Thank god, a voice of reason. It's shocking how blind the rightous of anything can be. All these analogies and not one approximates what the Net actually is or appropiate usage, we, as a community, are defining it now. -A On Fri, 18 Feb 2000, Ryan Russell wrote: > > > On Fri, 18 Feb 2000, David LeBlanc wrote: > > It is all a matter of usage. If I use a hammer to build a building, I get > > paid. If I use it to smash windshields, I get thrown in jail. There isn't > > any law against checking security of your own systems. There is a law > > against breaking into other people's systems. At least ISS made a good > > faith effort to keep the Scanner's licensing such that it at least slowed > > the crackers down for a while before they could use it. That's more than I > > can say for several other auditing tool vendors. > > Then you think Mixter doesn't deserve punishment, or he does and ISS > doesn't because IS is a "good" tool? A few other folks say Mixter > deserves ...well, something.. they're not specific. We don't even know > for sure his stuff was used. We also don't know the attacker didn't use > IS to break into the zombie systems. I've used IS to break into other > people's systems. It works real well. > > > > > This really has nothing to do that I can see with the current discussion. > > If you advocate harsh penalties for malicious "hackers", and then you > happen to get classified as one due to some idiotic legal wording, where > does that leave you? My example is an attempt to personalize the > situation for the readers of this list. > > > > > >How about releasing the "firewall" toolkit full of holes? > > > > I have no idea what you're talking about. fwtk? ISS' 'firewall scanner' > > stuff? > > That's a poke at marcus. > > > > > >$100M > > >each? > > > > I hope you're joking. If so, you should have put <g> liberally. > > > > It should be obvious that I wouldn't seriously advocate an action against > people who release tools of any sort, buggy or otherwise. > > However, say it was discovered that the attackers were using ISS's > Internet Scanner. Let's say the feds get away with nailing him with 1.2B > or more in damages. Wouldn't that leave a nice path open for suits > against Mixter and ISS? Wouldn't 10% of the damages (or a little less) be > a reasonable amount to nail them with? Especially ISS who actually has > the money? > > Be careful about advocating huge amounts of damages, especially if you > work in the security industry. There are a lot of scary laws up for vote > right now, and not a lot of sympathy for anyone who wants to use the title > "hacker" for anything. > > Ryan > >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:05:58 PDT