lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: pauls at utdallas.edu (Paul Schmehl)
Subject: Authorities eye MSBlaster suspect

--On Friday, August 29, 2003 3:43 PM -0700 Anthony Saffer 
<anthony@...ferconsulting.com> wrote:
>
> Sorry for just jumping in here but I couldn't resist. Certainly, you have
> to admit that there is a such thing as shared responsibility and
> contributory negligence. Even the law recognizes these things. Sure, it's
> the coders fault for creating and releasing the worm but the
> administrators do bear SOME responsibility for not being proactive and
> patching their systems. There have been cases of patches being available
> for 6 months to a year and a worm coming along and cleaning house. How
> can anyone say that the admin isn't partially responsible?

Absolutely the admins are at least partly responsible for the damage caused 
to their own systems (and I would argue the greater the time since a patch 
was released the more responsibility they bear) and for damage they cause 
to other systems.  But for the worm itself?  Absolutely not.

> Sure, in a
> perfect world, we wouldn't have to worry about patching our systems and
> all would be well. But we don't live in a perfect world and every
> computer admin should know how to patch his system. If he/she doesn't
> then they shouldn't have their job. There is, after all, a such thing as
> preventative action.
>
In a perfect world, admins would get to implement the practices they know 
to be best for their organization.  We don't live in a perfect world. 
Oftentimes admins' hands are tied by the decision makers who control the 
purse strings.

We still have infected hosts in the student apartments.  Would you blame 
the admins for that?  By law they are not allowed to support the students' 
personal computers.  The best they can do is deny them network access until 
they're fixed.  So the damage is limited to our network and doesn't go out 
to the world.  Yet you would have them fired for incompetence.  The admins 
know exactly what to do to protect a system.  In this case they aren't 
allowed to do it.

Yet, if the worm writer hadn't released the worm, the problem wouldn't even 
exist, would it?

Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