a look at tchrist's explanation, What's the Plural of `Virus'? [perl.com] .

Is BackOrifice A Virus? (1)

esh (23599) | more than 14 years ago | (#1664906)

Microsoft has declared that BackOrifice 2000 (BO2K) [bo2k.com] is a virus and I guess most anti virus programs have updated their definitions accordingly.

The authors of BO2K on the other hand have clearly stated their intention to provide a system management tool. They even point out the potential danger when not properly handled and when combined with the security hole provided by the MS-Word macro language.

The question is who decides. Maybe now big companies like Microsoft have one more weapon to crush small competitors writing power tools.

Etymology..... (0)

Anonymous Coward | more than 14 years ago | (#1664907)

Isn't it viruses not virii?

Re:Italy was faster... (1)

PigleT (28894) | more than 14 years ago | (#1664908)

Yikes. How do you manage to run windoze? ;)

Or maybe Italy will be the next source of all the geeks (on knowlegable grounds)... strategic move to take over the world.. I dunno :)

Interpeting laws loosely... (0)

Anonymous Coward | more than 14 years ago | (#1664909)

is dangerous because it creates a government of men, not of laws. If you are good friends with the judge he might just interpret the law loosely. But if you wrote an op-ed piece that criticized one of his old rulings, he might harbor a grudge and throw the book at you. Is that civilized?

In fact, I've read that in some countries everybody is an unconvicted felon, because the laws are so dense you have to have broken some of them, it's just a matter of determining which ones. Convenient, if you say something bad about the government, or if you become unpopular.

Legislators are too fast and loose these days; they should write laws as if they would be totally, totally enforced by an infinite police force, and by judges that always prescribed the maximum applicable penalty. Any law that would be unjust under such a system is unjust now, because the government gets to pick and choose who to enforce it against...

(There are some laws that would be very just under such a system, e.g., the law against murder. It would be great if all murderers got caught. It would be great if all those who have actually sabotaged computers, got caught, and had to make reparations. But should all people who write programs with surprising effects go to jail? No! Q.E.D.)

-- Blah blah blah

Here's the text of the proposed law (3)

jks (269) | more than 14 years ago | (#1664910)

The Government's proposal is available on the Parliament's [eduskunta.fi] WWW site: click here [eduskunta.fi] . The URL is monstrous, and I'm afraid it may not be valid forever. However, if you speak Finnish, you should be able to find it by the code "HE 4/1999", or simply by searching for the text "virus".

Since Finnish is not yet one of the major languages of the world, here's my translation of the relevant section of the new law. I'm not a lawyer or a professional translator, and I'm especially ignorant of English legalese--my apologies for the inevitable errors here. Also, this is only the version proposed by the Government, and the law that was actually approved may be different.

Endangering data processing

Who, with intent to harm data processing or the functioning of a data or telecommunications system,

1) produces or makes available a computer program or a series of program commands designed to endanger data processing or the functioning of a data or telecommunications system or to damage the data or programs included in such a system, or distributes such a computer program or series of program commands, or

2) makes available instructions to produce a computer program or a series of program commands that paragraph 1 applies to, or distributes such instructions,

must be sentenced, unless the act is punishable more or equally severely by other law, of endangering data processing to a fine or at most two years of imprisonment.

Malicious intent is the most important point; the program can be anything harmful, not just a virus in the technical sense. Also, a guide to writing viruses will qualify.

Thought crime? (2)

jflynn (61543) | more than 14 years ago | (#1664911)

Depending on how they defined virus this law comes awfully close to saying that certain ideas are illegal. Remember that a source for an encryption program was ruled protected speech here in the US, so this law would fall under prior restraint here.

Once again, legislators try to prohibit ideas and information, instead of making their irresponsible or malicious use illegal.

This assumes that no beneficial use for viruses will ever be found -- e.g. security patches that automatically spread and install themselves, or techniques similar to vaccinations where benign viruses are spread to train computer immune systems to attack damaging ones. Not a real issue today, but do we want to assume that it will *never* be an issue?

Re:What classifies as a virus? (1)

arafel (15551) | more than 14 years ago | (#1664912)

"trojan virii"?

Er, trojans and viruses are two different things. Also, most viruses aren't harmless programs as you seem to think.

Re:Flamebait: "viruses" (1)

migmog (40610) | more than 14 years ago | (#1664913)

It's a case of someone thinking they were clever.

If virus were a Latin word (which I'm not sure it is), then the plural would most likely be 'viri'

However, it sounds a lot more clever and exotic if you put an extra i at the end. I mean there's few enough words that end in one i, but two makes it truly exotic, so whoever came up with the word must be the cleverest person ever.

There's a lot of this kind of crap in language. Sometimes it works in reverse. How often have you heard of 3 things being back-to-back? That's just plain stupid. 3 things can be consecutive, ie. one after another, but they can't really be back-to-back.

Hellooooo People.... (2)

walnut (78312) | more than 14 years ago | (#1664914)

What they are saying is that whether you knowingly or unknowingly distribute a file with a virus you are liable for the damage that it causes.

Through college I worked my way out of the MIS department of a large company (and into research with another). Most of the people there were computer capable, but not literate. They didn't understand scanning drives, they didn't understand what infected files were and ultimately, they didn't care - until it affected them. It took us almost a year in one case to clean the entire system (child companies in the SW and overseas provided additional problems). We would clean the Servers, and then boom, once again the same files would appear as infected as before. We had to go to over 400 PCs at our location 600 about a 30 miles away, and create simplistic documentation for several other plants, offices and hundreds of field reps to follow. Old virus software detected the problem, informed people of the potential hazzards, but because these things were deemed "mission critical," people stupidly continued to distribute them, download them, work with them, etc...

Blatantly ignoring a problem nearly crippled our company. Even though the people were uneducated about viruses, they made no effort to report problems, viewing this problem as one that would just "go away," like a cold or the flu...

