The 'Security Digest' Archives (TM)

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #326 [An explanation] (1 message, 998 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/326.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: Gene Spafford <spaf>
To: phage
Date: Mon 10:29:47 05/12/1988 EST
Subject: An explanation
References: [Thread Prev: 325] [Thread Next: 327] [Message Prev: 328] [Message Next: 327]

Somebody on this list has taken me to task about by suggestion of a lawsuit.
His comments indicate that he thinks I am suggesting this as some form
of vengence suit.  That is not the case by any means.

I don't want him sued if he takes a job hacking C or Cobol someplace.
That would be cruel and unnecessary.  In fact, hacking Cobol would be
cruel in and of itself :-)

However, if someone hires RTM at $90K as a "security consultant" simply
on the strength of this episode, *that* would piss me off and that is
what we should be going after.  That, and the possibility that ABC or
CBS offering him $200K for the movie rights or Bantam Books giving him
a $100K advance on his biography.
 
I don't want the guy crucified -- I just don't want him making big
bucks off a case of vandalism.  I'm not after vengence, but I sure as
hell don't want anyone else to say "Gee, this looks like a great
way to get a high-paying job."

In our society, the courts are the ones that decide punishment.  I'm glad,
because I have no idea what I'd recommend in this case.  The guy is
bright and exercised bad judgement.  That shouldn't mean he should be
locked up with hardened criminals or prevented from ever working in computers.
It does mean that he should be punished in some meaningful way that helps
him see the error of his ways and that sends a clear message to anyone else
thinking of the same thing.

I hope that clarifies my intent.  I'm not the nasty SOB that some people
might think (well, usually I'm not :-).

--spaf

END OF DOCUMENT