I agree and disagree with Ryan's comments ... (and like Steve and mjr's in general :-) I disagree with the: >intelligent thought into what the damages really were. I still say the >attacker couldn't have done 1.2B in damages, and that's the "crucifixtion" >dollar amount. " I agree with the: >If someone decides that mapping out the Internet to produce nice-looking >graphs constitutes a criminal port-scanning attack, you would want to have >someone force the prosecutors to name reasonable damages, right? You >wouldn't want some idiot fed saying "This guy attacked every single >machine on the Internet for severl years, and caused trillions in >damages." Having spent a very small amount of time in DC with attorneys/etc on a "hacking case" -- I am impressed with how far they go to _really_ try to understand what happened and its impact. Real damages or not ... people are people. We want to set examples to deter, we want to summararily execute criminals we "know" are guilty, and we let OJ free to golf his remaining days away. I think MJR is right -- there are a _lot_ of folks getting _very_ tired of the abuses and, on the other side, the lack of security fundamentals when it comes to many sites. - joe [begin ramblings] This is the 2nd time in the past few days that Steve mentioned "time = money". I'm starting to think that some folks don't quite understand that there is _serious_ money involved. (Clearly, this must be the case - since he had to send it twice :-) Time is not some intagible thing -- where Joe Blow missed his trade for 1000 shares of Cisco (damn, lost $5000 / $10000 / $100000). Joe Blow feels the tangible loss. If you could, for example, delay the reporting of NAV prices for a mutual fund then you could cost that company $millions in SEC fines + the reputational loss. Is $1.2B in damages fair - could be. ... and there are large financial services companies using the Internet for gathering pricing information (currently: this is their secondary channel, they still have leased lines for primary). [end ramblings] -joe > -----Original Message----- > From: owner-firewall-wizardsat_private > [mailto:owner-firewall-wizardsat_private]On Behalf Of Steven M. > Bellovin > Sent: Friday, February 18, 2000 2:57 PM > To: Ryan Russell > Cc: Marcus J. Ranum; Philip J. Koenig; firewall-wizardsat_private > Subject: Re: Recent Attacks > > > In message > <Pine.GSO.4.10.10002172007460.4305-100000at_private>, Ry > an Russell writes: > > > > >Hang on now, that's too easy an example. I'm not THAT > >lenient. What I'm saying is that if Amazon normally > >does 1M$/day, and on the day od the DDoS attacks, > >they only do 800K$... but then do 1.2M$ the next day.. > >were there damages beyond investigative costs? > > > And E-trade, where *timing* matters a lot to their customers? > > --Steve Bellovin > >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:05:41 PDT