Hi,

Recently I have noticed that, Malware Programming and distribution is illegal and can get arrested including additional fines (few being $500,000+). However Game Cheat Programming is not too much seriously taken in account by the law.

I agree Malware breach multiple laws - privacy, money laundering, financial fraud, Hacking and Computer Act.
However Computer Game Cheat programming is not too different in the sense it has huge Black Market commercial potential and can easily breach multiple laws -

Financial Fraud, Hacking, Defacing, Reverse Engineering, Illegal Distribution, Computer Act Misuse and more.

For example if a Game Cheat Development for Casino\Betting games take place, surely the attacker can steal Millions of Dollars worth Game Currency.

I am not saying Malware Programming should be legal, but I am saying other crimes are not taken into account as much as Malwares\Hacking is taken in general.

What Do you guys think? Should Governments enforce more Game\Entertainment regulations relating to Game Cheat programming ?

Recently I have noticed that, Malware Programming and distribution is illegal and can get arrested including additional fines (few being $500,000+)

Malware programming isn't illegal neither is "Game cheat programming". You can program them all you want. But once you use it (Or someone else and you don't have the right legal protections in place) to commit a crime then you are breaking the law.

I could program all the malware I wanted to and the FBI or police or whoever could not arrest me just for programming it. But if I then used that said malware access and do whatever with other peoples computers, servers, websites, whatever I would be breaking the law unless I had their authorized permission.

Game "hacking" is generally only against the EULA or TOS associated with the game. As such, pursuing each hacker is on the company that created the EULA/TOS to uphold it. It's not against any particular law to hack into a given software.

However, it's my understanding that there are particular laws about privacy and software that takes data without consent of the user (I'm looking at you Microsoft). I believe there are work arounds for this sadly and it's mostly not upheld because its not know from which source data is taken.

Alas, if you develop malware or game exploits for the intent of using them or letting others use them, have assurance that you are a douche bag and I hope someone legally owns your ass.

I'm no lawyer, others should confirm.

Your example of a Game Cheat program that modifies data for an online casino would fall under Wire Fraud: http://www.law.cornell.edu/uscode/text/18/1343

The truth is much of what is nefarious like this is already covered under laws that are already written here in the US (I can't say for other countries on this forum). The only reason new stuff is written is to make the people that are too stupid to understand technology feel like something is actually being done to protect them. All it ends up doing is put the few people who get screwed over by these laws in more trouble.

The CFAA (Computer Fraud And Abuse Act) is a perfect example of this kind of crap. Everything written in this piece of legislative garbage was already covered, and the only thing it served to do was make a few troglodytes feel better about themselves while making otherwise honest people into criminals. To clarify a common misconception this act only protects banks\investment firms\etc. and government computers, so anything that this Act was intended to prevent was already covered under laws regarding fraud, theft of service or espionage.

EDIT: Sorry about the rant, I'm done now.

My understanding of UK law is that if a program is found on your computer with the potential and intent to do harm to other users or their machines, it is considered an offence, even if you did not release it.

Mats wrote:
My understanding of UK law is that if a program is found on your computer with the potential and intent to do harm to other users or their machines, it is considered an offence, even if you did not release it.

I personally highly doubt that is true (Though I don't live there so I can't say for a fact and don't really have time for the research right now) and even if it were true it probably isn't upheld. Mainly because anyone that got infected by someone else unknowingly is then breaking the law just for being the target of some malicious person.

Also there are many penetration testers in the UK and if that were true none of them could do their job because they would be breaking the law just for having their tools...

Computergeek01 wrote:

The truth is much of what is nefarious like this is already covered under laws that are already written here in the US (I can't say for other countries on this forum). The only reason new stuff is written is to make the people that are too stupid to understand technology feel like something is actually being done to protect them. All it ends up doing is put the few people who get screwed over by these laws in more trouble.

I wholeheartedly agree with you on that point. There is no reason for most of the new laws since like you said all the offenses are already covered under other laws we already have (But don't uphold).

I really do think they are trying to make the legal system as complicated as possible so most of the citizens can't understand it one bit.

But that is a whole different topic.

My understanding of UK law is that if a program is found on your computer with the potential and intent to do harm to other users or their machines, it is considered an offence, even if you did not release it.

More likely it would be considered evidence if you were accused of a computer-related crime.

Mainly because anyone that got infected by someone else unknowingly is then breaking the law just for being the target of some malicious person.

I'm assuming Mats meant that you had the sources and/or the program in deployable form (as a crude analogy, having smallpox and having a gun that shoots smallpox darts are clearly distinguishable), not just the binary.

Hi,

Thanks! For the information, I learnt a lot anyhow there are atleast 1000x more Game Cheater\Exploiters than there are Malware Black Hats. The problem here is the Malware Black Hats are being targeted again 1000x more by the FBI & Law.
I can see a big future in Black Market being involved in Game Hacking, I would assume a hack for Casino\betting games would be around $100,000 easily.

