Firewall Wizards mailing list archives
Re: Recent Attacks
From: "Philip J. Koenig" <pjklist () ekahuna com>
Date: Wed, 23 Feb 2000 01:53:42 -0800
On 20 Feb 00, at 16:47, Darren Reed boldly uttered:
In some email I received from Marcus J. Ranum, sie wrote: [...]There's always going to be a grey area in which legitimate tools can be abused. This almost exactly aligns with the gun debate - a long and tedious debate that I suggest we avoid in this list - but similarly to the gun debate, society at large (legally and through social pressure) defines what are "appropriate" tools and their appropriate uses. It is not appropriate for me to own heavy antitank weaponry; it is appropriate for me to own properly licensed hunting and target weapons. It is not appropriate for me to use those irresponsibly; it is appropriate for me to use them legally and carefully at a supervised range. If, for a second I cross the line into irresponsible use or inappropriate action, by threatening, endangering, or even merely making someone uncomfortable, I have exitted the grey area and entered into the wrong. This is a black and white issue, and police, judges, and juries, are quite capable of dealing with it. So it is with hackers.So are you suggesting that perhaps it is time software such as ISS, etc, to not only be made available with strict controls over which targets they can be used against (article about this went to bugtraq some time ago) but also be required for those buying the product/license keys in order to undertake such work ? I think this is almost a inevitable. I can't see why professionals would object to this - every `respectable' procession has some sort of official "badging" which is required before you practice in it.
That's all well and good in the old-time traditional, physical, geographical, political world of "meatspace", but I'm afraid the model fails horribly in cyberspace. It seems to me that the likelihood of enforcing such a "global standard for information security practictioners" is almost nil. You could do that within a single political entity (ie the US, or maybe even North America) but the troublemakers and fringe- sitters would end up making their bases offshore. (like various other deprecated 'net entities seem to have already done) (See how far you get trying to enforce copyright laws in China and Russia for just one example) Phil
Current thread:
- Re: Recent Attacks, (continued)
- Re: Recent Attacks Ryan Russell (Feb 23)
- Re: Recent Attacks Marcus J. Ranum (Feb 20)
- RE: Recent Attacks Chris Crozier (Feb 21)
- Re: Recent Attacks Claudio Telmon (Feb 24)
- Re: Recent Attacks Ryan Russell (Feb 21)
- Re: Recent Attacks Darren Reed (Feb 21)
- Re: Recent Attacks Michael Cassidy (Feb 23)
- Re: Recent Attacks Paul D. Robertson (Feb 21)
- Re: Recent Attacks Darren Reed (Feb 21)
- Re: Recent Attacks Paul D. Robertson (Feb 21)
- Re: Recent Attacks Philip J. Koenig (Feb 24)
- Message not available
- Re: Recent Attacks David LeBlanc (Feb 21)
- Re: Recent Attacks Barrett G. Lyon (Feb 17)
- RE: Recent Attacks Stephen Seal (Feb 17)
- RE: Recent Attacks Lance Spitzner (Feb 17)
- Re: Recent Attacks Frank L. Heidt (Feb 17)
- Re: Recent Attacks Iván Arce (Feb 17)
- Re: Recent Attacks Paul D. Robertson (Feb 19)