Re: [ISN] Italian Police Nab Hacker Group

From: InfoSec News (isnat_private)
Date: Thu Jan 17 2002 - 23:11:23 PST

  • Next message: InfoSec News: "Re: [ISN] Italian Police Nab Hacker Group"

    Forwarded from: Russell Coker <russellat_private>
    Cc: leonat_private
    
    On Thu, 17 Jan 2002 11:01, InfoSec News wrote:
    
    > Forwarded from: leon <leonat_private>
    >
    > I would like to say that anytime a website gets defaced there are
    > always monetary damages.  There are always qualitative damages
    > that are hard to put a dollar figure on.  If a customer goes to
    > the gap website and finds it defaced are they going to feel
    > comfortable doing business with them over the web?  Also the
    > webservers admin probably gets fired or reprimanded and some might
    > just not know how to secure their webservers.  Ignorance doesn't
    > beg or justify attack.
    
    If the system administrator gets fired then that would be great!  I
    think that most companies suffering security breaches should sack
    their administrators.
    
    Most security problems are caused by using ancient versions of
    software that is well known to be insecure.  If that is found to be
    the case then the person responsible should be sacked.  Also this
    should be published as an incentive for other administrators to do
    their job properly.
    
    Some people say that this is harsh on poor administrators who don't
    have time for security.  However I have never seen an administrator
    who truely lacked time, but I have seen many administrators who were
    too lazy to do their job properly.
    
    > The fact that these kids are going to get off with just a slap on
    > the wrist does not seem fair.  What do other people think?
    
    For the 15yo's it's fair.  For the adult members of the group, it's
    difficult to determine, the judge makes a sentence taking all factors
    into account - which is more than what gets reported in email.  If
    someone wanted to translate all the court documents into English and
    post them on the web (court results are generally public) then perhaps
    we could arrange a "trial by email".
    
    -- 
    http://www.coker.com.au/bonnie++/     Bonnie++ hard drive benchmark
    http://www.coker.com.au/postal/       Postal SMTP/POP benchmark
    http://www.coker.com.au/projects.html Projects I am working on
    http://www.coker.com.au/~russell/     My home page
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Fri Jan 18 2002 - 08:28:44 PST