Additionally, many Game Hackers with programming experience can easily be dragged into "World Of Malware(s)". Maybe Malwares cause more concern but Game Hackers are not taken as seriously as Malware Outlaws

Be honest here, who would you rather arrest without much information - Game Hacker OR a Malware Outlaw.
Most would say Malware Outlaw especially because they are more or less deemed more dangerous by the media.

So I want to ask is do you thin Game Hackers should be on same crime level as Malware Outlaws.

It depends what game you're hacking. If you hack games in which serious monies are involved, such as hacking online poker games or casinos for example, then I think it probably would be taken as seriously as a 'malware outlaw' (love this turn of phrase btw), but if you're just hacking Minecraft, I don't think it would be taken as seriously and nor do I think it should be.

@helios - That is what I meant. : )

Your logic is lovely however even basic Malware Developers get arrested whereas some Online Game Hackers don't, while they not only break TOS\EULA's of the Game but also steal Online Game Currency which have real value in money.

So I want to ask is do you thin Game Hackers should be on same crime level as Malware Outlaws.

Well it all depends. There are many shades of grey in this subject it isn't just black and white. Not all Malware are on the same level.

For example if someone just installed a Trojan on their significant partner's computer to see if they were cheating most likely cops and courts could care less for the most part. Whereas if someone else was using the same Trojan to steal people's identities it is a completely different story.

The same goes for Game Hackers. Some do it just so they can have the coolest stuff in WoW, while others do it for profit (Usually selling gold, selling a bot or cheat or whatever).

Then there is your example of Game Hackers creating a hack to steal money (Whether it be knowing the cards in blackjack or what the next roll is in roulette or whatever).

For the first two they aren't really breaking the law they are just violating the games EULA or TOS so no I don't think they should be punished criminally personally.

As for the casino example yes they should and currently are on the same crime level and "Malware Outlaws" as you call them.

EDIT:

steal Online Game Currency which have real value in money.

The difference is they aren't stealing real money. They are "stealing" made up money. It might have real value to some people but in the end it is made up money.

Lets look at the example above of where someone makes money from creating lets say a Bot for WoW and either sells it for $100 to whoever wants it or uses it to farm gold.

In the first case (Where he sells it) he is selling a program he made and that doesn't break any laws (That I know of). So he is making money off his work of making the program which is different then stealing money from other people or a company (Which is what is happening in your online casino example).

In the second case (Where he bots and farms for gold to sell to others) yes he is making money and sometimes good money but he isn't stealing it from a company or other players. He is making the money by selling fake money to people that might want to buy it. While I don't agree with people who do this they aren't breaking any criminal laws (They are breaking the games EULA and can and should get banned).

they not only break TOS\EULA's

TOSs and EULAs are contracts, so their breach belongs in civil, not criminal, courts. That is to say, you can't get arrested for breaking a contract.

but also steal Online Game Currency which have real value in money

I think you might be using the term "steal" a bit too broadly. Can you cite a particular example?

@ helios: I think this was actually a common thing on WoW for awhile since at one point: http://us.battle.net/d3/en/forum/topic/5152409863

They would do something like grab the compromised accounts character take them into a private meeting and dump all of there goods out. But that didn't really involve malware.

That's unauthorized access, which is an entirely different thing from cheating. I think that actually is against the law in many places.
If that's what OP is mainly referring to in the question "should governments enforce blah blah blah", then my answer is "no", because who gives a crap.

helios, dude, you literally took that out of a sentence that explained that its up to the creator of the TOS/EULA to uphold it. wth

First of all, I can't even remember when I read your post, and you expect me to remember everything you said in it? I didn't take that out (or if I did, I'm not aware of it. Unintentional plagiarism etc.), I merely pointed out a legal fact that apparently continues to elude OP.
Second, that's not what "literally" means.
Third, you can call me His Dudeness.

First of all, your an ass.
Second of all, that is a correct use of literal since that's exactly what happened.
Third of all, you can't remember a post that takes maybe three scroll ticks up to read? Are you kidding me?

Everyone grab an ice cold beer & chill!

:)

First of all, your an ass.

What's with the sudden and gratuitous aggression?

Third of all, you can't remember a post that takes maybe three scroll ticks up to read? Are you kidding me?

I'm honestly not sure what you're getting at or what's gotten you so upset. It sounds like you think what I did was actual plagiarism comparable to taking someone else's book and putting my name on it, and so I should explain myself, since there's no way I could have made an honest mistake.
That's not it, right?

No, you quoted my text, then claimed you didn't know it was my text after seemingly demeaning the context it was taken out of. If you say it's not intentional, I would normally believe that but you've done it in other posts where you've tried to basically make a mockery of my points.

In one post, I mention that ncurses is a valid curses implementation for Windows despite popular belief. You then say that nobody even mentioned that and imply its not relevant.

In another post, I criticize your method of flow control. You then say nothing but, "uh, your point is?" which implies that you don't believe its relevant.

Now, you're taking my quoted text, placing it in your own post, and saying the exact same thing I said in the context you took it out of which demeans the relevance of my post.

Then, when I reply on it, you try and say that I can't use the term, "literally" correct, you make a mockery of my use of dude when I attempt to use it in casual setting, and you state that I can't expect you to read the post that you took text out of EDIT: and quoted.