Information Security News mailing list archives
Re: Why I should have the right to kill a malicious process on your machine
From: InfoSec News <isn () c4i org>
Date: Sat, 18 Jan 2003 03:25:07 -0600 (CST)
Forwarded from: Robert G. Ferrell <rgferrell () direcway com> At 12:34 AM 1/17/03 -0600, you wrote:
If you find yourself asking what else can be done to stop these problems, one answer that comes to mind is simple. ISP's need to be more reactive to complaints about abuse on their network. Their customers already sign an agreement stating they will follow an Acceptable Use Policy. Every AUP I have seen covers malicious activity like you describe, and puts the liability on them. If your system attacks mine, be it from automated worm or not, and I report that activity to your ISP.. they need to kill your conneection until the problem is solved.
This is a complex problem, and certainly one that will benefit greatly from open discussion within not just the security community, but the Internet community at large. I think the fundamental issue here is a legal and philosophical, rather than technical, one, however. When you connect a machine to the Internet and therefore join the international online community, to what extent are you a private citizen and to what extent are you now a member of the Internet body politic? Do your rights to privacy and total control over your personal property change as a result of this membership? The answers to these questions will have ramifications far beyond simply "what shall we do about worms?" The p2p control controversy really covers the same ground. The problem is that, since no one entity actually oversees the Internet or polices it, mainly because no one entity has jurisdiction over a tool that has the potential to be used by every person on the planet, the variety of customs, traditions, and mind sets that are brought to bear on interpersonal relations in the Internet milieu is as broad as the variety of Human culture itself. What I see as perfectly right and moral, based on my upbringing and socially-imposed values system, may be completely abhorrent to you based on yours. Who's right in this situation? Moreover, how do we coexist without killing each other? (Literally or figuratively.) This isn't just about worms or illicit file sharing. This is about taking a step towards that One Planet/One Society concept that social idealists have been dreaming about for hundreds of years. Given the enormous amount of thought that has been devoted to the principles of Human interrelations during that time, it's no wonder we're experiencing a little friction trying to work out how the Internet is going to function. The Internet is one of the grandest social experiments ever attempted, and I for one give thanks every day of my life that I've been unbelievably fortunate enough to be in the right time and place to participate in it. It may be the single greatest opportunity we have to finally understand each other and get along. Well, you wanted rose-colored glasses. Here they are. ;-) Cheers, RGF Robert G. Ferrell rgferrell () direcway com - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Why I should have the right to kill a malicious process on your machine InfoSec News (Jan 15)
- <Possible follow-ups>
- RE: Why I should have the right to kill a malicious process on your machine InfoSec News (Jan 15)
- Re: Why I should have the right to kill a malicious process on your machine InfoSec News (Jan 16)
- Re: Why I should have the right to kill a malicious process on your machine InfoSec News (Jan 18)
- Re: Why I should have the right to kill a malicious process on your machine InfoSec News (Jan 18)
- Re: Why I should have the right to kill a malicious process on your machine InfoSec News (Jan 18)
- Re: Why I should have the right to kill a malicious process on your machine InfoSec News (Jan 18)
- Re: Why I should have the right to kill a malicious process on your machine InfoSec News (Jan 18)
- Re: Why I should have the right to kill a malicious process on your machine InfoSec News (Jan 20)
- Re: Why I should have the right to kill a malicious process on your machine InfoSec News (Jan 20)