lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Law11-OE533b6uIU1Gj00001e2e@hotmail.com>
From: se_cur_ity at hotmail.com (morning_wood)
Subject: Authorities eye MSBlaster suspect

my stance is that as a entity on the internet, it is the responsibility
of the person or orginization that connects to a hostile
enviroment to ensure themselves a reasonable ammount
of protection.

my "murder" analogy, applies to the ATTITUDE of said person/orginazation
and the general internet public. Im not blaming a person for being
attacked in the real world.

how can i set the frame here.. ok,
i was not affected by the msblast worm because of measures i have in place,
and have had before and during the attack of this vunerability.
but if i had NOT been, the responsibility would lie solely with ME in my failure
to protect myself ( and my network ) in that hostile environment, thus if i
blame some other party
( LSD, micro$sotf, or msblaster coder ) i am shifting the blame away by way of
the
"poor me" scenario.

i apologize for not being clear in the first place and i can
 see how it could be looked at differently. Personally I have
never been the one of "they deserved it" when it comes to a crime against
humans with your examples stated. ( rape victim dress or protection from a
bullet )

thank you,

Donnie Werner


----- Original Message -----
From: "Schmehl, Paul L" <pauls@...allas.edu>
To: <full-disclosure@...ts.netsys.com>
Sent: Friday, August 29, 2003 1:12 PM
Subject: RE: [Full-Disclosure] Authorities eye MSBlaster suspect


> > -----Original Message-----
> > From: morning_wood [mailto:se_cur_ity@...mail.com]
> > Sent: Friday, August 29, 2003 3:04 PM
> > To: Schmehl, Paul L; full-disclosure@...ts.netsys.com
> > Subject: Re: [Full-Disclosure] Authorities eye MSBlaster suspect
> >
> > > So you would blame murder victims for being in the wrong place?  Or
> > > rape victims for wearing the wrong clothing?
> > >
> > > Nice set of ethics there.
> >
> > NO !!!
> > i think you mixed the top portion of my post with the "poor me"
> > examples on the bottom, i blame the person that commits the
> > act gimme a break, and quit trying to miscontrue things Paul
> >
> What did I misconstrue?  You stated that you believed that admins were
> at fault for worm infections.  I quote, "It seems to me that it is each
> admins responsiblity, if they were affected ( infected ) not the coder."
>
> What about your statement quoted here did I misconstrue?  Admins are
> affected by worms the same way that a crime victim is affected by the
> crime committed against them.  Some argue they were in the wrong place
> or they were dressed wrong or they should have known better than to be
> where the criminal was.  Your argument is essentially the same, is it
> not?
>
> Paul Schmehl (pauls@...allas.edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/~pauls/
>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