Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!think.com!sdd.hp.com!wuarchive!uunet!mcsun!hp4nl!cwi.nl!jack
From: jack@cwi.nl (Jack Jansen)
Newsgroups: comp.admin.policy
Subject: System admins looking for scapegoats
Message-ID: <3689@charon.cwi.nl>
Date: 13 Jun 91 09:41:40 GMT
References: <20740@slice.ooc.uva.nl>
Sender: news@cwi.nl
Lines: 24

The thing that really bothers me in the discussion about suspending
students that give away pasword files and the like is the shoot-the-
messenger mentality that a lot of sys admins seem to have. This surfaced
before in the Morris case, by the way, and is again very obvious in
numerous articles on this case.

True, students who mail out password files or write internet worms
should receive some punishment, but the main part of the blame lies
with the administrators. If I leave my bike unlocked and you nick it
you are guilty, but so am I.

Incidents like this are going to continue forever if the only answer
the sysadmins can come up with is punishing the perpetrator. The
*real* problem, imho, lies in the fact that a lot of people refuse
to see that the internet is a potentially hostile place, and that you
should take some measures to protect yourself. Failing to do so and
punishing students only buys you a false sense of security. After
all, don't expect the KGB (oops, outdated enemy.... uhm... well, whoever)
to make the same dumb mistakes as your undergrads do.
-- 
--
Een volk dat voor tirannen zwicht	| Oral:     Jack Jansen
zal meer dan lijf en goed verliezen	| Internet: jack@cwi.nl
dan dooft het licht			| Uucp:     hp4nl!cwi.nl!jack