Another take at intellectual property - what about bitcoin private keys?

[nybble41]

I'll concede the point that bitcoins are not, as such, "property", since they have no physical presence. Which is why my argument hinges on value.

Unfortunately for your argument, "loss of value" is not a justification for use of force. Loss of property is.

The reason we are having such great difficulty here is that no system for the transmission of value remotely like bitcoin has ever been devised or used before. The closest analogy is digital account balances with a bank.

Which, as I already pointed out, is about as far as you can possibly get from a useful analogy, but whatever.

In that analogy, the bank is not the network. The bank is your own computer, or whatever device you use to store and secure your private keys. (Which, in the case of a paper wallet in a safety deposit box, may indeed be a bank.) Unlawful entry into that device and retrieval of the private key is the crime, the lost bitcoins are the value of that crime - both to the criminal, and as a loss to you.

"Entry into that device"--another bad analogy, this time based on the mythology of cyberspace. Hackers don't "enter" other people's computers, they send messages addressed to them, which those computers are (deliberately or otherwise) programmed to respond to in fixed ways. Applying reasoning based on trespass to "computer crimes" is a dubious practice, at best.

Assuming, however, that there is some legitimate basis for the reasoning that giving orders to your computer without your consent represents an infringement of your rights to your computer, then I agree that this would be the actual crime, and that you could claim damages based on all its consequences, including the financial value of the bitcoins lost to you through misuse of your private key.

Now, particularly with Bitcoins, but also in most monetary theft, the return of the specific units of monetary exchange that were stolen is not important.... All you care about is the value that you have lost..... If some of it has been spent, they're not going to demand it back from the merchants, they're going to extract it from the thief - probably by selling whatever it was he bought with it, if possible. Again, the specific property is not important, it's the value of that property that's important.

That's true enough for fungible property, like currency, but it's only a matter of convention and convenience. For less fungible property, like a car, or an heirloom with mostly emotional value to the owner, it's obviously not acceptable to simply substitute a facsimile of similar market value. Your property right is not simply for "an object like this", but rather "this object". In some cases it's easy to convince the owner to settle for a close substitute, but they are under no obligation to do so.

The contract states that the insurer has an obligation to make you whole. That's a phrase with a specific legal meaning: "to pay or award damages sufficient to put the party who was damaged back into the position he/she would have been without the fault of another." Past that point, the insurer's obligation to you is ended.

I don't know where you get your insurance, but all of my policies have specific limits on the amount payed out, which may or may not equal the estimated value of the item being insured. The insurer is not taking on any open-ended obligation to "make me whole", and I am not forfeiting my rights to the stolen property by accepting compensation from my insurer for its loss.

As is the thief's.

The thief has a different obligation--that of returning the stolen property to its rightful owner. This is where the concept of "making whole" applies. The thief is not absolved of the crime simple because I have an insurance policy which covers the theft.

You have been made whole. You have received the value of the stolen car back. At that point, if the thief owes anyone anything, it's the insurer, not you, since without their theft of your car, that claim would not have been made, and neither would the payout.

The only reason the thief would owe the insurer anything is if my contract with the insurer required me to give them the rights to the stolen property in exchange for the insurance payout. That is a reasonable step, but it's not automatic. Without a specific clause in the insurance contract transferring the property rights, it would be perfectly reasonable to accept the insurance payout and still claim the rights to the stolen property.

Remember, I payed for that insurance. The payout is coming out of my premiums, and those of my fellow insurees. Saying that the insurance payout can "make me whole" is equivalent to saying that I can "make myself whole".

Since I feel you would be justifiably upset if I were to steal your bitcoins, and would consider me a criminal, it is clear that your logic fails the simplest test of real-world application.

I might be upset, mostly at myself for failing to secure my private key, but I wouldn't consider you a criminal solely on the basis of losing control over my bitcoins. Force would not be justified. Of course, by the same token, I am free to respond in kind.

