Full Disclosure mailing list archives
Re: Security industry software license
From: "Joel Helgeson" <joel () helgeson com>
Date: Mon, 1 Dec 2008 12:50:56 -0600
I agree - the biggest BS term in existence is the term "Cyberterror". If my web server crashes, is it the result of a Jihadist? Do I care? There is no such thing as a cyberterrorist. Need proof? Answer me this: If a militant Jihadist takes down the US Power Grid via a "Cyber Attack", will he get his 72 virgins on MySpace? This is based on the assumption that one could find 72 Virgins on MySpace, and those claiming to be so are not pederasts themselves or FBI agents... nevertheless. Look at the methodology behind the Militant Salafic Jihadist movement; it is kill or convert in order to attain the highest order of glory in heaven. There is no caveat in place for crashing servers. The motivation behind a Jihadi hacker and a punk criminal hacker is exactly the same, to either cause malicious harm - because they can - or to gain money. End of issue. ----- Original Message ----- From: "Some Guy Posting To Full Disclosure" <fd.leach () googlemail com> To: <full-disclosure () lists grok org uk> Sent: Saturday, November 29, 2008 7:07 PM Subject: Re: [Full-disclosure] Security industry software license
Just to summarise what's been said and what I think so we can get back on topic, and conclude something: No-one hacks using metasploit! Go back to 2003. Terrorists with metasploit! What to you have a picture in your head of Mr. Jihad Bigbeard using metasploit to shutdown a powergrid? Reasons Why It's Hard to archive: - It violates freedom. - It's hard to enforce without: invading privacy, expending too much money/resources. - Most writers of these tools won't want to have to do this (most writers of security tools are hackers, you-know: back orifice, pinch, exploit kits, phising kits, malware creation kits, the entire contents of milworm, bots, THCs Hydra... it goes on. - Geographical constraints. All governments doing the exact same thing at the same time? Or one organisation forcing it onto the net (with no power to put people in jail or anything). - You cant/shouldn't moderate the internet. Reasons Why It's Pointlessly ineffective: - Piratebay. - People writing tools intended for hackers. - The massive number of tools that you'd have to moderate to be effective. - If not everything is a dangerous security tool then it's reduced in effectiveness. - Most big hacks you see don't take many tools. Like a big database being dumped with a browser/scripts. - You don't solve the problem, at all. Maybe reduce it a little. Reasons Why It Wouldn't Happen: - Most developed western governments like to keep they're 1984 "I'm watching you" crap behind the curtains. - Most governments only do these things because something bad happened and they have to make up a law to cover their asses, or something bigger than your rapidshare passes is at stake. - I'd protest - I'd go to my countries(UK) capital and march in protest! Reasons Why It Sucks: - It violates freedom (programs are intellectual property - you can't do that kind of thing to them and call it nice). - It would ruin the internet and break a load of enthusiastic geeks' harts. - It would force the underground hackers deeper underground. - It would discourage security professionals. Pointless things that people mentioned that made them look like a child in front of a shit load of subscribers: - Personal comments. - Attacks at the way someone writes something instead of what they write about. Questions for to think about/answer: - Would you deserve a license. Really? (me: NO!) - Would you wish you had one. (me; yeh!) - How many of the tools that'd be outlawed have you already written an equivalent of? (me: loads). - If you had to outlaw things, would you outlaw tor? (me: I don't wanna!) It's a silly idea. Final Question: - Are we finished? Is it over? Is it established that it's a bad idea now? -- I'm your best best friend. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Security industry software license Joel Helgeson (Dec 01)
- Re: Security industry software license Mike C (Dec 02)
- Re: Security industry software license Joel Helgeson (Dec 02)
- Re: Security industry software license Ureleet (Dec 02)
- Message not available
- Re: Security industry software license j-f sentier (Dec 02)
- Re: Security industry software license Mike C (Dec 02)
- <Possible follow-ups>
- Re: Security industry software license Valdis . Kletnieks (Dec 02)