It is vitally important (especially the way the internet is expanding) that people make an effort to take responsibility in cleaning their files, machines and so on.

hmmm. (2)

Suydam (881) | more than 14 years ago | (#1664917)

I think this is too reactionary. ..but only if they plan to strictly enforce the law against distributing them.

Think about it. If it's illegal to distribute virii, then it'll be much more difficult for anti-virus software producers to get copies of the virus in order to write an antidote.

Trasmitting is illegal? (3)

iceT (68610) | more than 14 years ago | (#1664919)

Wow! I hope they mean INTENTIONALLY transmitting them is illegal...

Otherwise, over 50% of my company will be arrested...! (not me, of course...)

Something for YRO? (3)

Ray Dassen (3291) | more than 14 years ago | (#1664921)

Isn't this something for YRO? While I despise virus writers as much as the next guy, I find the idea of being forbidden to code something in the privacy of your own system very chilling, in the order of surpressing knowledge/censorship/dystopia.

How will they enforce this? (2)

dudeX (78272) | more than 14 years ago | (#1664923)

How will they enforce this law? How will they track down the virus writer?
Some questions for thought.

Re:How will they enforce this? (1)

Suydam (881) | more than 14 years ago | (#1664925)

I agree...enforcing many aspects of this law will be very difficult. However, tracking down the virus writer has already proven to be possile, and exciting for the media ... remember the Melissa virus? That guy was tracked down like a dog.

How about the Virus Construction Kits (VCKs)... (1)

Sun Tzu (41522) | more than 14 years ago | (#1664927)

...That come from Microsoft? Would those be illegal also? ;)

The internet wins again (2)

infojack (25600) | more than 14 years ago | (#1664929)

Ok, so i'm a finn and I can't put my viruses on a finn website. Boohoo, I'll just put them on a geocities website. My plan for a new goverment, is that everyone in a disicion making department must take a test on what they are trying to regulate. Uf they don't pass the test, they don't get to vote.

Linus Torvalds a fortune-teller..? (2)

Kitsune Sushi (87987) | more than 14 years ago | (#1664931)

"The decisive second reading of the Bill cites the offence as a catch-all "Causing danger to data processing systems". Under the terms of the new law this will be punishable by fines or by prison terms of up to two years. It is hoped to get the amendment into law as quickly as possible."

Maybe Linus moved to the U.S. because he peered into the future and knew this was coming.. Or, ah, maybe not.. Soo! Is it just me, or could just about any program "cause danger to data processing systems"? Does this thing have a provision for whether or not it was even intentional!? I mean, what if what you have is a program with a bug in it? Even if you didn't mean for the program to have a bug, before you even get it through the debugger you've committed a crime! At least, that's how it appears from that article. If I were Finnish, I'd be moving out of the country or giving up the idea of becoming a programmer. Ha!

No more fun (2)

dattaway (3088) | more than 14 years ago | (#1664933)

So, is playing core wars [ucla.edu] now illegal? Sometimes writing malignant programs attempting evolution on one's computer (or network!) is a great way to learn about logic, memory protection, and security. If one cannot experiment in their own room on their computer legally, there will be either secrecy or a bunch of mouse pushers come next decade.

A few thoughts... (1)

JM_the_Great (70802) | more than 14 years ago | (#1664934)

First, I think that has already been said, but is worthy of mention again, it will make hurt anti-virus companies trying to get copies of the latest virii.

Second, many people just write virii for fun to to test their programming skills. This would be hurtful to the Programming community.

Third, I know the first amendment dosen't apply outside of the US, but, this is still a violation of freedom of speech.

Fourth, how about the source code to a virus? It in and of itself isn't harmful, you have to compile it and execute it for t to do anything. I guess they actually outlawed the compilation of virii, not writing them.

Fifth, define `Data Processing Systems'?

That's my 1/50 of $1.00 US
JM

Virus definition... (1)

deefer (82630) | more than 14 years ago | (#1664935)

So the Finns have effectively outlawed all Micro$lop products, then!!! Hurray! :)

Think about it with this handy comparision guide...

Virus:
Spreads itself across your hard disk, and tries to make itself impossible to remove.

Micro$lop
Internet Destroyer 4.0

Virus:
Appropriates HDD space unnecessarily

Micro$lop
Turd '97

Virus:
Causes system crashes

Micro$lop
Win *

Virus:
Causes loss of data

Micro$lop
M$ Orifice 2000

Virus:
Can be a security risk

Micro$lop
SAM files

So Linus was the first; now the Finnish government is giving Bill a hard time :)

FUD from not reading the article? (1)

gleam (19528) | more than 14 years ago | (#1664936)

It's not really a long article, folks. Check out this excerpt, and note specifically the last line:

The law stretches a net to catch those writing, making available, or spreading computer viruses. This effectively means for example that anyone who keeps a virus program on their website that is available for downloading by visitors would become liable under the law. Liability for punishment is not limited to cases in which actual harm or hindrance is caused to data systems, or where the data or files of the infected system are corrupted or destroyed in the process. The intention to harm becomes the primary criteria for bringing charges,


The AV community WILL NOT BE HARMED by this. They may be put out of business, but even that seems unlikely. "The intention to bring harm is the primary criteria[sic] for bringing charges". Please folks, what Finland is doing isn't really bad for anyone except those Finns who want to do bad bad things with virii!

This needent go under YRO, since it is just another way to help slow "cyber crime" in Finland. Note also that downloadable code is just as bad, so don't put links to files. As long as you're an innocent, you're fine. Pleeeaaase read the article...it clears everything up.

Regards,
-efisher
---

Newsflash: Torvalds pursued by law enforcement (5)

Lucius Lucanius (61758) | more than 14 years ago | (#1664937)

HELSINKI (Reuters).

In a surprise move, an arrest warrant was issued by the Finnish police to capture Linus Torvalds under the nation's new "anti virus" law.

