ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #232 [spaf's (and other's) comments] (1 message, 1955 bytes)
NOTICE: securitydigest.org recognises the rights of all third-party works.
START OF DOCUMENT
From: firstname.lastname@example.org (Barry Shein)
Date: Thu 14:27:14 10/11/1988 EST
Subject: spaf's (and other's) comments
References: [Thread Prev: 221] [Thread Next: 126] [Message Prev: 230] [Message Next: 234]
From: Gene Spafford <email@example.com> >Consider: > * passing a test or completing a course does not show > competency I was arguing primarily for the equivalent of a Ham radio operator's license, to prove that one might understand the laws, responsibilities and reasonable codes of conduct involved, and perhaps that they're not so untrained/stupid that they're likely to hurt others if let near a computer, including a question or two about basic shock hazard or shuffling along the carpet and then hugging your IMP. Perhaps once in one's life a person should read something that tried to convince him/her/it that most hacking around with systems is neither funny nor original nor likely to gain you fame and fortune (outside of, perhaps, a few adolescent friends) and explained the value of data, people's time etc. Something a freshman could pass after an evening or two's study, that's all. More important, it means it can be taken away (after a STANDARDIZED due process), from anyone, and no more access to shared facilities, thus go flip burgers for a living. It would of course be a serious offense, something like Morris was accused of, and would normally (one would assume) be for some period of time. I was aware of the broader issues with competency licensing and even addressed them, you're arguing with a straw man here. > * other professions with certifications do not exhibit a more > exemplary level of behavior, as shown in many studies But they do have some method of dealing with serious problems, decertification etc. > * state and federal laws might then come into play for > licensing in various locales, and this is also unlikely > to be beneficial I thought FBI/NCSC/NSA just called you? That's the whole POINT*, the f*cking state and federal laws are in there duking away already trying to establish codes of conduct and appropriate punishment etc. This is almost humorous, am I being subtle? Are we having fun yet? >Perhaps the most telling point is that once there is a licensing >body and a license to be held (or certificate or whatever), we >are much more likely to be liable for suits of malpractice because >we will have a defined profession! The current lack of formal >specifications and licensing is actually a form of protection. Right, now in order to avoid paying malpractice insurance (which likely wouldn't be terribly high and would be passed on anyhow, something people who take responsibility *deserve*) you just get to face 20-year prison sentences and other imaginative punishments for your errors/stupidity/etc. I'm not convinced that some level of professional organization and at least minimal competency etc would be such a bad thing, say as much as we require for a driver's license. I'm sure there were MD's who gave the same exact arguments until they realized it was better to get sued for malpractice or decertification and deal with that rather than getting lynched by some local mob for what might have been an honest error. And to have an organization who's responsibility is to police professional ethics, of by and for professionals. It ain't perfect, no sir, but the alternative (law enforcement agencies being the sole investigatory etc. agencies) *really* sucks! Think about it again. -Barry Shein, ||Encore|| * Excited, not angry.
END OF DOCUMENT
|ISSN 1742-948X 01 (Online) | 2005/03/01 | Copyright 2002-2008 securitydigest.org. All rights reserved.|