Path: utzoo!utgpu!attcan!uunet!lll-winken!lll-tis!helios.ee.lbl.gov!pasteur!ucbvax!bloom-beacon!bu-cs!encore!pinocchio!peo From: peo@pinocchio.Encore.COM (Paul Orman) Newsgroups: news.sysadmin Subject: Re: Possible Fines for Virus Perpetrator Summary: Balance in issues. Message-ID: <4124@encore.UUCP> Date: 8 Nov 88 04:01:32 GMT References: <456@l5comp.UUCP> <12081@dscatl.UUCP> <16600@agate.BERKELEY.EDU> <5332@medusa.cs.purdue.edu> Sender: news@encore.UUCP Reply-To: peo@pinocchio.UUCP (Paul Orman) Distribution: na Organization: Encore Computer Corp, Marlboro, MA Lines: 32 In article <5332@medusa.cs.purdue.edu> spaf@cs.purdue.edu (Gene Spafford) writes: > We cannot depend on making our systems completely secure. To do so > would require that we disconnect them from each other. There will > always be bugs and flaws, but we try to cover that by creating a sense > of responsibility and social mores that say that breaking and cracking > are bad things to do. Now we have to demonstrate to the world that > this is the case, and we will back it up with legal action, or we'll > continue to risk having bored students and anti-social elements > cracking whatever we replace the systems with until there is no longer > any network. I agree 100%, but only to the extent that we know there will be the bugs and flaws you mention. This should never mean we do not strive twoards higher and better security on our systems. As you are well aware the Govt. has declared that all systems purchased by them must be C2 rated by 1992. This will include networks too. As far as your lock analogy goes - people usually lock their houses with what they can afford tempered by the area they live in (ie - high crime rate or not). If this type of incident were to be continually repeated I'm sure most of us would decide its time to invest in *deadbolts* for our gateways at least. I have seen postings reflecting the extremes of reactions here. While both extremes may be valid to a point, I really hope the majority of us take a more centered approach in the weeks to come and develop a balanced attitude towards security and its implementations. We should continue to take steps to plug known holes while at the same time keeping the proper emphasis on the social morals and responsiblities of all who exist off the net. ............................................................................... Paul Orman - peo@multimax.ARPA | I don't know enough to speak for ENCORE Computer Corporation | myself, let alone my employer. Marlborough, MA (508) 460-0500 |