[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BAEMIKJOJAMDHAEKBHEPKEGJCGAA.nelson-brito@ig.com.br>
From: nelson-brito at ig.com.br (Nelson)
Subject: CERT Employee Gets Owned
I disagree, pedophilia is about security, because we have to know how the users
are using the network. It's about Security Policy.
Imagine what can happen if FBI find naked kids' pictures in one of your
company's computer.
> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of henry j.
> mason
> Sent: Tuesday, August 26, 2003 10:06 AM
> To: full-disclosure@...ts.netsys.com
> Subject: Re: [Full-Disclosure] CERT Employee Gets Owned
>
>
> i was going to reply off the list, to cut down the nonsense,
> but i'm going to address the issue of morality and it's
> relevance to computer security, and then i'm going to shut
> up. and, for the record, i think the original post *was* OT.
>
> pedophilia has NOTHING to do with security. it's a morality
> issue... what if the person accused was guilty of fraud,
> extortion, or tax evasion? we don't know if he was, but
> would that put his past work under suspicion?
>
> possibly.
>
> the fact is, it's almost impossible to know if someone is
> going to act in the best interests of others, which is what
> is necessary for good computer security. in this case we have
> a computer security professional whose responsibilites lay
> mostly in communication with the industry, accused of attempting
> to satisfy an apparent perversion - in a case that has very
> strong overtones of entrapment.
>
> i think the only thing that relates to computer security here
> is the issue of trust. the JAP people broke the trust of their
> user community by maintaining the appearance of complete
> security when in fact that security had been compromised. the
> CERT employee in question damaged the trust of his employer
> (and apparently those in the security community who are more
> concerned about his sexual preferences than his privacy) by
> *attempting* to engage in a morally questionable act.
>
> trust is VERY important to computer security. who can you trust?
> the goverment? the police? the people on this mailing list?
>
> trust is a complicated thing. i have a commitment to my clients
> that requires me to act in their best interests and keep their
> data secure. does this mean that my personal life is squeaky
> clean? i don't think so. but i have a moral obligation to
> ensure the safety and security of my clients, and i don't
> confuse that with the morality of my personal life. am i a good
> person? i'd like to think so, although any hardcore right-wing
> christian would be terrified of my ideals.
>
> the real question is: am i a good administrator?
>
> henry
>
> also: i'd *really* rather read about soap opera stuff on /.
>
>
> Myers, Marvin wrote:
> > As being one who was rightfully chastised by Kurt recently, I do believe
> > that this could indeed have some relevance to the FD list. If by this
> > mans actions, his past work could at all be suspect, then this is the
> > proper venue to post it. If someone of his caliber, someone who should
> > know the repercussions of any action taken using a computer as a tool,
> > is used as an expert during trial, or their technical writings used as
> > such, can we not realistically look at all of his past work as being
> > suspect. If indeed he is a pedophile, he may have overlooked other
> > pedophile activity in the course of his job. While I would never accuse
> > someone whom I do not have personal proof of illegal activity, and after
> > all he is innocent until proven guilty, I can understand why someone may
> > want to analyze and or scrutinize his past work.
> >
> > Just my 2cents worth.
> >
> > -----Original Message-----
> > From: Kurt Seifried [mailto:listuser@...fried.org]
> > Sent: Monday, August 25, 2003 6:29 PM
> > To: badpack3t@...urity-protocols.com; full-disclosure@...ts.netsys.com
> > Subject: Re: [Full-Disclosure] CERT Employee Gets Owned
> >
> > Please read the list charter and stop posting junk like this. Do we know
> > post stories about any criminal charges brought against anyone in the
> > security industry? Should we also cover parking tickets?
> >
> > Kurt Seifried, kurt@...fried.org
> > A15B BEE5 B391 B9AD B0EF
> > AEB0 AD63 0B4E AD56 E574
> > http://seifried.org/security/
> >
> >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists