Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!think.com!snorkelwacker.mit.edu!bu.edu!m2c!wpi.WPI.EDU!ear
From: ear@wpi.WPI.EDU (Eric A Rasmussen)
Newsgroups: comp.org.eff.talk
Subject: Re: Should we let students run COPS to get each other's passwords?
Message-ID: <1991Jun17.045200.31773@wpi.WPI.EDU>
Date: 17 Jun 91 04:52:00 GMT
References: <27111@as0c.sei.cmu.edu>
Organization: Worcester Polytechnic Institute
Lines: 23

In article <27111@as0c.sei.cmu.edu> df@sei.cmu.edu (Dan Farmer) writes:
>In article <foo>, mcovingt@athena.cs.uga.edu (Michael A. Covington) writes:
>> OK then, if passwords aren't secret, give me yours!!!
>  Sure:
>df:T8oOksRWnnA8Y:3271:20:Dan:/usr/users/df:/usr/local/bin/tcsh
>  Break it if you can.

Ok, now here's an interesting (IMHO) question...

By distributing your password in encrypted form and encouraging others to
crack it, are you guilty of the same 'crime' as that student who distributed
his system's /etc/passwd file to a known cracker?  Should any action be taken
against you for possibly compromising the security of your system, and if so
what?

(Note that I am just raising a point and am not advocating actually getting you
in trouble.)

+---------< Eric A. Rasmussen - Mr. Neat-O (tm) >---------+ +< Email Address >+
|   A real engineer never reads the instructions first.   | | ear@wpi.wpi.edu |
|   (They figure out how it works by playing with it.)    | | ear%wpi@wpi.edu |
+---------------------------------------------------------+ +-----------------+
                     ((( In Stereo Where Available )))