The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #163 [spaf's (and other's) comments] (1 message, 1238 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/163.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: encore!pinocchio!bzs@talcott.harvard.edu (Barry Shein)
To: phage
Date: Tue 12:47:52 08/11/1988 EST
Subject: spaf's (and other's) comments
References: [Thread Prev: 160] [Thread Next: 221] [Message Prev: 408] [Message Next: 164]


Urgh, I realize that note with the graph was a bit verbose and no one
probably read it, here it is in a shorter and more to the point form:

Do we need to police ourselves and set up professional accreditation
agencies which have clout with granting and other customer
organizations?

Why? Because if we don't police ourselves you can be sure others will
do it for us.

We have no way of officially giving folks like DARPA assurance that
anything has been done to prevent such break-ins in the future or that
a means of dealing with them has been established.

--------------------
For example:

Level 0 Information Services License:

Requirements: Read a document on the meaning and ethical
responsibilities of working with shared computer facilities.
Answer a short exam to prove you understood it.

Without a Level 0 certification you can't touch a shared facility,
including university and research facilities, if there's a chance it
might disrupt govt or other society member work.

Organizations violating this and giving access to people without Level
0 certification may lose their ability to participate in govt and
other contract work.

A member will lose Level 0 certification when a Review Panel finds him
or her guilty of ignoring or violating its requirements.
--------------------

I realize the frontier was a lot of fun and everyone feels threatened
by actually having to qualify at, say, the level of technical
competence of your average auto driver before taking primary
responsibility for the design and implementation of software for
nuclear weapons launch systems but golly-gee.

Besides, if we don't do it someone will do it for us. Guaranteed, and
guaranteed you'll *really* hate what they come up with!

Wouldn't RTM probably have been at least investigated a couple of
times and possibly given some serious warnings before all this
happened?

	-Barry Shein, ||Encore||

END OF DOCUMENT