What you say is true. But cash is just paper with pictures of dead white dudes on it. And even if (for example) the US government decides it has the authority to recognise them as something more, if you have $500k of Swiss Franks in your safe and they are stolen, should the US government refuse to act because it's not their currency?

You're wandering into very philosophical deconstructions where most things that we accept as real just stop making sense. It's probably not a very fruitful path and best kept for being drunk with friends (and I mean that in a good way).

You seem to have misunderstood what I said. It doesn't matter that the Swiss Franks aren't U.S. government currency; what matters is that they are physical property. They may only be bits of paper with pictures, but they're still your bits of paper, just as if it has been bars of gold or important legal documents or an unpublished manuscript in that safe instead of Swiss Franks.

Bitcoins, on the other hand, don't exist. You can't possess them, and they aren't property. Your bitcoin balance is just a number in other people's computers, one which they are in no way obligated to recognize. In many ways it's a lot like a reputation. You don't have a property right to your bitcoin balance any more than you have a property right to the way other people think about you.

By this flawed definition, stealing electricity should be OK too, because it doesn't "exist" and therefore isn't "property".  But most places would consider it theft if you consumed it in any significant quantity without paying (by this, I mean bypassing the electric meter so you can run miners without the kWh costs for example, or running an extension cord to your neighbor's house.  I do not mean things with negligible costs like charging your cell phone away from home).

Obviously, whether "most places" consider it theft has no bearing on whether it actually is theft. However, this is worth analyzing. I wouldn't consider the electricity itself (the electrons and/or electric field) to be property. However, the electric meter itself, and the supply side of the power lines, are certainly the property of the utility company, so connecting to them without the company's permissions would be a violation of their property rights. A similar argument applies for running a power cable to your neighbor's house. Having infringed their property rights, you would be liable for the full cost of the consequences.

[myrkul]

Assuming, however, that there is some legitimate basis for the reasoning that giving orders to your computer without your consent represents an infringement of your rights to your computer, then I agree that this would be the actual crime, and that you could claim damages based on all its consequences, including the financial value of the bitcoins lost to you through misuse of your private key.

Well, there you go. We finally agree. Thank you.

Now, you seem to have a problem with considering a hacking the equivalent of trespassing. Well, it is. Hackers don't say "I'm talking to your computer", they say, "I'm in your computer" Trojans aren't called "surreptitious communications channels," they're called "back doors." From both sides of the fence, the perception is that cyberspace is at least a useful abstraction, and that someone who has gained illicit access to your computer is trespassing. Since that allows the only logical path for prosecution of digital theft of Bitcoins, I tend to agree.

[Richy_T]

You seem to have misunderstood what I said. It doesn't matter that the Swiss Franks aren't U.S. government currency; what matters is that they are physical property. They may only be bits of paper with pictures, but they're still your bits of paper, just as if it has been bars of gold or important legal documents or an unpublished manuscript in that safe instead of Swiss Franks.

OK, not a completely valid analogy but you can bet the crime will be prosecuted somewhat differently than if someone stole a box of printer paper.

I guess what it comes down to is that the concept of property and ownership, other than what you are holding in your hand, rely on societal conventions. If you leave your house, it's not OK for squatters to move in. If you park your car on the street, it's not OK for someone to just help themselves, even if you leave the keys in and the engine running. And if you have a store of value and someone reassigns that value to themselves without your permission, that's not OK either. This is why the big media companies are pushing the whole "intellectual property" thing so heavily. They want to get away from a temporary monopoly granted by the government and towards actual ownership of information.

If you want to go your way with the contract/fraud thing, by joining the mining network, are miners not contracting with bitcoin users to authenticate and validate their transactions (particularly where transaction fees apply)? This is who the fraudster would be defrauding in your scenario. Take that where you will...

[nybble41]

Now, you seem to have a problem with considering a hacking the equivalent of trespassing. Well, it is. Hackers don't say "I'm talking to your computer", they say, "I'm in your computer" Trojans aren't called "surreptitious communications channels," they're called "back doors."