"The law states that any program that causes danger to data processing systems and is freely available for download by visitors is a virus," said Lt. Hakk Daeta. "The linux kernel poses a danger to Windows, which is a widely used data processing system. Many legal scholars have testified to this. And after Torvalds blatantly put out this virus, millions of PCs have been affected. He must be stopped."

Meanwhile, rumors persisted that Torvalds was seen on the Jerry Springer show, on an episode titled "My PC is too sexy". A man who appeared on the show wearing a paper bag over his head made the suspicious statement that "I am innocent. I just showed how it must be pronounced. It is lin-nucks, not line-ux."

Police are still searching.

Core wars isn't about writing virii (2)

cout (4249) | more than 14 years ago | (#1664938)

Core wars is about writing programs in redcode that attack each other. This is different from a virus which straps onto another program and replicates, often killing the host in the process, much like a virus that would attack a human. Okay, perhaps there is a fine line between these two, but here are some major differences between redcode programs and real programs:

1) redcode isn't a real machine language (or at least I don't know of any chips that understand redcode), so a virus-like program in redcode can't damage anything.

2) most real computers don't have 10000 or so bytes of circular memory.

3) if a redcode program could be ported to a real computer, it would simply crash the machine or be halted by the OS for violating memory protection.

4) most modern computers don't have instruction sets that include "mov 0 1" and the like -- making it difficult to port even the simplest of recode programs, the imp.

Computer virii are valid (1)

Hard_Code (49548) | more than 14 years ago | (#1664939)

What is wrong with computer virii? They are completely valid, and even subjects for scientific study. They are a learning mechanism also. They are intriguing and pose interesting questions. Will they outlaw genetic algorithms next? Maybe they'll outlaw sex because it is used in porn.

Re:Flamebait: "viruses" (0)

Anonymous Coward | more than 14 years ago | (#1664940)

Virus is a second declension noun (-us,-i,-o,-um,-o;-i,-orum,-is,-os,-is), so technically, its Latin plural would be viri, not virii

But, in medicine, the plural is always viruses, never viri. Perhaps this would be good way to distinguish between binary coded viri and nucleotide encoded viruses?

OFF TOPIC; but interesting debate. (2)

arcade (16638) | more than 14 years ago | (#1664941)

My plan for a new goverment, is that everyone in a disicion making department must take a test on what they are trying to regulate. Uf they don't pass the test, they don't get to vote.

I want something similiar. I want the "enlightened democracy" where everyone that wants to vote (for parliament, etc.) need to go through a test - to show that they know what they're voting at. 50 or so questions about what diffrent parties want. If you get more than 75% correct, you may vote. If not, you may go home and rehurse, and come back and take the test again.

The point is - nobody is going to be *excluded*. There should not be "right" and "wrong" meanings. The point is that people should know what they're voting at.



--

Re: This is WRONG (0)

Hard_Code (49548) | more than 14 years ago | (#1664942)

And will I be arrested if I have Communist literature on my website? How about descriptions of nuclear reactions? What if I only keep SOURCE to the virii on my site...is THAT illegal? This is ridiculous. I have downloaded virii binaries and source because they are excellent assembly programming tutorials! Banning them outright is stupid. This is a thought crime as somebody else mentioned...1984ish.

This is a good thing! (0)

Anonymous Coward | more than 14 years ago | (#1664943)

Actually, it's just like making a bomb. In most places, even building a large fertilizer bomb is illegal because of the damage it can do. Computer viruses should be handled the same way.

Re: Encryption/Decryption algorithms (1)

Hard_Code (49548) | more than 14 years ago | (#1664954)

Hmm...I guess nobody can post info on encryption or decryption algorithms because they can be used to avoid or break the law. Also I guess bugtraq lists cannot be on the web because they can be used to break the law. Whoops...there goes Packet Storm (well, it's not on a Finnish server luckily).

This is so stupid. Thought crime. Really stupid. How about banning the manufacture and dispersal knowledge in general? Knowledge is very dangerous. Led to guns and bombs and such. We should ban all knowledge. In fact, the ISPs are a party to this evil activity. We should shut down the net and live in caves.

Re:Etymology..... (1)

Hard_Code (49548) | more than 14 years ago | (#1664955)

Both. People who want to sound like they're more 1337 use virii...and I use it because it saves 2 keystrokes...

Philosophical debate, anyone? (2)

phrawzty (94423) | more than 14 years ago | (#1664956)

This new law raises intersting topic for debate. Here, we see that the government has banned the production and distribution of "something" that has, traditionally, been used for malicious and/or damaging purposes. Fairly straightforward.

However, upon closer inspection, we find an inherant flaw - what constitues the now "illegal" viral code? A somewhat sesible definition of a virus, can be found at "whatis.com/virus.htm [whatis.com] ". The key point in any defintition seems to be : "A virus is a piece of programming code inserted into other programming to cause some unexpected and, for the victim, usually undesirable event.". Again, decent enough.

However, what about "software patches" ? Upgrade packs, the (in)famous Microsoft "Service Packs [microsoft.com] ", and the like? Generally speaking, the user doesn't really have any clue how, or what, these are doing - beyond "fixing broken things". These patches insert their code into the parent program, usually modify the behaviour of the program in some way, and sometimes result unexpected results (option removed, feature added, etc..). That's all the criteria of a virus, right there. Should these be illegal also?

Back the the first point - we see the government trying to protect its people by banning "something" - specifically, in this case, viral code. Why this, and not many of the other "things" that are (primarly) harmful? The obvious selection - firearms. Why not ban guns? Or biological weapons facilities (most industrialized "1st world" companies have them, in some capacity)?

If we'd like to get a little paranoid/"Evil Future Governement" about it, we could go as far as to speculate that the government can (and will) start to ban all manner of things it considers "bad for you". Meat? Cow Milk? Free Speech? Ah, the wonders of Totalitarian government.

