lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: avalon at caligula.anu.edu.au (Darren Reed)
Subject: USDOJ BRAINWASHING TECHNIQUES

In some mail from sockz loves you, sie said:
> 
> From: Darren Reed <avalon@...igula.anu.edu.au>
> Date: Wed, 11 Jun 2003 12:05:07 +1000 (Australia/ACT) 
> To: dotslash@...soft.com (KF)
> Subject: Re: [Full-Disclosure] USDOJ BRAINWASHING TECHNIQUES
> 
> > 1.
> > Hacking *IS* bad and if children for some reason think it is cool
> > then they need to be educated so that they understand it is NOT.
> > There is no two ways about it.  At the small end of the scale, I
> > don't even view unauthorised port scanning as morally acceptable
> > (even if the courts don't find it illegal), never mind actually
> > breaking into one.  It is an invasion of privacy, no two ways about
> > it.  The presence of software bugs is not an excuse to exploit them.
> 
> wow thats really sad.  i'm sorry you feel that way darren :*(
> "It is an invasion of privacy" wow, and this is so rare these days too.
> tell me, darren, how do you think the DOJ finds out shit about hackers?
> they invade the privacy of their targets.  how do journalists find out
> about movie stars fucking politicians.  they invade privacy.  there is
> no privacy, darren.  there never has been.  it is only an illusion.
> 
> you mention morals and hacking.  what morals?  hacking is about as
> immoral as speeding down a freeway.  i have more moral issues with
> taking dying pets to the vet to be put down than i do with destroying
> someone's system.  people these days just dont give a fuck about anyone
> else.  the DOJ doesn't care about your feelings either, which is why
> they're trying to influence children to make their own job easier in
> the future.

I think you summed it up correctly - people these days don't care
about others and a case in point, a hacker breaking in to someone
else's computer system is showing deliberate disrespect and lack
of thought for the owner.  Educating children to understand that
hacking is invasive, disrespectual and damaging cannot, therefore,
be a bad thing.  I fail to see why you would want to pick on the
DOJ for trying to make their own job easier, surely this kind
of vision is worthy of congratulations.  Well, maybe not if you
consider yourself to be other than a 'white hat'.

Hacking into systems on an unauthorised basis is not OK, no matter
how "just" the cause or "curious" the intruder.

> > 2.
> > Secure progamming is something that needs to be taught at a level
> > that is appropriate and that is definately not primary school or
> > maybe even grade school.  The problem is children who think they
> > can program teach themselves bad habits and these bad habits do
> > not get corrected later as they go on to become professional
> > programmers.  Regardless of talent, you should not be allowed to
> > develop commercial applications as a programmer unless you have
> > been properly schooled and thereafter stay current.  That aside,
> > security bugs can be much more than just a buffer overflow.  What
> > is really being said here is that software is not tested/evaluated
> > to a high enough standard before being sold/shipped - this includes
> > open source products.
> 
> The highest sounds are hardest to hear.
> Going forward is a way to retreat.
> Great talent shows itself late in life.
> Even a perfect program still has bugs. 
>
> it is the principle of yin and yang, darren.  it applies to everything.
> there is no such thing as perfect coding.  just very ugly and less ugly.

I think you misunderstood what I said to imply that the code must be
perfect whereas it shhould be that the behaviour of the program that
is of concern, not the code.

> i say the DOJ should stop giving Quentin shit and start rewarding his
> genius.  let his skills in information retrieval grow so that one day
> he can flourish in a promising career as an industrial spy, a terrorist,
> or perhaps even working with the DOD or CIA to spy on people in rival
> nations.  this is where Quentin will be able to make some real money.
> much more than he ever would as a simple-minded morally-challenged
> perfectionist programmer.

Ok, I can recognise that part as attempted humour.

Cheers,
Darren

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