I find it hard to believe that you're actually advocating legislation-by-analogy. Analogies are bad enough when they show up in normal arguments, since they're always false to some degree. Using them as the basis for legislation, as justification for the use of force, is even worse. An analogy can provide a useful mental image, to illustrate an argument, but you have to keep in mind that the image is deceptive--and analogies involving computers and "cyberspace" are more deceptive than most, because the underlying realities are so much more complex.

The "trespass", if there was any, is not because the hacker "entered" your computer, but rather because they caused it (by whatever means) to do something you didn't want it to do. It's a tenuous argument, however, because they can't really make your computer do anything. The computer is only reacting to eternal stimuli according to its programming. Even if you didn't intend that specific result, you are responsible for your own property, and you chose to hook it up to a communications system capable of receiving messages from anywhere in the world. Ensuring that your computer operates securely regardless of which messages it might receive is mostly your problem. Or, to flip that around, are you seriously going to claim that sending a message addressed to your computer which it happens to process in a manner you did not intend is equivalent to the use of force?

I guess what it comes down to is that the concept of property and ownership, other than what you are holding in your hand, rely on societal conventions. If you leave your house, it's not OK for squatters to move in. If you park your car on the street, it's not OK for someone to just help themselves, even if you leave the keys in and the engine running.

Property is more than a social convention. The law exists to uphold property rights, not to define them. Property rights are an artifact of scarcity, which is to say, the nature of the universe, and human nature. I recommend reading Bastiat for a full treatment of this subject.

And if you have a store of value and someone reassigns that value to themselves without your permission, that's not OK either. This is why the big media companies are pushing the whole "intellectual property" thing so heavily. They want to get away from a temporary monopoly granted by the government and towards actual ownership of information.

The government can pervert the law to enforce their monopoly, and even make that monopoly permanent rather than temporary, but it can't grant them "ownership" of information, because whatever the law might try to claim, information is not property. It lacks the critical qualification of scarcity. In any case, ownership isn't about exclusive control, it's about having the right to use the property. Copyright and the like turn the concept of property on its head, attempting to enforce exclusive control over non-scarce information at the expense of denying others the right to use their rightful property.

The phrase "store of value" refers to another false analogy. It invokes images of possessing value, of staking a property claim to it. But value isn't something you can possess. You can only possess property which is expected to remain valuable. That value fluctuates, since it's not a physical aspect of the property, but rather a result of people's thoughts and preferences. It can change in an instant. Gold, for example, is widely considered a "store of value", and is obviously property, but if someone were to invent, say, a cheap way of extracting gold from seawater, the value of your gold would evaporate overnight, and you would have no claim against the inventor for that loss of value. You still have the gold itself, which is all you ever had a right to.

If you want to go your way with the contract/fraud thing, by joining the mining network, are miners not contracting with bitcoin users to authenticate and validate their transactions (particularly where transaction fees apply)? This is who the fraudster would be defrauding in your scenario. Take that where you will...

What contract would that be? Anyone can join the mining network. You don't even need to identify yourself, much less sign a contract. If someone wanted to start mining blocks, but follow a different set of rules, I don't see anything that would give anyone using the blockchain a legitimate claim against them. Of course, no one else needs to accept their blocks as valid, either, but if enough people got together and agreed on a set of changes to the rules, however arbitrary or discriminatory they might be, those who dissented and kept to the original rules still have no justification for forcing anyone to stick with their branch of the blockchain, or to compensate them for the lost market value of the bitcoin balances stranded on an unpopular fork.

[Richy_T]

I see a lot of sophistry but I still haven't seen a good reason why someone forging a bitcoin transaction would not be legitimately illegal even in a fairly strong Libertarian system and I still don't see that intellectual property isn't an orthogonal issue.

Every time someone comes up with a counter, you jump to something else. Not intellectual property? It's non-agression. Not non-agression? It's scarcity... I feel like I'm on a wild goose chase. I give up. Honestly. To prove it, just send me your private key and I'll transfer all your bitcoins to my account.

[myrkul]

are you seriously going to claim that sending a message addressed to your computer which it happens to process in a manner you did not intend is equivalent to the use of force?