By now, many of you might be thinking "man, this isn't the x-files, our government won't go THAT far". Yes, you're probably right.. of course, you don't code viruses...
.------------ - - -
| big bad mr. frosty
`------------ - - -

Re:Hmmmm, (1)

JM_the_Great (70802) | more than 14 years ago | (#1664957)

Actually, Windows can crash your computer a whole lot faster, Melissa wasn't a virus, it was a worm. It didn't harm anybody/anything (s/e-mail servers). OTOH, Windows can crash 85% of all computer. So while Melissa was clogging e-mail servers, Windows was crashing those same servers.

That's my 1/50 of $1.00 US
JM

Re:Virus definition... (2)

radja (58949) | more than 14 years ago | (#1664958)

windows is not a virus. A virus actually does what it was intended to do, usually quite fast and efficient.

Re:Here's the text of the proposed law (0)

Anonymous Coward | more than 14 years ago | (#1664959)

So, if Microsoft would for example "produce or make available" Windows 2000 clients unable to mount Samba shares, they could be sentenced to [bad stuff]? Fun!

/AC

Re:Etymology..... (1)

radja (58949) | more than 14 years ago | (#1664960)

strictly speaking it would be viri..

Re:Students won't learn (0)

santeri (91589) | more than 14 years ago | (#1664961)

Umph, I never learned my CS through writing virii. Seriously, CS stands for computer science, not hacking without any scientifically interesting goals. Virii, demos and C00l waR3Z are something you write when you're 13 year old grease-haired loser in comprehensive school playing with your dad's Dell.

...or when I was in that age, it was VIC-20 or C-64 you co-owned with your equally grease-haired brother ;-)


______________

Believe it or not - I like this law... ;) (1)

Bero (93841) | more than 14 years ago | (#1664962)

If distributing virii is illegal, people will eventually have to stop using Windoze... ;) After all, by copying anything from a Windoze box, you run the risk of distributing an unknown virus... ;) Come to think of it - it's coming from Finland, where Linus comes from... A conspiracy??? ;)

Virii aren't in-and-of-themselves *bad* (1)

Anonymous Coward | more than 14 years ago | (#1664968)

This summer I was approached by my project leader and told that in order to do the neat little things on our embedded system that we need to do, we have to write a virus (really more like a trojan horse, the details of which I can't discuss, sorry [NDA]). Now, we're the makers of the embedded hardware and the software that runs it. Acording to this article, I would have been arrested just for doing my job! This also means that Finland cannot purchase any new versions of our product because it intentionally contains a non-destructive trojan horse! How rediculous is that? Somebody needs to get slap happy with the clue stick. I'm getting tired of beaurocrats making decissions based on a common wealth of ignorance. Just because some program is masqueraiding as another program does NOT mean that it is malicious in nature. In this case, the trojan horse approach is a saving grace! There would have been no feasable way of doing the same process without tricking the embedded OS into thinking that our program (trojan-horse) was something that it was not. The OS just wasn't designed that way.

Re:Linus Torvalds a fortune-teller..? (0)

Anonymous Coward | more than 14 years ago | (#1664969)

Actually, I think a lot of responsible users and administrators are opposed to any stealth remote administration tools.

I don't sense an opposiiton in general to remote administration tools, whatever their origin. If BackOrfice is intended as a useful tool, and not a tool for thugs and criminals, it should leave an obvious traceable footprint on any machine it is running on. Like a bitmap of a big friendly animal of some sort displayed on the screen, or an icon on the system tray. The fact that stealthiness seems to have been a primary design criterion shows that it's intended as a cracking tool, not a productivity tool.

The question of intent comes into play when these sorts of issues arrive at a court for interpretation. As well they should. No amount of weaseling on the part of a bunch of criminals can nullify that fact.

Re:Hmmmm, (0)

Anonymous Coward | more than 14 years ago | (#1664970)

Any hammer can crash your computer as well. I am sure semantic cleverness isn't going to subvert this law.

Re: Encryption/Decryption algorithms (0)

Anonymous Coward | more than 14 years ago | (#1664971)

A screwdriver can be used to break the law.

But a screwdriver's primary use is not to break the law, nor is that it's only purpose in being created.

Clever word games don't obscure the fact that viruses are written solely with ulterior motives in mind. No matter whose brat is claiming to the contrary.

Re:Here's the text of the proposed law (1)

Bob Ince (79199) | more than 14 years ago | (#1664972)

produces or makes available a computer program or a series of program commands designed to endanger data processing

Hmm. Could that be a loophole? What about a virus intended merely to spread, not actually to mangle everyone's data - a payload-free virus. Which would generally tend to spread more easily than a malicious one.

(Of course, many viruses can cause damage without intending to do so, generally because the writer is a bit crap at it.)

makes available instructions to produce a computer program

This is, of course, a lot more worrying, as it affects not only the writing of viruses but the writing of anti-virus software. But then, sometimes the AV companies behave at least as dodgily as virus writers. ;-)


--

Re:UH OH!! (0)

Anonymous Coward | more than 14 years ago | (#1664973)

You don't think the law will be well defined?

Surely you've been around long enough to know that laws can be clearly written and administered.

On the subject of Back Orifice (1)

Outlyer (1767) | more than 14 years ago | (#1664974)



Just because people think Back Orifice = Virus, or Back Orifice = trojan, or even that Back Orifice = rootkit, I thought I should explain that it is none of the three. It posseses none of the characteristics of a virus, trojan or rootkit. (It can be PART of a trojan, it can be used to implement a rootkit) In reality it's only a remote control system, not unlike PCAnywhere. It just happens to be stealthy.

Re:Interpeting laws loosely... (1)

Mawbid (3993) | more than 14 years ago | (#1664975)

Actually, if memory serves, and if what I read was true, all Americans who own a computer, a modem, and a communication program are guilty of the same crime they put Bernie S away for. What was it again?
--

Re:hmmm. (3)

arivanov (12034) | more than 14 years ago | (#1664976)

The cite does not post the full document. From what is posted it is actually much more reactionary than you expect.

