If you could detect an attack on your computer system and defend against it, would you want to do it? should you be allowed to do it? What if defending meant harming the computer of the attacker? What if defending meant at least getting information about intermediate computers between the attacker's and yours?
There are legal and ethical questions here. A review of the ethical ones appears in Stewart Baker's blog, Skating on Stilts. (He is a former General Counsel of the US National Security Agency, among other high-level achievements.)
Mr Baker argues for private defence as well as for state-operated defence. What do you think?
Care to speculate about whether defending your system, or poisoning the attacker's system, would constitute 'colour of right' that is a defence against a charge of unauthorized access to someone else's computer system? [Criminal Code s 342.1]
His legal analysis is under US law, of course, since that's where he's writing, but this passage sounds applicable to the Criminal Code provision I alluded to above:
To oversimplify a bit, violations of the [Computer Fraud and Abuse Act] depend on "authorization." If you have authorization, it's nearly impossible to violate the CFAA, no matter what you do to a computer. If you don't, it's nearly impossible to avoid violating the CFAA.
But the CFAA doesn't define "authorization."
Likewise the Criminal Code does not define "colour of right". Do the concepts overlap for this purpose?