serious, sarcasm-free questions for the group: if a shop owner catches someone stealing something from her store, should she have the right to destroy the tools of the thief's vocation? in other words, should we grant her the right to break his hands and legs? maybe even amputate them? less drastically and humanly injurious, should she have the right to drop a lit match into the thief's getaway car as a means of destroying it? justin justin kurynny manager of network engineering waggener edstrom, inc. * -----Original Message----- From: Christiansen, John (SEA) [mailto:JohnC@private] Sent: Thursday, June 19, 2003 11:42 AM To: 'Crispin Cowan' Cc: crime@private If the ISP is responsive and the rules of engagement say you don't escalate if the ISP is responsive, then hacking back isn't legit. But that doesn't suggest you should avoid figuring out what the rules should be - seems to me it suggests you should figure out the rules. We didn't have this one before, did we? But now we have a consensus on this point. So all we need to do is make sure sysadmins are appropriately responsive and the rules around escalation become moot. So, following this alternative branch, what are the rules for sysadmin responsiveness? In other words, when can I hold an ISP liable for failing to cut off hostile activity?
This archive was generated by hypermail 2b30 : Thu Jun 19 2003 - 12:45:20 PDT