Besides which, there is a reason that the law is complex, and there are so many legal concepts like "probable cause", and I'm certain there are plenty compelling arguments and precedent supporting why I wouldn't get busted for picking up a gun that was completely accessible to anyone on someone's front lawn. However, the counter-worm, is completely against all legal precedent. In order to convict someone of criminal activities, you need habeas corpus, i.e., evidence of a crime, and in the case of hacked machines running attacks, you'd probably have to prove intent, otherwise it's just negligence, and becomes a civil rather than criminal case most likely. Whereas if you release a fix-it worm, or manually hack in and patch someones system, you are guilty, and can even be shown to have intent to commit a crime, whereas a hapless system administrator whose box is hacked, doesn't have any intent to do harm. I realize that laws differ from country to country, but still, a counter-worm would be illegal in any country in which the worm itself was illegal, I would say. Finally, vuln-dev is not a legislative mailing list, so I never thought for one minute we should or were discussing the changing of laws, I simply thought we were discussing the pros and cons of worms that patch vulnerabilities, specifically the so called Code Green worm. Now, I don't think most people on this list are qualified to determine what laws should and shouldn't exist, I know I'm not. I am, however, qualified, as I suspect many on this list are, to speak about the technical, and common sense aspects of a IT security related issue. That does include whether or not it violates any laws that I am aware of. Also, I'm apparently qualified to get in a silly flame war over a childish idea that most people out grow at some point. Oh well. :> To sum up my opinion on this idea: 1. It would be illegal (generally considered a bad thing) in most places. 2. It has a potential for doing harm to systems. 3. It would work largely without any of the clueless people it is helping out's knowledge, and therefore they wouldn't learn anything. 4. It would still use up network traffic, and would in time be a problem in and of itself to get rid of. 5. it could provide a nice bit of background chatter to distract IDS & NIDS systems and folks, which could allow really malicious attacks to sneak in under it's signature "noise". 6. It sets a very bad precedent, that it is ok to ditch communication and cooperating, and just go fix someone else's system yourself... This carried to it's logical conclusion turns the community of network and system admins who control portions (however large or small) of the internet, from a mostly cooperative group, into a armed camp. There is no highest law on the internet, group cooperation and consensus are all we have. Rather democratic and friendly most of the time. I'd hate to see that change. Sincerely, John R. Morris P.S. Stanley, I know that what you said wasn't contrary to my opinion, I just picked your message to jump back on this thread. I agree with you, of course, this isn't about guns or children, and when was the last time someone vaccinated you without proper consent ??? Next they will drag out Nazis or Communists, and some sort of holocaust or other horrible thing, and compare our side to it. Ahh, just like the good old days on Usenet, before the great renaming... -----Original Message----- From: Stanley G. Bubrouski [mailto:stanat_private] Sent: Friday, September 07, 2001 2:21 PM To: David Schwartz Cc: jrmorris; 'Jay D. Dyson'; 'Vuln-Dev List' Subject: RE: CodeGreen beta release (idq-patcher/antiCodeRed/etc.) On Fri, 7 Sep 2001, David Schwartz wrote: > > > I can't believe anyone honestly considers a "counter-attack" worm the same > > as self-defense. Deadly force, or otherwise normally illegal amounts of > > force, is justified only in defense of your life, or the lives of others, > > your physical well-being, or the physical well-being of others. Defense is > > something done to prevent something from happening, retaliation > > is something > > done in response to a previous act. Furthermore, from what I gather, it's > > not even retaliatory, it's pre-emptive, being a automated worm like CR. In > > any case, it is illegal, and rather morally and ethically > > suspect. Releasing > > yet another worm that attempts unauthorized access to someone's > > machine, and > > then runs code on it is illegal. > > Say someone has left a loaded gun on their lawn, where anyone could pick it > up and shoot it at anything they chose. Is it morally justified to trespass > onto their property to remove and unload the gun? Do you have to wait until > you see a child nearby? Until a child picks up the gun? This isn't about guns and it's not about children. If someone uses a compromised system and does something destructive, it's in the hands of the infected user or his or her company to deal with it. It's not up to you or anyone else to decide what's best for other people's property. > > DS > Regards, Stan -- Stan Bubrouski stanat_private 23 Westmoreland Road, Hingham, MA 02043 Cell: (617) 835-3284
This archive was generated by hypermail 2b30 : Fri Sep 07 2001 - 16:05:47 PDT