It looks like the subject is any program that endangers data systems. Ergo this also covers exploits and intrusion software.

The direct result is that if I download/keep intrusion/exploits on my computer in order to develop security fixes for them or test if my machine is vulnerable I am a criminal.

This also renders rootshell, insecure.org and bugtraq illegal for hosting and potentially reading (don't you love netscrape and IE for saving cached copies on your machine ;-) in finland.

Overall the information is rather scarce but this seems to be even worse then the recent AU censorship showdown.

Re: Virussissititusses (3)

Tom Christiansen (54829) | more than 14 years ago | (#1664977)

Virus is a second declension noun (-us, -i, -o, -um, -o; -i, -orum, -is, -os, -is), so technically, its Latin plural would be viri, not virii
Actually, it's rather more complicated than that. You're thinking of 2nd declension masculines. Virus was one of the rare 2nd decl neuters, like vulgus, cetus, and pelagus. These rarae aves did not inflect by changing -us to -i; they were irregular at best, and generally invariant. Virus was also not a count noun, but a mass noun.

It's even possible that virus pertained not to the second but to the fourth declension, which would change the matter as well.

The word becomes invariant in most modern languages, but for some reason, English elected these viruses rather than *these virus as one might otherwise expect from the modern Romance tongues.

You can read Far More Than Everything You Ever Wanted to Know about The Plural of Viruses [perl.com] if you'd like.

Re:Linus Torvalds a fortune-teller..? (1)

magi (91730) | more than 14 years ago | (#1664978)

So, you are right, we Finnish programmers really should move to a country where you can't walk in the wrong street without getting shot (and it's possible to buy guns from nearest grocery store), where exporting and importing crypto is illegal, where everyone doesn't have a right to get social security or homes, where public swearing (in front of women and children) is forbidden in some places, where you must be married to live in same rental apartment with a woman, where only rich people can have any kind of justice or security, where people are lawfully murdered by the goverment, where politics are more like a joke......

Well, these were just a few (only slightly exaggerated) points which popped to my so-empty mind...and yes, I know there are some opposite points too. So does one idiotic law matter? It may suck, but not THAT much...

But most importantly, neither would I now be studying nor possibly would Linus (I'm not sure how rich his parents are) have gotten his master's degree, if we had lived in certain-other-country where studying CS costs about $10,000 a year more...

Back to the matter; putting the idiots in the parliament to take an exam in computer security before voting might have been a good idea... And yes, this isn't the first idiotic law they've made...

There's also one common reason for some of such laws; the police can't get a search warrant for crimes that can only get less than 6 months of jail.

Well, don't mind my rant...

Re:Flamebait: "viruses" (0)

Anonymous Coward | more than 14 years ago | (#1664981)

Actually, this has been the subject of learned debate on comp.virus and alt.comp.virus at times.

Good! I've always thought that if you give children something else to do, they won't spend all their time breaking the other children's toys.

Any suggestions for other ways to encourage topic drift on those newsgroups?

Re:No worry for virii (0)

Anonymous Coward | more than 14 years ago | (#1664988)

Why not just outlaw computers entirely? (since you're proposing outlawing 95% of them)

Re:FUD from not reading the article? (1)

cdp (29591) | more than 14 years ago | (#1664989)

Kudos to gleam for actually reading the source article before posting an opinion! (I don't have time to list all the counter examples. You know who you are.)

That said, I agree about the intent of the law but must respectfully disagree on its likely effect. "Intent to do harm" is one of the crucial deciding factors. I expect the lawmakers are not entirely clueless and intend to apply this to the person/entity (potentially) being prosecuted, and not just to the virus itself. Even so, the Finnish AV community will have to jump through unaccustomed hoops in order to avoid prosecution.

How will an Finnish AV researcher make a new virus, or information about a new virus technique, available to other AV researchers and reasonably expect the information will not also be used for harm by anyone at any time? Claiming ignorance may be a good defense for the casual computer user, but how could an AV researcher claim to be ignorant of the potential harm or potential misuse?

Re:Etymology..... (2)

Tom Christiansen (54829) | more than 14 years ago | (#1664990)

Strictly speaking it would be viri..
Nope: it was not a 2nd decl masculine. It was more like "vulgus", "pelagus", or "cetus", which were 2nd decl neuters. It may even have been a 4th decl neuter. See this article [perl.com] on the matter.

heh. :) (2)

Kitsune Sushi (87987) | more than 14 years ago | (#1664991)

Slight exaggeration doesn't even -begin- to cover what you said in the first paragraph if you are talking about the U.S. heh. More like some things blown wildly out of proportion and others total fabrications. :) Makes me wonder what sort of things most people -really- think about the U.S., since I know a lot of total -fools- who think we still ride horses to school/work in Texas. Gaahh! The idiocy.

My making light (that is, making humorous [!?] comments) about the subject is my usual style of reaction with regards to something so patently ridiculous as that law seems to be from what that article suggested. To be honest, I wouldn't move or give up programming, I'd try to get the law changed. At any rate, if that article is indeed accurate as far as that goes, "suck" doesn't even -begin- to describe that law.

And yeah, even though your comments in your first paragraph were a little "off", every country has a good number of incredibly stupid laws, past and present (ugh.. CDA.. blah!).

What a Bunch of Wankers (2)

Chasuk (62477) | more than 14 years ago | (#1664992)

What a bunch of wankers. The Finnish government passes a law which makes it easier to prosecute the miscreants who write and distribute malicious code, and you all whine about it. Laws exist to prevent the evil minority (murderers, rapists, thieves, arsonists, etc.) from harming the innocent majority. The next time some asshole vandalizes your car, how happy would you be if the judge let him go because jailing him would violate his civil liberties and deny him his freedom of expression?

Vandal: "I wasn't vandalizing his car, your Honor, I spray-painted it as an expression of my artistic individuality."

Judge: "Case dismissed."