Maliciously crafting a message to send to a computer to force it to act in a way the owner does not intend is, yes.

[mobodick]

The government can pervert the law to enforce their monopoly, and even make that monopoly permanent rather than temporary, but it can't grant them "ownership" of information, because whatever the law might try to claim, information is not property. It lacks the critical qualification of scarcity. In any case, ownership isn't about exclusive control, it's about having the right to use the property. Copyright and the like turn the concept of property on its head, attempting to enforce exclusive control over non-scarce information at the expense of denying others the right to use their rightful property.

The universe can be said to exist only in terms of specific information.
So everything physical can be seen as just information.
And a thing like a private key is a unique piece of information.
It is maximally scarce since there is only one example of it.
Sure, the nature of information makes it easy to copy, but physical opbjects can be copied too, atom by atom if nessesary. So the problem remains.

[nybble41]

are you seriously going to claim that sending a message addressed to your computer which it happens to process in a manner you did not intend is equivalent to the use of force?

Maliciously crafting a message to send to a computer to force it to act in a way the owner does not intend is, yes.

A message can't "force" the computer to do anything. The computer only follows its instructions, and the instructions in effect at the time the message is received are those the owner put there.

Anyway, to try to steer this conversation back on-topic, the original question was whether private keys are a form of "IP"--specifically, whether you could claim copyright infringement against someone else for possessing an unauthorized copy of your key. It looks like we're all agreed that private keys are not covered by copyright, being random numbers with no creative aspect, so that argument won't work, regardless of whether "IP" is a meaningful concept. Does anyone disagree?

[mobodick]

are you seriously going to claim that sending a message addressed to your computer which it happens to process in a manner you did not intend is equivalent to the use of force?

Maliciously crafting a message to send to a computer to force it to act in a way the owner does not intend is, yes.

A message can't "force" the computer to do anything. The computer only follows its instructions, and the instructions in effect at the time the message is received are those the owner put there.

Right, so if the lock to your house has a flaw that alows anyone to open it by operating it in a certain way it gives anyone the right to enter your house.
"I'm sorry, your honor, but i didn't break in, the lock simply allowed me to unlock it and there was nothing else to prevent me from entering. The house simply complied with my attemts to unlock it and so i had the right to enter."

[myrkul]

are you seriously going to claim that sending a message addressed to your computer which it happens to process in a manner you did not intend is equivalent to the use of force?

Maliciously crafting a message to send to a computer to force it to act in a way the owner does not intend is, yes.

A message can't "force" the computer to do anything. The computer only follows its instructions, and the instructions in effect at the time the message is received are those the owner put there.

I don't think you understand how hacking works. In most cases a flaw in one or another software package allows data in the message (which should always be treated as data, never instructions) to be run as instructions. This is known as a remote code execution or arbitrary code execution bug. The hacker then maliciously crafts a message which includes the instructions that he wants to run on your machine at the appropriate location in the data. When you receive this message, your computer runs those instructions, and the hacker gains access to your computer.

So, no. The owner didn't put those instructions there. The hacker did. And that is equivalent, at minimum, to trespass.

[fergalish]

It boils down to this: Following your logic, stealing bitcoins is not a crime. Following mine, it is. Since I feel you would be justifiably upset if I were to steal your bitcoins, and would consider me a criminal, it is clear that your logic fails the simplest test of real-world application. Unless you wouldn't? In which case, I have a program I'd like you to download...

Ask any anti-IPR if copying an mp3 is a crime. Then ask any Hollywood producer. What you, or I, "think", is irrelevant. The point of a legal system is to reduce conflict and have a fair method of resolving any residual conflict not already covered by the "law".

It looks like we're all agreed that private keys are not covered by copyright, being random numbers with no creative aspect, so that argument won't work, regardless of whether "IP" is a meaningful concept. Does anyone disagree?

