The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #374 [gee Mr. Rogers, can you say "ironic"] (1 message, 858 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/374.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: sob@harvisr.harvard.edu (Scott Bradner)
To: phage
Date: Mon 23:00:42 20/03/1989 EST
Subject: gee Mr. Rogers, can you say "ironic"
References: [Thread Prev: 373] [Thread Next: 375] [Message Prev: 373] [Message Next: 375]


>Subject: Info about Worm solicited
>From: Gene Spafford <spaf@cs.purdue.edu>

>Greetings.

>As you may have heard, the Justice Dept. is conducting an investigation
>of the Morris Worm incident to determine what action to take (although
>members of the dept. will not {officially} admit to there being such an
>investigation).

>Mr. Mark Rasch, of the Fraud Division @ Justice, would like to hear from
>system admins who had machines infected.  In particular, he would like
>to hear:
	...
>He can be reached by e-mail @ <park@harvard.harvard.edu> or by phone @


It seems a bit ironic that a Fed asking for info about an "alleged"
computer security violation was made with the info to be sent to
an account "borrowed" from someone with a guest account on the
computer harvard.harvard.edu ( i.e. under a false name )

The owner of the account gave his ok I'm told, but the system
administrators on the computer knew nothing about their computer, one
that was set up for academic reasons, being used in a Justice Department
information gathering sweep.

On my computers I close accounts when I find that the users have shared
their passwords since I see it as a security problem.

Scott

END OF DOCUMENT