[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <251762415.1062177126@[192.168.2.119]>
From: pauls at utdallas.edu (Paul Schmehl)
Subject: Authorities eye MSBlaster suspect
--On Friday, August 29, 2003 3:43 PM -0700 Anthony Saffer
<anthony@...ferconsulting.com> wrote:
>
> Sorry for just jumping in here but I couldn't resist. Certainly, you have
> to admit that there is a such thing as shared responsibility and
> contributory negligence. Even the law recognizes these things. Sure, it's
> the coders fault for creating and releasing the worm but the
> administrators do bear SOME responsibility for not being proactive and
> patching their systems. There have been cases of patches being available
> for 6 months to a year and a worm coming along and cleaning house. How
> can anyone say that the admin isn't partially responsible?
Absolutely the admins are at least partly responsible for the damage caused
to their own systems (and I would argue the greater the time since a patch
was released the more responsibility they bear) and for damage they cause
to other systems. But for the worm itself? Absolutely not.
> Sure, in a
> perfect world, we wouldn't have to worry about patching our systems and
> all would be well. But we don't live in a perfect world and every
> computer admin should know how to patch his system. If he/she doesn't
> then they shouldn't have their job. There is, after all, a such thing as
> preventative action.
>
In a perfect world, admins would get to implement the practices they know
to be best for their organization. We don't live in a perfect world.
Oftentimes admins' hands are tied by the decision makers who control the
purse strings.
We still have infected hosts in the student apartments. Would you blame
the admins for that? By law they are not allowed to support the students'
personal computers. The best they can do is deny them network access until
they're fixed. So the damage is limited to our network and doesn't go out
to the world. Yet you would have them fired for incompetence. The admins
know exactly what to do to protect a system. In this case they aren't
allowed to do it.
Yet, if the worm writer hadn't released the worm, the problem wouldn't even
exist, would it?
Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu
Powered by blists - more mailing lists