I, at least, agree with this. The next question is whether private keys can be considered "property" at all - given the nature of the bitcoin network, all that matters is possession.  Let's move, then, from an anti-IPR world to an anti-VP "anti-Virtual-Property" world, where it is not possible to define non-physical objects as property - specifically, in this case, data (such as an mp3, or a private key).

I see a lot of sophistry but I still haven't seen a good reason why someone forging a bitcoin transaction would not be legitimately illegal even in a fairly strong Libertarian system and I still don't see that intellectual property isn't an orthogonal issue.

Every time someone comes up with a counter, you jump to something else. Not intellectual property? It's non-agression. Not non-agression? It's scarcity... I feel like I'm on a wild goose chase. I give up. Honestly. To prove it, just send me your private key and I'll transfer all your bitcoins to my account.

First of all, it is not possible to *forge* a bitcoin transaction.

Second, even if I agree that hacking a computer is equivalent to trespass, then you would have to show me which property I trespassed upon. The hard disc? Looks just the same to me, no damage done. The CPU? No damage there either. Really - I'm not *touching* your property, only mine - my keyboard, my mouse. All you can say is that the *data* on your computer (the privkey) has been interfered with (copied), and if you want your data to be legally protected from copying, then I fail to see why an mp3 cannot be also legally protected from copying.  I get the difference that, to copy an mp3, you don't need to hack Lady Gaga's computer, or her publisher's. But, even if we allow for the trespass argument, all I need is for your privkeys to "somehow" find their way to my computer and I can fully legally, without any possible accusation of trespass transact the BTCs to myself.

Insurance companies often won't pay a claim if it can be shown that the claimant did not take reasonable steps to secure the property. So, if you leave your door open, to use the argument above, then it's still illegal to enter and steal BUT tough luck, the insurance company won't pay up. Therefore, if your computer is not adequately programmed to protect against hacking, then you would be responsible for the loss.

And even the "arbitrary code execution" is still just avoiding the point - if you want *your* computer secure, then *you* should make sure there are no bugs which would permit arbitrary code execution.

**EDIT: Most of the people contributing here seem to agree that private keys should be somehow legally protected. My intention is not to say that they shouldn't be protected, but to see what "purist" libertarians think, by which I mean libertarians who declare that data (such as an mp3) cannot be declared as property of any sort but, being on this forum and liking bitcoins, think that private keys *should* somehow be declared as property.  To make it clear, I link again to NghtRppr's post. For the present argument, I might say: "Telling me what I can and cannot do with my computer is equivalent to claiming ownership of my computer, which amounts to little more than theft, hence a violation of NAP".

[myrkul]

"Telling me what I can and cannot do with my computer is equivalent to claiming ownership of my computer, which amounts to little more than theft, hence a violation of NAP".

That's pretty close. I would say that you're using my property (the computer) without my permission, or even knowledge, which, while there is no damage done to that property, does result in a financial loss to me, the same as if you had picked the lock on my front door, and used the access to my house thus acquired to rifle through my financial records and gain access to my bank account information.

computer ~= house
privkey ~= banking records

In both cases, you're not substantially altering or damaging the property you're trespassing on. In both cases, you're there only for information, which, once you have a copy, you leave unaltered where you found it. In both cases, the financial loss only comes later, when you use the information thus acquired to pretend you're me and transfer away my funds. In both cases, the trespass is only the enabling crime which allows for the larger crime of the financial theft.

Trespass is not damaging property, it's accessing property against the owner's wishes. I'm not even saying that private keys are property, any more than your bank account information is property. It's data, but data which access to allows a considerable amount of mayhem. So, mere possession of my private key is not - itself -  a crime, but the means that was used to get it, and what is done with it, those might be crimes.

If I foolishly posted my private key down there in my sig, or nailed my banking records to my front door, then the end result of that is my own damn fault, and I'd have a hard time prosecuting you for using the data that is so freely available. On the other hand, if you had to trespass to get that data, then the data is clearly illicit, and what you do with it (such as steal my money) may further compound your crimes.