Every human endeavor can be justified by someone. Yes, there might be some legitimate reason to write a program which formats the hard drives of complete strangers, but I'm sure the Unibomber felt justified, too. I know, it is very popular to bleat about any percieved limitation of human rights, but can't you resist the temptation once in a while and use your brain instead?

Remember that to the Iraqi government, one of their nationals who wrote a program which attacked all *.gov addresses would be a freedom fighter. To us, he would be a terrorist. No, I really don't care that someone sits in the privacy of their own home and write virii with incredibly destructive potential. I guess it is good intellectual exercise. However, if that virii gets distributed, intentionally or otherwise, then the author should face the consequences.

'But your Honor, I didn't mean for the super-toxin I formulated in my kitchen to escape into the outside world and poison millions of children. I designed it to kill rats in my cellar. Honest!"

"Case dismissed."

And do you know what? Even if the Finnish law does criminalize the mere writing of virii or trojan horses, I don't care, either. It is against the law to build bombs in your basement, as well. "But I need the intellectual exercise! My cerebral cortex was getting flabby!" Read a fucking book. The library is full of 'em.

Lastly, no one will KNOW that you are secretly concocting virii or trojan horses in your basement if you don't distribute them. If you are breaking the law and are such a dork that you are publicizing the offense, you deserve what happens to you. "But it is my RIGHT to distribute the fruits of my intellectual endeavors!" Or: "It is for educational purposes only!" Yeah, right. And the links to cracks on www.astalavista.box.sk aren't really intended to be used by anyone. How about putting a bowl of poisoned Snickers in a busy shopping mall. Put a big sign above it that says "DO NOT EAT - DEATH WILL RESULT IMMEDIATELY." Put it in multiple languages. I'm sure the judge will be lenient when you explain that it wasn't YOUR fault that anybody died. You were merely the distributor, and you DID put a disclaimer!

This is unfortunate, virus writing can be positive (0)

Anonymous Coward | more than 14 years ago | (#1664993)

The programming of viruses is what got me into programming in the first place. I simply would not be interested in it, if it weren't for virii. It's a fascinating area of programming, and its startling as to how similiar the mechanisms of a computer virus, and a biological virus are. I think virii fascinate me, because they're essentially very primitive, but effective AI programs. I've never intentionally release one "into the wild" (one did escape once, however. Ah, the Amiga days!) Virus writing is to programming, what Tic Tac Toe is to games. Of course, if you just want to destroy stuff, you can go to hell ;)

What about BO2K? (1)

c-A-d (77980) | more than 14 years ago | (#1664994)

What about a potentially valuable tool like Back Orifice or even Microsoft's remote registry editor?

BO is considered a virus by many but isn't. It's a program. But the question is, would a Finnish Court see BO as a virus?

What the world doesn't need is knee-jerk reactions from people who aren't knowledgable enough about the topic.

I conclude that the Finnish Gov't doesn't understand the problem and has crafted a typical, beaurocratically inept response to a problem.

The protect of a computer system is the responsibility of the sysadmin/user.

We've gone over this before... (1)

Chandon Seldon (43083) | more than 14 years ago | (#1664996)

And most of the other "remote administration tools" for Windows can hide using similar meathods (well, mabie not acting as an explorer.exe thread, but then that's just a Neat Trick(TM))

Re:What classifies as a virus? (1)

kevlar (13509) | more than 14 years ago | (#1664999)

You've completely missed my point. My point is that in the mainstream the term "virus" has been used for trojan horse "programs" or whatever you want to call it. How are these terms defined, and how can this definition keep coders clear if they have a nasty bug in their code.
Don't bother responding, I already have the answer.

Re:Is BackOrifice A Virus? (0)

Anonymous Coward | more than 14 years ago | (#1665001)

If the intention of the BackOrifice creators was to create a systems management tool, why did they do it in such a way that the tool itself is unmanagable? Why doesn't it appear clearly in the system tray, leave obvious traces that it has been installed, and make it obvious to the computer's user that it is present? It seems to me that those are several critera for any useful systems management tools.

Because they went to a great effort to make it a stealth tool, they clearly identified themselves as malevolent crackers, not useful tool developers.

Hmmmm, (0)

Anonymous Coward | more than 14 years ago | (#1665008)

Intresting, but how will they "Decide" what a Virii is.. Like Windows Can Crash Your computer just as easily as the Melissa Virus can... Does that Mean Finns can't use Microsoft Windows?


-GRiM

What classifies as a virus? (2)

kevlar (13509) | more than 14 years ago | (#1665009)

Alot of the lame trojan virii out there are just regular programs that do funky-ass stuff when you execute them. Does that classify as a virus? They're technically just programs where the does not know the effects of it. When the user is stupid enough to execute something he/she doesn't know the effects of, does that still make it a virus? Most of this I've been assuming is media misrepresentation of the term 'virus'.

UH OH!! (0)

Anonymous Coward | more than 14 years ago | (#1665010)

I guess it's illegal to sell Windows there now!!

Ha ha ha!

Please define a virus. I guarantee that this law
can outlaw many "legitimate" pieces of software.

--Michael Bacarella

Re:Something for YRO? (1)

Bloater (12932) | more than 14 years ago | (#1665011)

And how will virus researchers identify techniques to look for with their scanning software if they can't write viruii to test their ideas in a sandbox?

It's as bad as the suggestion to outlaw using software in a manner for which it was not intended, which stops administrators from securing their systems from criminals.

This is very poorly thought out.

--

Re:How will they enforce this? (2)

DaveHowe (51510) | more than 14 years ago | (#1665012)

remember the Melissa virus? That guy was tracked down like a dog.

If I recall correctly, they managed to track him because he had used MS Word (with it's little namestamp "bug") to generate the macro, and they could relate that to an identical namestamp on a document he had posted publicly. This isn't going to help for non-macro virii, and in any case, is there anyone out there that DOESN'T patch that off these days?

Thought Crime (2)

lee (17524) | more than 14 years ago | (#1665013)

Hmm, what worries me is the "no actual damage need be done" part. I think that regualtion of behavior was based on _impact_ to society.

