Re: Recent Attacks

[Darren Reed <darrenr () reed wattle id au>]

In some email I received from Marcus J. Ranum, sie wrote:
[...]
>          There's always going to be a grey area in which legitimate
> tools can be abused. This almost exactly aligns with the gun debate -
> a long and tedious debate that I suggest we avoid in this list - but
> similarly to the gun debate, society at large (legally and through
> social pressure) defines what are "appropriate" tools and their
> appropriate uses. It is not appropriate for me to own heavy
> antitank weaponry; it is appropriate for me to own properly licensed
> hunting and target weapons. It is not appropriate for me to use those
> irresponsibly; it is appropriate for me to use them legally and
> carefully at a supervised range. If, for a second I cross the line into
> irresponsible use or inappropriate action, by threatening, endangering,
> or even merely making someone uncomfortable, I have exitted the
> grey area and entered into the wrong. This is a black and white
> issue, and police, judges, and juries, are quite capable of
> dealing with it. So it is with hackers.

So are you suggesting that perhaps it is time software such as ISS, etc,
to not only be made available with strict controls over which targets
they can be used against (article about this went to bugtraq some time
ago) but also be required for those buying the product/license keys
in order to undertake such work ?  I think this is almost a inevitable.
I can't see why professionals would object to this - every `respectable'
procession has some sort of official "badging" which is required before
you practice in it.

I'd go so far to say that if Joe Bloggs from the back blocks of Kansas
bought ISS (who knows why) and got a license get for, say, 208.196.*
and loaded it up on their new internet PC, you'd be about as happy as
someone walking outside that grey area with a weapon in your personal
space.  (Well, ok, you probably pay someone who'd be upset about ISS
being used like that, rather than you :-)

Darren