Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!bloom-beacon!think!barmar
From: barmar@think.COM (Barry Margolin)
Newsgroups: comp.misc
Subject: Re: CALL FOR VOTES:  DID HE DO US A SERVICE OR NOT?
Message-ID: <31053@think.UUCP>
Date: 11 Nov 88 19:55:47 GMT
References: <1330@stiatl.UUCP> <202@hsi86.hsi.UUCP> <6081@killer.DALLAS.TX.US>
Sender: news@think.UUCP
Reply-To: barmar@kulla.think.com.UUCP (Barry Margolin)
Distribution: na
Organization: Thinking Machines Corporation, Cambridge MA, USA
Lines: 39

In article <6081@killer.DALLAS.TX.US> chasm@killer.DALLAS.TX.US (Charles Marslett) writes:
>In article <202@hsi86.hsi.UUCP>, wright@hsi.UUCP (Gary Wright) writes:
>:: wasted.  Others have said that there were better ways to go about
>:: publicizing the security flaws, I agree.
>On the other hand, I have yet to see a "better" way -- all the ones that
>have been posted have probably already passed under the bridge and we
>all know the "hole" was not plugged.

Assuming you are correct that there is no better way, that does not
absolve him.  If I ignore all the reminders about using car seat
belts, should someone intentionally crash into me to prove to me that
I'm endangering myself?  An even better analogy would be to car
manufacturers producing cars with inferior seat belts; should someone
crash into a bunch of them so that the manufacturer will recall them
and fix them?  We can certainly hope that such behavior would result
in safer cars in the future, but is that justification enough for the
damage that is done in the process of making the point?

One of the problem with all these discussions is that many assumptions
are being made about the perpetrator's intent, yet he has made no
public statement about it yet (as far as I know).  We don't know that
his purpose was to "publicize the security flaws."  In fact, the only
statement I've heard that is attributed to him is that the worm
propogated faster than he expected, from which I infer that if it had
been working as he planned it might have gone unnoticed because it
wouldn't have eaten up so much CPU time.  If the purpose were for the
worm to be undetected, it wouldn't really publicize the flaws, would
it?  To stretch the automobile analogy to its breaking point, this
would be like someone going around, breaking into people's cars, and
untuning their engines so that they get slightly lower mileage; few
people would notice, and those who were would probably assume they
were an isolated case, not part of a large conspiracy.


Barry Margolin
Thinking Machines Corp.

barmar@think.com
{uunet,harvard}!think!barmar