From: Ryan Gill (rmgill@mindspring.com)
Date: Fri Sep 06 2002 - 22:36:43 PDT
At 5:28 PM -0400 9/6/02, J. Forster wrote:
>
>It has nothing to do with the issue, except to prove the point some
>are good, some
>bad.
It goes to pointing out how some people perceive things even though
it is a specious argument.
> > There are many legitimate reasons for people to "hack". From the
>standpoint of
>> understanding security, learning how systems are secure and how they work in
>> general. Most hackers if not all are out to learn and understand
>>things. They
>> aren't out to steal state secrets and destroy your computer.
>
>Some are, some are not.
>
>> In some cases viruses that escape from people are where someone is
>>working on a
>> program as an experiment and
>> it gets away from them.
>
>Careless is not a valid excuse. Neither is incompetence. The damage
>is still done.
Yes, but throwing the baby out with the bath water is not the correct
response. Education and competency is. That applies to vehicle
maintenance and to computer security. The current standard is that
Microsoft releases products with thousands of instances of bugs and
security holes.
>
>Accident or not, you are still liable.
But banning all M35's isn't the answer is it?
>
>There is difference between telling someone their door is unlocked,
>and entering
>through that door. The latter is WRONG.
>
But the process of seeing if the door is unlocked in the physical
sense isn't quite the same as in the virtual sense. In some respects
even port scanning a site is considered an attack by virtue of some
of the current laws.
> > Some corporations are getting to the point that that if you find
>a security hole
>> in their software they label you a hacker and file suit against
>>you stating that
>> you gained access to private information by poking at their software.
>
>That is wrong also. SW makers should be liable for holes, just as a
>defective lock
>maker would be.
They aren't. They've managed to persuade congress (as has the RIAA
with regards to CDMA) that debugging someone else's product for
security holes is a violation of patents. Publishing a scholarly
paper about such holes is covered by this as well. This is has a
chilling effect on free speech. The current trend is security through
obscurity. That doesn't work.
>
>
>If he's been wronged, he should be allowed to file a claim or suit
>for abuse of
>process and collect actual and punitive damages, both against the
>company and the
>agency.
Thats great. But when you've got the FBI sticking guns in your face
and throwing you in Jail with little recourse for gaining access to
your own computer for purposes of demonstrating evidence, you've got
some problems. Just look at how Kevin Mitnick was dealt with. Its the
same thing in NFA circles.
Sueing the Feds doesn't fix the problems. Especially if they've gone
as far as killing someone in the process of conducting their
investigations.
--
Ryan Gill rmgill@SPAMmindspring.com
----------------------------------------------------------
| | | -==----
| O--=- | | /_8[*]°_\
|_/|o|_\_| | _________ | /_[===]_\
/ 00DA61 \ |/---------\| __/ \---
_w/|=_[__]_= \w_ // [_] o[]\\ _oO_\ /_O|_
|: O(4) == O :| _Oo\=======/_O_ |____\ /____|
|---\________/---| [__O_______W__] |x||_\ /_||x|
|s|\ /|s| |s|/BSV 575\|s| |x|-\| |/-|x|
|s|=\______/=|s| |s|=|_____|=|s| |x|--|_____|--|x|
|s| |s| |s| |s| |x| |x|
'60 Daimler Ferret '42 Daimler Dingo '42 Humber MkIV (1/3)
----------------------------------------------------------
This archive was generated by hypermail 2.1.4 : Wed Apr 23 2003 - 13:21:19 PDT