Xref: utzoo comp.unix.wizards:12350 news.sysadmin:1403 Path: utzoo!attcan!uunet!husc6!encore!bzs@encore.com From: bzs@encore.com (Barry Shein) Newsgroups: comp.unix.wizards,news.sysadmin Subject: Re: The Internet Virus--A Commentary Message-ID: <4176@encore.UUCP> Date: 12 Nov 88 19:36:30 GMT References: <1460@ucsfcca.ucsf.edu. <236@bigbroth.UUCP. <5365@medusa.cs.purdue.edu. <654@optilink.UUCP> Sender: news@husc6.harvard.edu Reply-To: bzs@encore.com (Barry Shein) Followup-To: comp.unix.wizards Organization: Encore Computer Corp Lines: 85 In-reply-to: cramer@optilink.UUCP (Clayton Cramer) >So tell me: how will a *class* in ethics make someone more responsible >and concerned about right and wrong? I don't think I've ever seen a >person become responsible or moral as a result of a class -- this seems >to be a set of values kids acquire (or don't acquire) pretty young. >-- >Clayton E. Cramer You're missing the point. The intention is not to mend the broken, the intention is to try to get a bunch of mostly young people in a room once and try to convince them not to do some of these things. Part of the method would be: a) Convincing them that *most* of the obnoxious things they are going to think up are not clever and have been tried before. Making them memorize a long list of pranks might really dampen the adolescent enthusiasm that they've thought up something clever. NOTE: I DO NOT THINK WHAT RTM (ALLEGEDLY) DID WAS CLEVER, it was stupid and obvious, all of it. b) Informing them of the possible outcome of their behavior, if they must, is useful. I wish I had a nickel for every kid who said "gee, it was *only* a joke". F**K YOU! That's not a JOKE! YOU WANT A JOKE, HERE'S A JOKE!..."rm -rf ~yourname" HA HA HA, now go away... Someone has to say at least once that files are property and represent people's work, that the support staff's time is valuable and is as amused at your horsing around as your typical chemical lab TA is amused at you throwing reagants about the room. AND, that there could very well be legal implications of your actions beyond our control, what they are, and what results you might expect (eg. if you break into someone else's private files and they decide to press charges or sue you may very well be up the proverbial creek if the evidence is there, and it has *nothing* to do with local policy, sorry.) c) Finally, what is expected of people on public networks, beyond "the obvious". Things like which ones frown on commercialism (an error I've seen new users make innocently trying to help a friend make a buck.) The whole problem here is ignorance. If given the information they still choose to ignore it (and hopefully there will be less such problems as at least some will be convinced, even if only of the detectability of their acts and consequences) well you did the best you could. At least you did *something* which probably helped somewhat. Actually, I'd go one step further and require a course like the above and certification of completion as a minimum requirement to obtain access to a computer attached, even indirectly, to a public network. Failure to obey this could result in an institution's loss of access to networks and quite possibly denial of contracts from research agencies, at least as a second-order effect. Failure by the individual (at any point in his/her career) could result in revocation of his/her certification and consequent loss of ability to earn a living or an education (etc) in this field (after due process) and permanent notation of the facts of the case available for security or employment review (maybe, I'd be glad to hear arguments about the accessibility issue tho it's not critical.) Seems better than facing 20 years in prison and other lynch-mob stuff the public will dream up, allows professionals to have an effective hand in reviewing infractions rather than going immediately to the public courts where there's no requirement that the judge or jury have any understanding of the details of the infraction and provides an effective and direct method of punishment for those who are found guilty, loss of livelihood in this field. Of course further criminal and economic liabilities are possible, but at least there is a first line of action. -Barry Shein, ||Encore|| P.S. This is an argument for absolute minimal and mostly ethical competence, not for actual competence in the field which I will agree is a whole other can o' worms. Think of it more like a driver's or ham radio operator's license than a professional certification of competence. Proof that you might know actions and consequences relating to misuse of shared computing facilities and the opportunity to lose access.