Path: utzoo!attcan!uunet!lll-winken!lll-tis!helios.ee.lbl.gov!pasteur!ucbvax!bloom-beacon!spdcc!husc6!endor!walsh
From: walsh@endor.harvard.edu (Bob Walsh)
Newsgroups: comp.protocols.tcp-ip
Subject: virus
Message-ID: <555@husc6.harvard.edu>
Date: 8 Nov 88 13:48:42 GMT
Sender: news@husc6.harvard.edu
Reply-To: walsh@endor.UUCP (Bob Walsh)
Organization: Aiken Computation Lab Harvard, Cambridge, MA
Lines: 20

Since the virus reportedly includes a quick implementation of a password
cracking scheme, since the cracker did not personally aggressively eradicate
it from the internet that night (eg., by using a copy of the virus to
distribute its own fixes or by personally submitting an explanation, fixes,
and an apology), and since it has taken almost a whole week to learn the
facts, I believe that he should NOT be held up as a role model.  The mistake
may not be wholly innocent.

The act was unfortunate.  Increasing the security of the Internet is a
beneficial side-effect, but could have been achieved another way.

I agree that there are many individuals who work in a positive fashion
who unfortunately go unrecognized at times like this.  The cracker possessed
no special skills; others could have done the same thing if given the
inclination.  It is a lack of possession (of judgement over an interval of
time) which sets him apart.

If an RFC is developed, I believe it should include the issues raised in
a very pithy tcp-ip article sent yesterday, which included a discussion of
potential ramifications for the Internet, society's view of computers and
computer scientists...