jlh@loral.UUCP (Physically Pffft) (11/08/88)
In article <367@execu.UUCP> dewey@execu.UUCP (Dewey Henize) writes: > >On the next area of consideration, who's gonna get hold of the bastard >that caused this and beat the shit out of him? Having a daddy that's a >supposedly high security muckety-much should, if anything, imply that the >[censored] should know a lot better... And its not like the law is gonna >do much, the isn't even a clear picture of what laws are broken by ruining >the days of hundreds or thousands of people.. > >What the hell, someone had to say that part. If you disagree, don't let >that stop you from thanking the GOOD folks. > I hate to sound like I encourage this sort of thing but I think the guy did a lot of people a hell of a favor. He was non-malicious in intent, but got zapped by a bug. What if he had been malicious and had released a better tested worm (oops, now maybe its a virus again)? Want your day ruined? Have the virus sit around until, say, the midnight before term papers are due. Then do a 'rm -rf * /' with root priviledges. He basically did what any intellegent and/or determined hacker could have done. Knowing people as I do I'd say it's more a matter of when and how, not if and how. Someone suggested that this virus be loosed upon the land on a monthly basis. I think there is a lot of merit to this type of thinking, at least system administrators would a) be aware that people will try to hack their systems, and b) educate them as to how their systems are vulnerable. Don't flame me as an anarcist, the idea in it's present form is unworkable. But it's something to think about. Jim -- Jim Harkins jlh@loral.cts.com may work. Loral Instrumentation, San Diego {ucbvax, ittvax!dcdwest, akgua, decvax, ihnp4}!ucsd!sdcc6!loral!jlh
sam@neoucom.UUCP (Scott A. Mason) (11/10/88)
Firstly, this is not necessarily a reply to this particular message, but a reply to all the netlanders who feel that this sort of activity is favorable in ANY way. >I hate to sound like I encourage this sort of thing but I think the guy did >a lot of people a hell of a favor. He was non-malicious in intent, but got ^^^^^^^^^^^^^^^^^^^^^^^ It seems as though a lot of people have been saying this. This isn't holding water with me. This program WAS mailicious and had to be designed with this in mind. How else would it have been so well coded to do what it did!? >zapped by a bug. What if he had been malicious and had released a better >tested worm (oops, now maybe its a virus again)? Want your day ruined? >Have the virus sit around until, say, the midnight before term papers are Perhaps you didn't consider the fact that some computers are used for other things than education. In the business world, time is money, and CPU time costs money. In any case, it is a resource which was maliciously wasted by the Internet worm. Try telling the CEO of Big Corp (ficticious corporation used here for analogy) that your annual report is late because the computer was brought to its knees by a non-malicious worm. He would not be impressed. A worm is a worm is a worm! >Someone suggested that this virus be loosed upon the land on a monthly >basis. I think there is a lot of merit to this type of thinking, at least Yes, I also heard someone say that "chaos is good." :) >system administrators would a) be aware that people will try to hack >their systems, and b) educate them as to how their systems are vulnerable. It is the programmers' responsibility to consider all possible avenues that his program might take. Good programs don't do bad things. The system administrator should also be concerned with the security of his system, regardless. He need not be burdened with extra effort involved with this chaotic type of thinking. -------------------------------------------------------------------------------- "If it ain't broke, don't fix it," and certainly don't blame me. Oh, by the way, my opinions are my own, so don't blame them either. UUCP: {pitt, scooter, hal, cwjcc}!neoucom!sam INTERNET: sam@neoucom.UUCP Scott A. Mason Coordinator of Systems Operations, NEOUCOM