The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #160 [spaf's (and other's) comments] (1 message, 1698 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/160.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: encore!pinocchio!bzs@talcott.harvard.edu (Barry Shein)
To: phage
Date: Mon 12:51:24 07/11/1988 EST
Subject: spaf's (and other's) comments
References: [Thread Prev: 106] [Thread Next: 163] [Message Prev: 110] [Message Next: 109]


You can reduce the problem to something like:

	SF=social freedom
	PS=punishment severity for abusing freedoms

and make a graph:

                        |PS
                    1   |   2
                        |
                --------+-------SF
                        |
                    4   |   3
                        |

Quadrants:

	1:	(Hi PS, Low SF)	Typical of totalitarian society
	2:	(Hi PS, Hi SF)	Typical of "liberal" moralistic society
	3:	(Low PS, Hi SF)	Typical of anarchical society
	4:	(Low PS, Low SF)Typical of "conservative" moralistic society

The assumption is that one wants to maximize social freedoms (eg. the
freedom to do research w/o a lot of checks and bureaucracy in the name
of preventing abuse) while still constraining people not to violate
the assumptions of fair play. That will probably require a good deal
of (threat of) punishment for abusing extensive freedoms
unfortunately, I don't see an easy way out of it, with rights come
responsibilities.

We see people grappling with this quandary in a lot of ways, such as
urine testing, an exercise in "pre-emptive justice" in an attempt to
somehow guarantee that people are not abusing their freedoms (?)
Based on the graph above it might make more sense to simply increase
the severity of, for example, causing harm due to intoxication on the
job.

As it relates to this worm thing my tendency is to want great freedoms
with the networks (as a community) but, to ensure we don't slip into
anarchy, demand severe punishment for abusing those freedoms.

Banishment certainly comes to mind (in general), the punishment is
that abusers will have to, either for a period of time or forever, be
denied access to the computer networks (this can gain teeth by DARPA
demanding this and possibly creating lists and punishments for
organizations who treat it flippantly.)

This of course would have to be an outcome of a court case and due
process and all that, but would be another tool in the judge and
juries' ability to enforce the law.  Subsequent violation (eg.
sneaking into the net anyhow) would of course then be punishable by
more traditional criminal means.

It's really not that different than getting caught in (true) medical
malpractice and losing your license. You abused your privilege to
participate in a professional community, you're out of the community.
Have fun flipping burgers or whatever for a while.

Our main problem is (and some say this is not a problem) that we have
no professional licensing, no real formal review or certification of
credentials and no process whereby someone's behavior can be examined
in a professional context.

And, !*SURPRISE*!, we're plagued, as a profession, with quacks and
other abuses. Beyond this particular issue it's nearly impossible to
stop someone good at obtaining political power from demanding
professional status, it's like having hospital administrators do brain
surgery if it amuses them or makes them feel like real doctors...

	-Barry Shein, ||Encore||

END OF DOCUMENT