well put, Crispin. to draw an analogy, the Israelis and Palestinians show us how well the "hack back" or "attack back" approach works. those who are not directly involved in the conflict, i.e., innocents and civilians, take the heaviest casualties. the divisions between parties grow, anger feeds an ever growing anger, the problem sickens and festers, and the engagement results in stalemate with enormous costs to both sides. it's amazing how authority (at any level, public and private) tells us not to hit back when we're hit (anyone here remember preschool?), but we nationally set the opposite example with policies like this. it's easier to react than proact, apparently; unfortunately the costs are much greater. so let's continue this tirade, shut down some more schools and choke our kids just a little more. let's give our public educators a pay cut. let's cut funding for communities and parks and libraries. let's build some more prisons, raise the DHS alert level permanently to orange, and install some more expensive and ineffective security measures in airports. maybe with biometrics and a profile on every one of the world's inhabitants we'll really drive fear into the minds of would-be criminals and we'll defeat crime forever. let's all just go on and continue believing that attacking the symptoms will cure the problem. let's start a Fear Fund. we'll criminalize the brown people and then we'll move on to the satan-worshipping white suburban teenagers with nothing to do except gun down a crowded high school cafeteria. then maybe we'll have time to get all those insolent copyright infringers. so yeah, let's hack back. great idea. justin justin kurynny manager of network engineering waggener edstrom, inc. Notice Of Copyright: This content in this email is copyright (c) 2003 by Justin Kurynny. it may not be copied in part or in whole for any purpose. In fact, it may not even be read because reading could lead to retention, which is a biological copy of this material. If I reasonably believe that you are in violation of this copyright, your computer's bootstrap will spontaneously melt down. You will also be put on a mandatory prescription of rophynol if I deem it appropriate. * -----Original Message----- From: Crispin Cowan [mailto:crispin@private] Sent: Wednesday, June 18, 2003 11:43 PM To: Christiansen, John (SEA) Cc: 'Dorning, Kevin E - DI-3'; crime@private Christiansen, John (SEA) wrote: >I don't think this is funny at all. I have actually been doing some >theoretical work on active defense (or "hack back") as a potentially >legitimate response to some kinds of network-based threats. While I am >not convinced it is necessarily proper (and am also not convinced it is >necessarily improper, either), it is very clear it would need to be >undertaken carefully, with a high degree of reliability in target >identification and proportionality of response to risk, where other >recourse is not reasonably possible. This kind of statement at best >reflects a lack of thought about or insight into the issues, and at >worst may be taken by irresponsible intellectual property claimants (or >wannabes) as a license to do what they want. > Uh, oookaaayyy .... sounds to me like you haven't thought about this very much. Attacks are almost *always* launched from a computer belonging to an innocent 3rd party, who just happened to have been cracked before you were. So if you "hack back", you almost certainly are committing an offense against an innocent party who has already been victimized by the attacker. To be fair, John did say "with a high degree of reliability in target identification." But that's problematic: with an attack coming from a remote machine, where you have no access, and the legitimate owner is very likely both inattentive and clueless, just how is it that you might reliably establish identity? So if you do the risk analysis, "hack back" is almost *always* the wrong thing to do. Crispin -- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ Chief Scientist, Immunix http://immunix.com http://www.immunix.com/shop/
This archive was generated by hypermail 2b30 : Thu Jun 19 2003 - 09:10:32 PDT