Path: utzoo!utgpu!jarvis.csri.toronto.edu!cs.utexas.edu!tut.cis.ohio-state.edu!ukma!uflorida!haven!udel!udccvax1!cygnus From: cygnus@vax1.acs.udel.EDU (Marc Cygnus) Newsgroups: alt.hackers Subject: Re: Computer Abuse / Product Liability / Criminal Statutes / ECPA Summary: um. Message-ID: <5527@udccvax1.acs.udel.EDU> Date: 19 Jan 90 21:04:31 GMT References: <22359@usc.edu> <4948@sugar.hackercorp.com> <9738@hoptoad.uucp> Reply-To: cygnus@vax1.acs.udel.EDU (Marc Cygnus) Followup-To: alt.hackers Distribution: na Organization: The Lab Rats Lines: 76 Approved: of course :-) (setq hack-talk nil) In article <9738@hoptoad.uucp> gnu@hoptoad.uucp (John Gilmore) writes: >> ...I think that if he [Robert Morris] >> gets off lightly it'll open the floodgates... > >Perhaps if Mr. Morris "gets off lightly" (e.g. doesn't get thrown >into involuntary servitude or enforced confinement) then more people >will have the guts to test Internet security, report problems where >they find them, and fix them in appropriate ways. > >On the other hand, if Mr. Morris loses his freedom, a lot of security >problems will go unreported, since who wants to go to jail for telling >a stranger that his system is insecure? Best to just keep it to yourself ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ hoooOOOOwaitaminute! There's a BIGBIGBIG difference between `telling a stranger that his system is insecure' (communications with sysadmins, management, security updates, etc) and `telling...' by *demonstrating* to the poor stranger by penetrating said stranger's system(s) and driving things through the roof! > > >Mr. Morris's worm program is 95% of the way to an excellent security ^^^^^^^^^^^^^^^^^ yeah right. except that it was *ahem* `tested' on a system that was NOT isolated from the intrenet, and OOPS! It Got Out. >testing program -- a watchdog for your network -- that will tell YOU, >the system administrator, about any known holes in your net, long >before a cracker discovers them. For this he is put on trial and all yeah right, again. it'll tell YOU, the sysadmin, by tying up completely valuable resources like networks and cpu time. that's what happened. i'm not disagreeing that the idea of a clean 'scavenger' programme that could check for holes in a net is bad, i'm disagreeing that the intrenet worm was NOT the approach to use (and i imagine it wasn't intended so). >copies of the source code are locked away. Suuuuuure we believe in not so, john. every single site that got infected got, free of charge, a complete and operational version of the programme. oh, and people who *need* to know (sysadmins, etc) about the techniques the worm used can *get* the information from certain security organisations. it _really_ wasn't anything breathtakingly brilliant. but effective? yes. if you have access to kernel and utility source code, the only additional info you need to understand the worm is public (_Tour_of_the_Worm_, for instance, and also the MIT paper). > >-- >John Gilmore {sun,pacbell,uunet,pyramid}!hoptoad!gnu gnu@toad.com >Just say *yes* to drugs. Say "no" to undeclared wars on sovereign countries. (setq hack-talk t) i'm taking a break from hacking a device driver for a Tek4129 (on a Sun4/60), so image data can be directed to the Tek (thru a 38.4kbaud link to a cisco box) and printed out on an HP colour inkjet (our only form of colour hard- copy at the moment). ugly, but if it works, hey! -marcus- oh, yeah. i'm also `hacking' :-) the primary circuit capacitor for the exact device mentioned below. | | V -- ----------------------------------------------------------------------------- "Opinions expressed above are not necessarily those of anyone in particular." `...but do YOU own a | ARPA: cygnus@vax1.acs.udel.edu homemade 6ft Tesla?' | UUCP: {yourpick}!cfg!udel!udccvax1!cygnus