Xref: utzoo comp.unix.admin:1196 alt.flame:29572 Path: utzoo!news-server.csri.toronto.edu!cs.utexas.edu!usc!rpi!bu.edu!encore!zelig.encore.com From: jdarcy@zelig.encore.com (Jeff d'Arcy) Newsgroups: comp.unix.admin,alt.flame Subject: Re: IRC and Security Message-ID: <14293@encore.Encore.COM> Date: 13 Mar 91 18:19:04 GMT References: <7748@uceng.UC.EDU> Sender: news@Encore.COM Followup-To: alt.flame Lines: 49 Nntp-Posting-Host: zelig.encore.com pmartin@uceng.UC.EDU (Paul Martin): > I have just recently discovered a band of computer hackers/pirates that > have been using the Internet to pirate commercial software. ...and now for the news. I suspect that I know which group you're dealing with; they're fairly well-known and will be dealt with shortly when enough evidence against them has been gathered. > there seems to be a common thread, IRC or Inter Relay Chat. These people > told me that they were passing the passwords through IRC as well as meeting > other hackers. I believe that IRC has potential to do some good, however > I believe that it attracts those with little to do with their time and those > immature people who use IRC as a big teenage party line. So? That's hardly a crime. > I urge all administrators > who are interested in preventing unauthorized use of their system and who > have IRC installed, to re-evauluate their desision to keep IRC. Whoa, there! What kind of anal-retentive BS is this? Are you really trying to blame the medium for the messages it carries? If so, you might as well shut down the Internet, because it has been used to perpetrate crimes since long before IRC came along. While you're at it, why don't we shut down the phone system because drug dealers talk to their clients on the phone? The mail system will be next, because we all know that various illegal items are routinely shipped that way. Oh, I almost forgot: do you really think there are no messages regarding illegal activities on the system you administer? Think I'm getting carried away? I'm only trying to illustrate where your approach would take us, and it's not even much of a stretch. Of *course* some hackers use IRC, but THAT USE HAS NOTHING TO DO WITH THEIR HACKING. They just happen to hang out there, and while they're talking they exchange passwords and such along with the daily news about their term papers and non-existent love lives. We live in an age of electronic communication (I shouldn't have to tell you that, but you seem ignorant of the fact) and IRC is one of the "street corners" the local hoodlums hang out on. There's no more benefit to banning IRC than to banning street corners. Your action is punishing an innocent population for the misdeeds of a few, which will only convince that population of your ignorance and lack of concern. Once they recognize their qualities in you, an adversarial relationship between you and your users is likely to develop, and your security problems will only multiply. Hmmm. I guess you might think of that as job security. Nice trick. Jeff d'Arcy, Generic Software Engineer - jdarcy@encore.com The problem with maintaining an open mind is all the crap people throw into it