[Richy_T]

Second, even if I agree that hacking a computer is equivalent to trespass, then you would have to show me which property I trespassed upon. The hard disc? Looks just the same to me, no damage done. The CPU? No damage there either. Really - I'm not *touching* your property, only mine - my keyboard, my mouse. All you can say is that the *data* on your computer (the privkey) has been interfered with (copied), and if you want your data to be legally protected from copying, then I fail to see why an mp3 cannot be also legally protected from copying.  I get the difference that, to copy an mp3, you don't need to hack Lady Gaga's computer, or her publisher's. But, even if we allow for the trespass argument, all I need is for your privkeys to "somehow" find their way to my computer and I can fully legally, without any possible accusation of trespass transact the BTCs to myself.

Just to say, I've lost interest in the private key aspect of this argument but I agree that the hacking of a computer is not the same as trespass. Though it does have some aspects in common, it is still a different thing.

Insurance companies often won't pay a claim if it can be shown that the claimant did not take reasonable steps to secure the property. So, if you leave your door open, to use the argument above, then it's still illegal to enter and steal BUT tough luck, the insurance company won't pay up. Therefore, if your computer is not adequately programmed to protect against hacking, then you would be responsible for the loss.

You're missing a logical step in there somewhere.

[myrkul]

Just to say, I've lost interest in the private key aspect of this argument but I agree that the hacking of a computer is not the same as trespass. Though it does have some aspects in common, it is still a different thing.

What is the key difference?

[nybble41]

I don't think you understand how hacking works. In most cases a flaw in one or another software package allows data in the message (which should always be treated as data, never instructions) to be run as instructions. This is known as a remote code execution or arbitrary code execution bug. The hacker then maliciously crafts a message which includes the instructions that he wants to run on your machine at the appropriate location in the data. When you receive this message, your computer runs those instructions, and the hacker gains access to your computer.

So, no. The owner didn't put those instructions there. The hacker did. And that is equivalent, at minimum, to trespass.

Thanks for the vote of confidence, but I really do know how system breaking works. I'm a software engineer with a focus on real-time operating systems and device drivers, not a computer novice. I'm familiar with the techniques from a theoretical / defensive perspective, though I've never been inclined to put them into practice against someone else's system.

Your description of arbitrary code execution vulnerabilities is reasonably accurate. However, what you're overlooking is the fact that it is the software already on the computer which takes the data supplied by the hacker and reinterprets it as code. The code came from the hacker, but the software already on your computer ran it. This happens all the time without any harm or fault attached; most web pages include executable code that your computer downloads and runs, for example. Even bitcoin transactions include executable scripts. Most of the time the computer's owner is not even aware of the code. In many cases (e.g. ads and tracking code in web pages) it is even true that the owner would not approve of running the code if he or she was made aware of it.

The question is whether it is sufficient that the computer accepted the code and ran it, or if the owner must be expected to approve of running it given the choice. I would argue that when you own a machine that is designed to receive and process messages, and connect it to the Internet, it is your responsibility to make sure it processes them safely (or accept the consequences), even in the case of malformed or maliciously crafted messages. If that places an unacceptable burden on the participants, I've already suggested a system of contracts which would suffice to enforce some basic etiquette while remaining consistent with the natural rights of everyone involved.

Consider this: What we have here is basically a case where you have some information you don't want to give to anyone else. Forget the computers; if this was simply information in your head, and someone else, by asking the right questions, managed to get you to reveal it despite your attempts at concealment (by observing your involuntary body language, for example), that would not make them an aggressor. Like I said before, of course, all analogies are false to some extent, including this one. I'm not basing any conclusions on it. However, I think it makes a decent illustration.

[Richy_T]

Just to say, I've lost interest in the private key aspect of this argument but I agree that the hacking of a computer is not the same as trespass. Though it does have some aspects in common, it is still a different thing.

What is the key difference?

Lack of physical presence.

[myrkul]

A lock can still be bypassed without using a key. One does not blame the house owner for purchasing a lock with "vulnerabilities" that allow it to be picked, nor the manufacturer for producing it. One blames the man with the set of lock picks.

