Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!bloom-beacon!apple!bionet!agate!helios.ee.lbl.gov!nosc!humu!uhccux!julian From: julian@uhccux.uhcc.hawaii.edu (Julian Cowley) Newsgroups: comp.misc Subject: Re: CALL FOR VOTES: DID HE DO US A SERVICE OR NOT? Message-ID: <2675@uhccux.uhcc.hawaii.edu> Date: 21 Nov 88 06:29:46 GMT References: <1330@stiatl.UUCP> <202@hsi86.hsi.UUCP> <6081@killer.DALLAS.TX.US> <31053@think.UUCP> <744@tank.uchicago.edu> Distribution: na Organization: University of Hawaii at Manoa Lines: 68 In article <744@tank.uchicago.edu> Daniel McLaurine writes: >When I was young(er), I too wished to streach my horizons to the limit, and >since at the time the conditions were right, (little to no scocial interaction, >VERY intelegent (;-}), and a very hyperactive sence of curiosity), life >ordained me to be a 'hacker' (IE: definiton 1: Person who uses intimate >knowledge of ether the system, programming enviroment, or both in developing >programs supposedly beyond that systems's capability.) [...] >THIS WAS NOT COOL. MANY PEOPLE GOT HARMED. ESPECIALY ME. I sympathize with you completely. I, too, at a tender age, had the same conditions before me and I fell into the same pitfall of finding out how far the system could be pushed. Our actions were eventually discovered by the system administrators, and we were punished by removing our access to the system. Was their action "just" enough? I am not sure, since some of us were allowed back onto the same system within a month's time. How can there be any social lessons to be learned from such behavior? I can understand why Morris would be enthused about "teaching" people about their security problems, but is that behavior entirely social? I think not. >Bottom line: If this person would have posted an alert to the net with a sample >program, THAT would have been a very valuable service. I agree with you. His methods, although they may have been legitimately positive, were not scientific. If he were a minor, that may be understandable. But a grad student? He should have realized his actions were bordering on the destructive side. He could have accomplished much more by isolating a set of machines and publishing the results in a computer security journal. He would have discovered his "bug" at least. >This person did harm. Yes, he did. The implications of his actions are new to us, and therefore it is understandable that we are having a hard time dealing with them. I hate to admit it, but I think that if he is not dealt with in a just manner, then it will encourage other "hackers" to repeat the same mistake. They must understand that there are more factors at stake than just the security of the net. Any person who releases a worm, virus, what have you upon the net is digging their own grave, because so far the ethics of computer hacking have encouraged us to share (in a scientific manner) our results to others. With such viruses abound, there can be no such sharing. >He should be made to understand this. Jail will not teach this lesson. Having >him see some of the mess that he caused will. True. I don't think he realized how grave a mistake he was making at the time he was comtemplating releasing his program upon the net. Jail would have no affect in any way upon his understanding of this. Sadly, the kind of punishment we have nowadays (jails) is the kind which does not intend to teach the person why he is being punished. This applies to more than just Morris: there are more than one kinds of crime. ><{[-]}>----------------------------------------------------------------------- > V Daryl McLaurine, Programmer/Analyst (Consultant) > | Contact: > | Home: 1-312-955-2803 (Voice M-F 7pm/1am) > | Office: Omegan Consultants (Use Home Number 9am-4pm) > | -or- > | University of Chicago Mathematics Dept. > | daryl@zaphod or neuro.UChicago.edu >==\*/========================================================================= julian@uhccux.uhcc.hawaii.edu uunet!ucsd!nosc!uhccux!julian julian@uhccux.bitnet "People who aren't amused don't talk."