I think all governments would do better to strike laws that regulate non-harmful behavior than to make up laws against behavior that is potentially harmful. Intent is difficult to judge at times. Damage is pretty clear.

That said, my remaining question is: Was it actually legal there to cause harm not _danger_ to data processing systems. Why did they feel the need to pass this law?

Flamebait: "viruses" (0)

Anonymous Coward | more than 14 years ago | (#1665014)

Shouldn't the plural of "virus" be "viruses"?
"Virii" may be the plural of "*virius".

Ouch (2)

substrate (2628) | more than 14 years ago | (#1665015)

This sounds too far reaching. If distribution is illegal then what happens to valid research? Somebody needs to write anti-virus software. What about accidental distribution? If I accidently infect some computers in my workplace and have a troglodyte for a boss could he accuse me of breaking the law and have me carted away? Sure, when it comes to court I'd probably be exonerated but in the mean time my reputation will have been damaged.

Virus distribution should be illegal in the same way vandalism is. You can carry around rocks and bricks without breaking the law, use those rocks and bricks for vandalism and you do break the law.

I really feel a bit strange about this. I think anybody who writes a virus for the purposes of infecting anybody should be locked up, but from an intellectual point of view they're very interesting.

No worry for virii (2)

.pentai. (37595) | more than 14 years ago | (#1665016)

Isn't this partially why we (well, most of us) run an alternative OS, so that virii are not a worry?

So you see .fi, you don't have to really outlaw virii, just outlaw Windows and the virus problem disapears, afterall, only root can truly screw a linux system over...

Definition of a virus. (1)

LES.. (1366) | more than 14 years ago | (#1665017)

It will be very interesting to see the definitions set to test if a bit of code or program is a virus or not.

Seeing as any code fragment could be incorporated into a virus will this effectively outlaw coding?

To quote from the article

the Bill cites the offence as a catch-all "Causing danger to data processing systems".
Now call me paranoyed but this seemes a little too general... Will this also be extended to bugs in opperating systems that cause 'danger to data processing systems'?

LES..

They won't enforce it. (1)

pirkka (4031) | more than 14 years ago | (#1665018)

The idea is that when you have written virii and sent them out to get all the innocent WIN9X users the governament will only have to prove you wrote them - not necessarily that you lauched them. Or if you have a group and one member is only writing code for the virii he can be prosecuted too.

Executive Summary: No-one will be behind your door to examine your hard disk without some other evidence against you.

--
Pirkka

Re:Virus definition... (0)

Anonymous Coward | more than 14 years ago | (#1665019)

What company is this Micro$lop you kept mentioning?

I've never heard of such a company.

Re: Encryption/Decryption algorithms (0)

Anonymous Coward | more than 14 years ago | (#1665020)

Simple explaination for simple mind:
Are wanting "good guys" to be able to see virus sorce code so they can defend self against "bad guys" more easily, yes?

Re: This is WRONG (0)

Anonymous Coward | more than 14 years ago | (#1665021)

Getting kind of touchy, because your hobby might become illegal?

Serial killers have a hobby that's been made illegal too.

Re:hmmm. (1)

UnknownSoldier (67820) | more than 14 years ago | (#1665022)

Does this also apply to Macro Viruses/Virii ?

There wouldn't be a problem with virii if the dam virus writers would just keep the bloody things ONLY on their systems.

re: Outlaw Sex... (0)

Anonymous Coward | more than 14 years ago | (#1665023)

There are some areas of the USA where sex is verry nearly illegal anyway...

Ha ha ha. Funny. (0)

Anonymous Coward | more than 14 years ago | (#1665025)

You make a statement with no evidence. You are full of bullshit.

Re:The internet wins again (1)

D. Taylor (53947) | more than 14 years ago | (#1665027)

Except, to get the virus FROM Finland ONTO geocities, you need to 1) write the virus, then 2) transmit the virus.
Thats illegal under the new law. Its not just storing the virus, its writing/spreading/storing the virus which is illegal. To get round this law, you need to fly to the US/UK/Anywhere, write the virus, upload it somewhere, then go back home.

Actually, what happens if someone outside finland stores in on a free homepage service based in finland (are there any? I dont know of any, but I assume there are)?

Are the webspace providers liable?
--
David Taylor
davidt-sd@xfiles.nildram.spam.co.uk
[To e-mail me: s/\.spam//]

Vague or merely ill-considered? (1)

cah1 (5152) | more than 14 years ago | (#1665028)

The concept is admirable, but as with so many worthy concepts when the parliamentarians get a hold of things, the end result isn't normally worth a jot.

The phrase quoted in the article, "Causing danger to data processing systems" - is that too vague to be meaningful or too ill-defined to be useful?

The trouble with clauses like that is that they have to be very loosely defined otherwise loopholes will appear all over the shop, but by defining things loosely you'll make charges tough to stick. QED.

When is a virus not a virus? As has been pointed out, anti-virus software might be a little tricky to write. More though, obviously there's an element of intent to this, but we've all written silly mistakes which have had unfortunate repercussions - do they count?

I'm on (like many other /.ers I imagine) the BUGTRAQ mailing list, while it doesn't distribute virii it does tell you how to replicate potentially damaging security flaws, does having those mails on my system count?

Nice idea, though, we shouldn't necessarily chastise them too much for trying!

Latin/Suomen parliament? (1)

Kartoffel (30238) | more than 14 years ago | (#1665031)

Can anyone confirm or deny: One time I heard that the official language of the Finnish parliament was Latin. (I haven't a clue why)

quid quid latine dictum sit, altum viditur

Re:Flamebait: "viruses" (1)

ChazeFroy (51595) | more than 14 years ago | (#1665038)

The plural for "virus" is viruses [dictionary.com] .

There is no entry for virii [dictionary.com] .