What is the key difference?

Lack of physical presence.

From the point of view of the processor, I am no more physically present than a hacker. A processor simply runs whatever instructions are presented to it, regardless of where it comes from.

[Richy_T]

A lock can still be bypassed without using a key. One does not blame the house owner for purchasing a lock with "vulnerabilities" that allow it to be picked, nor the manufacturer for producing it. One blames the man with the set of lock picks.

What is the key difference?

Lack of physical presence.

From the point of view of the processor, I am no more physically present than a hacker. A processor simply runs whatever instructions are presented to it, regardless of where it comes from.

Yes. I don't see your point.

[myrkul]

What is the key difference?

Lack of physical presence.

From the point of view of the processor, I am no more physically present than a hacker. A processor simply runs whatever instructions are presented to it, regardless of where it comes from.

Yes. I don't see your point.

That physical presence is not relevant to the computer. I no more have to be local to the processor to use it legitimately than does the hacker, to use it illicitly.

I understand your point (that physical presence is not relevant to computers, therefor hacking is not trespassing since you need to be physically present to trespass), which is essentially the same as mine (that physical presence is not relevant to computers, therefor hacking is trespassing since you do not need to be physically present to trespass), but the fact remains that the hacker is using your property without your permission, which is functionally identical to trespassing.

[mobodick]

Your description of arbitrary code execution vulnerabilities is reasonably accurate. However, what you're overlooking is the fact that it is the software already on the computer which takes the data supplied by the hacker and reinterprets it as code. The code came from the hacker, but the software already on your computer ran it. This happens all the time without any harm or fault attached; most web pages include executable code that your computer downloads and runs, for example. Even bitcoin transactions include executable scripts. Most of the time the computer's owner is not even aware of the code. In many cases (e.g. ads and tracking code in web pages) it is even true that the owner would not approve of running the code if he or she was made aware of it.

The question is whether it is sufficient that the computer accepted the code and ran it, or if the owner must be expected to approve of running it given the choice. I would argue that when you own a machine that is designed to receive and process messages, and connect it to the Internet, it is your responsibility to make sure it processes them safely (or accept the consequences), even in the case of malformed or maliciously crafted messages. If that places an unacceptable burden on the participants, I've already suggested a system of contracts which would suffice to enforce some basic etiquette while remaining consistent with the natural rights of everyone involved.

Consider this: What we have here is basically a case where you have some information you don't want to give to anyone else. Forget the computers; if this was simply information in your head, and someone else, by asking the right questions, managed to get you to reveal it despite your attempts at concealment (by observing your involuntary body language, for example), that would not make them an aggressor. Like I said before, of course, all analogies are false to some extent, including this one. I'm not basing any conclusions on it. However, I think it makes a decent illustration.

I don't agree with your definition of hacking. There are many ambiguous forms of hacking. A hacker could have gained access to the bootsector of the computer (again, through different means). Hacking is about getting some form of control, not about getting your code to run per se. You could be running code that was already there. You could not run code at all.

Why do you expect to be able to take responsibility of the stuff happening on your computer all the time?
Do you also think that if you own a car you are responsible for what someone else does with that car all the time?
Do you stand by your car all night to make sure noone steals it and commits a crime with it?

A modern pc does tens of billions of things per second. A mobile device not that much less.
Because of this speed we have no direct sight over it (even you).
I don't see most people inspecting every packet going in and out. They simply trust a tool or a service. They have to because otherwise everyone has to be a computer technician to protect their computer well. It's not practical given the nature of computers.
But then again, as a software developer you must know that it's incredibly hard to make something reasonably complex and bugfree. Bugs that lead to security issues can happen at multiple levels, from conceptual to implementation and everything inbetween.
The tools used for protection are flawed so how much responsibility can you realistically expect people to take?

So altho i agree that the owner of the device has some responsibility, this responsibility is shared with the manufacturer and society in general (laws and opinions).

And i'm not sure what you mean by your analogy.
If the person asking the questions does this with criminal intentions then it is certainly not legal.