|
|
ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #078 [Re: virus litigation] (1 message, 654 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/078.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.
START OF DOCUMENT
From: comer (Douglas Comer)
To: phage
Date: Sun 07:59:21 06/11/1988 EST
Subject: Re: virus litigation
References:
[Thread Prev: 077]
[Thread Next: 090]
[Message Prev: 075]
[Message Next: 079]
My response, briefly: 1) This is a problem with an implementation of UNIX. It is *not* an Internet problem. 2) The proper way to report security problems is to contact the appropriate authorities, not to exploit the holes. (a person isn't innocent of bank robbery just because he tells the judge, "I didn't really use the money -- I just wanted to show how bad the locks were.") 3) Using just rsh and cracking passwords, one could infiltrate almost all machines at Purdue and at least three other sites, and we certainly do *not* want to turn off rsh. So let's not argue that all "holes" that this program exploits are an invitation for misuse (an analogy: even if I leave my office door open, ransacking my office is still unethical/illegal. Doug
END OF DOCUMENT
ISSN 1742-948X 01 (Online) | 2005/03/01 | Copyright 2002-2008 securitydigest.org. All rights reserved. |