lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <43afc760602212339qa0d9ee5tec9c30ff3319e706@mail.gmail.com>
Date: Wed, 22 Feb 2006 04:39:46 -0300
From: "Davi Anabuki" <anabuki@...il.com>
To: bugtraq@...urityfocus.com
Subject: Re: Vulnerabilites in new laws on computer hacking


My two cents on this subject...
(Dunno if it will be approved, but, nonetheless... =P)

There has been a lot of talk on this, about legislation, and
everything else. But I do believe that one of the aspects of
this discussion hasn't been raised yet.

Mainly its about why and how will security be kept if any
kind of ironclad legislation is created and enforced. For
example, let's say that every kind of trespasser is judged
and severely punished. What kind of behaviour would it
create as a global effect (I mean, not talking only about
the hacker and the hacked server)? Would it create some
kind of environment, where small server businesses would
just forget about security and prosecute every trespasser?
What would it be of every buffer overflow bug already found?
Would the really have been corrected, if any user of this
kind of bug had been prosecuted and punished? Nowadays
the average user installs some kind of packet filter, and
an anti-virus, but what if it had always been severely
punished? (Not that I do actually enjoy those scripts that
continuously try default passwords at my system, nor
believe that it should be done...)

I _DO_ believe that it should be illegal, for it is
without a doubt, a violation and/or a crime nonetheless,
and as such, it should be judged as any kind of trespassing,
with distinction to the damage done. But I do wonder what
kind of effect it would create if it was enforced with no
distinction in regard to the damage done... Would security
have as much attention as it is given now?

Like everything else in life, its secret lies on the equilibrium
between the opposites...

Just my two cents worth of thought... =P


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