On 16 Feb 00, at 10:40, David LeBlanc boldly uttered: > At 10:59 PM 2/15/00 -0800, Philip J. Koenig wrote: > > >You mean Mitnick? As far as I can see, the figures that were thrown > >around supposedly putting a price tag on the 'damage' he did were > >pure unfounded fantasy. > > That's what happens when you damage someone. All of a sudden, the worn out > car you'd sell for $1000 becomes a well-maintained collector's item worth > at least $5000. Trumping up your damages to make your loss appear bigger and the punishment higher is unethical. Judges routinely throw such drivel out of court. (except in hacking cases, it appears) > I agree with Marcus - once the vandals are caught, they ought to sue them > back into the stone age. It would be hard to argue with any credibility that Mitnick did much damage to his "victims". On the other hand, the damage and loss of business suffered by the major dot.com sites as a result of the recent DoS attacks is tangible and easily quantifiable. (if you assume those who wanted to buy something during the attack will never return and try again) There is of course the question of how much blame a site should take themselves by not being well-enough secured. The recent type of DoS attacks are hard to defend against. (or at least hard to track down the perpetrator) On the other hand, if you have buggy old sendmail or imap or ftp daemons on your system and they're open to the world, I have a hard time feeling sympathetic when you try to throw all the 12-year-olds in jail that are capable of exploiting you.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:04:16 PDT