Italy was faster... (1)

MS (18681) | more than 14 years ago | (#1665039)

In Italy we have such laws since 1994 if I remeber well. According to the law it is forbidden to write or distribute any program, which changes or deletes data on your system or does some action without you knowing it. It is even forbidden to write or distribute programs with bugs. This leads to consider nearly every program as outlawed, since many commercial software (and not) tend to write configuration files, logfiles, change some settings, registry, overwrite data, crash, hang, and other things you didn't expect it to do.

But in Italy we don't bother much about such laws, as we have learned to not interpret the laws so strictly.

Our motto is: take it easy!

:-)
Markus Senoner
--

Students won't learn (0)

speek (53416) | more than 14 years ago | (#1665040)

So much for CS at Finnish Universities.

virus distribution (1)

Anonymous Coward | more than 14 years ago | (#1665041)

i hope one cannot be held responsible for "distributing" a virus such as melissa that does so on its own... just my $.02

Re:Trasmitting is illegal? (1)

Kythe (4779) | more than 14 years ago | (#1665042)

This is actually an important point -- I wonder if they considered it.

Kythe
(Remove "x"'s from

How do you define a "virus"? (0)

Anonymous Coward | more than 14 years ago | (#1665043)

Perhaps now we can get rid of that dreaded microsoft virus (the one that destroys data and crashes computers all over the world).

Or perhaps even better, completly outlaw this new gnu virus. A virus not only affecting computers but also a one that seems to bee able to transform normal placid geeks into rabid free software fundamentalists.

Not a threat to AV (1)

akey (29718) | more than 14 years ago | (#1665044)

"The intention to harm becomes the primary criteria for bringing charges"

At least according to the above, someone who got a virus, and sent it to a anti-virus vendor would not be prosecuted. It seems to be more of a blanket method for going after the authors themselves, the various sites that post viruses for "educational" purposes, etc.

Re:Flamebait: "viruses" (0)

Anonymous Coward | more than 14 years ago | (#1665045)

no. virus is like alumnus/alumni... (latin...what a crazy language...)

Finland is the blackhole of news or what? (2)

Anonymous Coward | more than 14 years ago | (#1665046)

I don't have any comments on the subject at hand, i just want to comment their news value.

I happen to live in Finland at the moment and well, im a regular slashdotter. And yes, im a bit amazed to see 2 news headlines about Finland. Well, im not amazed because of the amount of headlines but because of the topics! Man, who reports this stuff ? HPY has been creating this virtual Helsinki for years and making virus distribution & writing them has been a headline aint so new thing at all. IT Media has been talking about this for quite some time now.

Btw, Nokia has prototypes of those 'cellphone-digitv-browser' thingies allready. Someone with a good scanner should post those pics. (Check out last Tietoviikko!)

What about proof-of-points? (1)

korpiq (8532) | more than 14 years ago | (#1665047)


I understand the standard way of handling security problems at, say, international bugtraq lists, is to publish source for a test program that exploits said problem. So an important method of security development would be illegal in Finland.

Isn't this exactly the same point as with efficient encryption? If you prohibit it, only criminals will use it, leaving everyone else more vulnerable. Hey, software is not totally alike guns.

Gotta contact someone at the govt.

Re:Linus Torvalds a fortune-teller..? (1)

mpe (36238) | more than 14 years ago | (#1665058)


"The decisive second reading of the Bill cites the offence as a catch-all "Causing danger to data processing systems".

Exactly what definition of "virus" is being used, note that certain anti-virus companies appear to be very much against any free/shareware remote administration software for Windows.

On the other hand maybe this will lead to Windows (or at least MS Office) being outlawed...

Virus writing banned in Finland (2)

Gorgonzola (24839) | more than 14 years ago | (#1665059)

This is not new in Europe. The Netherlands has some quite tough laws on even possessing virii since the early ninety's.

Re:Flamebait: "viruses" (1)

Kythe (4779) | more than 14 years ago | (#1665060)

Actually, this has been the subject of learned debate on comp.virus and alt.comp.virus at times. The consensus is you're correct: using some sort of quasi-Latin plural "virii" is incorrect. It should be "viruses".

Note: I am not an expert in Latin. I simply relay the opinions of those with deeper knowledge than mine.

Kythe
(Remove "x"'s from

Define? (0)

Bud^- (70689) | more than 14 years ago | (#1665061)

Who exactly defines what is and what isn't a virus?

What about non harm full programs that "appear" to have virii traits?

An AI program that forks and multipies and spreads it's self around a close network with premission to do so from the oweners, is that illegal.

What about research?

Who says what is an isn't?

Lost irony (1)

gad_zuki! (70830) | more than 14 years ago | (#1665062)

Is it completly lost on the Finnish legislators that 99.999% of the people who use and distribte virii do it not only against their will but usually without knowing it until everything comes crashing down. There must be a finn word for irony.

Good luck enforcing it - Oh no, someone must have sent me this virus, I swear I didn't know I was passing it around! says the guilty virus writer.

If we *HAVE* to move into a fascist state I'd rather they handle someone's complaint on getting a virus by administering a ruthless beating for not using decent virus protection on their windoze machine. Heil!


Overly broad phrasing, anyone? (1)

mosch (204) | more than 14 years ago | (#1665063)

While I'm not opposed to the distribution of virus for non-benign purposes, the phrase 'causing danger to data-processing systems' is incredibly broad. If I'm doing database development, and I somehow manage to bonehead the SQL so it says "DELETE * FROM users WHERE username LIKE '%'" under a rare condition, I just wrote a program which causes danger to data-processing systems which is actually just a bug.

I think it'll be a long time until anybody knows if this law was an intelligent move or not. It's certainly well-intentioned, but the possibilities for abuse of enforcement do exist.

Here's to hoping that Finnish judges are saner than their counterparts in America.

Re:Linus Torvalds a fortune-teller..? (0)

Anonymous Coward | more than 14 years ago | (#1665064)

So don't write code that has bugs. Problem solved. :)
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...