Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!yetti!geac!braegen!ken
From: ken@braegen.UUCP (Ken Marchant)
Newsgroups: comp.sys.att
Subject: Re: Irresponsibility (Was: Security problem on UNIX PC's)
Message-ID: <124@braegen.UUCP>
Date: Tue, 29-Sep-87 13:08:09 EDT
Article-I.D.: braegen.124
Posted: Tue Sep 29 13:08:09 1987
Date-Received: Wed, 30-Sep-87 03:18:24 EDT
References: <54@quincy.UUCP> <149@manta.UUCP>
Organization: The Braegen Group Inc., Toronto Ontario CAN
Lines: 27

> As a result, it's irresponsible to post articles giving exact directions
> for violating system security.  Even if you're not personally
> affected, that doesn't give you the right to post (or encourage others
> to post) how-to's on system cracking.  Your one thoughtless posting
> certainly did far more damage than good.
> -- 
> Brant Cheikes
> ARPA: brant@linc.cis.upenn.edu
> UUCP: rutgers!cbmvax!cgh!manta!brant
> Department of Computer and Information Science / University of Pennsylvania

No. No. No. No.!!!
Often those of us using these systems in "hostile" environments are
not sufficiently adept at determining security holes. If people
out there on the net have found holes then you can be damn sure that 
malicious users in "hostile" environments will. The responsibility lies
in making as many administrators as possible aware of security problems.
The analogy is not telling people to use deadbolt locks and keep property
well lit around their homes because we might be telling burglars how to
break in. The demonstrated fact is that if there's a way in then people 
who want to will find it.
In fact one might wonder if Mr. Cheikes is not some interloper whose 
favourite hole has now been exposed.:-)
-- 
			Ken Marchant
			The Braegen Group, Toronto, Ontario
	(allegra,linus,ihnp4,decvax)!mnetor!yetti!geac!braegen!ken