Re: Dynamic IP log retention = 0?

[Neil <kngspook () gmail com>]

On Sat, Mar 14, 2009 at 6:24 AM, Bill Bogstad <bogstad () pobox com> wrote:

> On Sat, Mar 14, 2009 at 4:12 AM, Neil <kngspook () gmail com> wrote:
> > On Wed, Mar 11, 2009 at 6:34 AM, Brett Charbeneau <brett () wrl org> wrote:
> >
> > .........
> > As William pointed out, it's the things that follow that determine whether
> > someone's being bad.  To flag port-scans might be responsible, but I think
> > pursuing legal action over it would be the exact opposite.  Wait until
> > someone demonstrates true maliciousness before trying to punish them,
> rather
> > than bringing the heat merely because they've demonstrated the potential
> for
> > maliciousness.
>
> In the physical world, this is the equivalent of 'casing the joint'.
> In most parts of the world, you can now get stopped/interrogated for
> simply taking pictures of the wrong buildings. (Even ones that in the
> past might have been considered tourist attractions.) Whether you
> think this is a good/bad thing, you shouldn't be surprised that people
> are similarly concerned about such behavior in the virtual world.

Getting stopped/interrogated for simply taking pictures of tourist-y, or
other, buildings is over-reacting as well, in my opinion.  (For nearly all
of them, there are already existing pictures of them; and once the Bad Guys
get wind that people are being stopped for taking pictures, they'll either
use already existing pictures, or go up and take them, get stopped, and
blend in with all the other innocent people taking pictures... Pointless,
unless someone's sitting on some magical Bad-Guy-Identifier that only works
in interrogations.)

And there's another name for 'casing the joint', it is 'looking around'.
Looking around generally isn't a crime.  Neither is casing a joint, for that
matter.  And like I suggested with port scanning, whether someone was
'looking around' or 'casing the joint' is really only determinable after
they've robbed the joint or not.  Before that point, you're almost stabbing
in the dark.



> > This is almost akin to attacking someone because they're carrying a gun:
> > sure, the gun gives them the potential to do bad things, but it often
> enough
> > is innocent. (Political agendas aside...)
>
> No, this is more like some unknown guy in a high-rise a mile a way
> pointing his laser sniper scope at people walking in the park.   They
> don't KNOW that he has a rifle attached to that scope.  Even if he
> does,
> they don't KNOW that he plans to use it.  Most people will never
> notice that little red dot in the middle of their chest.  If they do
> notice and report it, however, I can guarantee that a significant
> investigation will
> take place.

That's a bit questionable as well; the intention with a port scan is hardly
so well defined as you suggest.  And what if that little red dot is simply a
laser pointer?  I think I'd assume laser pointer before laser-aiming sniper,
following the "Don't attribute to malice what could be attributed to
stupidity instead" maxim or Occam's Razor...