----- Original Message ----- From: "Jimi Thompson" <jimitat_private> To: <incidentsat_private> Sent: Thursday, May 22, 2003 3:39 PM Subject: Re: A question for the list... > > My contention is that we should be litigating against the people who > are attacking our networks. Out with the notion that "they cannot > help it". When the patch has been out for year, and very few people > have applied it, something drastic needs to be changed. Companies > will not pay attention to and address this issue adequately until it > impacts their bottom line. When some high-up manager doesn't get his > usual fat bonus because his company had to pay out a large > settlement, things will start to change and rather quickly. > -- > Thanks, > > Ms. Jimi Thompson, CISSP, Rev. funny.. when i turn off my power my incoming attacks and attacking systems no longer exist... neither does the connection to the internet... IT CEASES TO EXIST AT THAT MOMENT , convict that. I imagine given the ability to run an OS in ramdisk without the need for any storage ( hence no logs / records ) on a laptop will quickly catch on with the blackhat elite. Very simple to impliment with nearly any OS booting from a cd or even a ramcard... oops, power off. I always thought it was the shopkeepers job to protect his store... stores in smalltown usa can get by with less frontline protection than can a site in an area like bighugecity usa, ie: bars on doors windows etc.. Where I live I have not locked my door to my house in 2 years, and I have never been broken into... 5miles down the road I pack bfg's , tripplepadlock any mailslot, and prepare for an onslaught of attacks, muggings.. etc. Do you lock your door? Do you protect your site? Defence is always a perspective, if mr storekeeper does not know about some device to enhance his security, is he at fault? Mabey he likes his old store and realy dont care, or he belives his odds of attack are low, mabey its a fake shop set up by the feds.. or its an experiment in business.. you can dream up any hypothisys you want, fact is its a computer, and connected to the internet.. a public marketplace with both nice neighborhods and treacherous streets. If your computer in your office fails before you save you 4 hours of work, are you suing Dell? I dont think so, all this liability against a voluntary HOBBY is crap. Take the net for what it is... it works now, it might not work tomorrow, if mr 3rdworld meglomaniac decides to EMP our asses where will your computer attack lawsuit be??? Wheres the blame?? GIVE IT A FREAKING REST ALREADY my 2bits... morning_wood http://exploitlabs.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2b30 : Fri May 23 2003 - 14:26:46 PDT