Kasus 1:

https://www.wired.com/2011/07/0726first-computer-fraud-indictment/

Diskusi:

1. Jelaskan bentuk dan klasifikasi dari computer fraud yang dilakukan oleh Morris.
2. Jelaskan tiga kondisi yang dapat memungkinkan dan/atau memotivasi Morris melakukan
tindakan computer fraud tersebut.
3. Apakah yang dapat dilakukan oleh Cornell University untuk mencegah risiko Morris worm?

Kasus 2:

http://fortune.com/2016/`07/10/sharing-netflix-password-crime/

Diskusi:

1. Jelaskan bentuk dan klasifikasi dari computer fraud yang dilakukan oleh Nosal.
2. Jelaskan tiga kondisi yang dapat memungkinkan dan/atau memotivasi Nosal melakukan
tindakan computer fraud tersebut.
3. Apakah yang dapat dilakukan oleh Korn/Ferry International untuk mencegah computer fraud
yang dilakukan oleh Nosal?

Instruksi:

1. Masing-masing kelompok menyiapkan presentasi (maksimal 10 menit) menggunakan power

point untuk mendiskusikan dan menjawab pertanyaan di atas.
2. Masing-masing kelompok yang presentasi diberikan sesi tanya jawab selama 5 menit.
3. Setiap mahasiswa yang tidak presentasi wajib menyiapkan satu pertanyaan yang berbeda
dengan pertanyaan di atas, untuk masing-masing kasus.
4. Gunakan Romney Chapter 5 dan 6 sebagai referensi.
Sharing Passwords Can Now Be a
Federal Crime, Appeals Court Rules
David Z. Morris
Jul 10, 2016
On July 5, the U.S. Ninth Circuit Court of Appeals issued an opinion that found, in part,
that sharing passwords can be grounds for prosecution under the Computer Fraud and
Abuse Act (CFAA). The decision, according to a dissenting opinion on the case, risks
making millions of people who share passwords into unwitting federal criminals.
The decision came in the case of David Nosal, an employee at the executive search (or
headhunter) firm Korn/Ferry International. Nosal left the firm in 2004 after being denied
a promotion. Though he stayed on for a year as a contractor, he was simultaneously
preparing to launch a competing search firm, along with several co-conspirators. Though
all of their computer access was revoked, they continued to access a Korn/Ferry candidate
database, known as Searcher, using the login credentials of Nosals former assistant, who
was still with the firm.
Get Data Sheet, Fortunes technology newsletter.
Nosal was eventually charged with conspiracy, theft of trade secrets, and three computer
fraud counts, and was sentenced to prison time, probation, and nearly $900,000 in
restitution and fines.
Nosal's conviction under CFAA hinged on a clause that criminalizes anyone who
knowingly and with intent to defraud, accesses a protected computer without
authorization. Though CFAA is often understood to be an anti-hacking law, that clause in
particular has been applied to many cases that fall far short of actual systems tampering.
CFAA has, for instance, been used to prosecute violation of Terms of Service agreements
(which are themselves a contested practice). Most notoriously, the law was used to pursue
Aaron Swartz, the young programmer who committed suicide after being charged with
mass-downloading research papers from an MIT database, in violation of its terms of
servicedespite the fact that he was then a research fellow at MIT, with authorized access
to the involved database.

Because of cases like this, The New Yorkers Tim Wu has described the CFAA as "the
worst law in technology."
One of the Ninth Circuit judges, Stephen Reinhardt, seemed to agree with those
interpretations in his dissenting opinion. While Reinhardt took no issue with Nosals
convictions on trade secrets violations, he said the new decision also makes "consensual
password sharing" a prosecutable offense. Reinhardt noted that the decision loses sight
of the anti-hacking purpose of the CFAA, and . . . threatens to criminalize all sorts of
innocuous conduct engaged in daily by ordinary citizens.
The dissenting judge cites the example of a husband sharing his banking password with
his wife. The law could theoretically ensnare people who share their Netflix or HBO Go
password, though it is basically inconceivable that the federal government would
prosecute such an action.
Editor note, July 12, 2016 (2 pm): An earlier version of this article misrepresented the
likely consequences of sharing passwords. The story and its headline have been
updated.