| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <41517579.9080905@skybel.net> From: dries at skybel.net (Dries Robberechts) Subject: Scandal: IT Security firm hires the author of Sasser worm Dear 'van Helsing', >Dear Ron... >The name Ron is very public in america, canada and some other english >countries so I exspect you're from such a country... > > We must be dealing with a mastermind here. >Please imagine that the autor of Sasser is NO criminal in germany. > > ... it isn't hard to do? >He didn't break any german law with the his worm. > > That may be so. >Just the fact that PCs reboot or wont work is something they try to >judge him for. > > No, the fact that the pc, or better, the group of pcs wasn't his. >But even they try that: They'll fail. > > Speaking in the future, when will who fail? >Companies have to patch their systems so if a company get's infected by >a worm it can't blame the autor because there's a LAW that companies >have to secure their networks... > > Feel free to share that LAW with us? >I hope you can NOW imagine why he's no criminal and you're just another >english-speaking idiot wich dosn't read any german law wich are also >avaiable (translated in some languages) in english. > > I ain't no 'english-speaking idiot' and I haven't read the german law either. In fact, I doubt a lot of non-german people read it, as I can't hardly imagine myself spending a nice day off reading german lawbooks. I don't believe that is the point, though. >And criminals... >In France it's criminal to write exploits.... w000... >Ain't we all criminals? >Remember L0th, Rhino9, 29a, Teso, THC... "criminals" are all around, or? > > No 'we' are not all criminals, at least 'I' am not. >So come down "Mr. Judgeman" and imagine that other countries have other >laws. > ... it isn't hard to do? >And a little example so that also you can understand it: > > We are most grateful. >You judge somebody for the things he did, ok. But you didn't judge the >stupid administrators.It's like judging a guy who punshed you... it's >ok. But you don't judge the policeman who was 2 Meters away? >Or: You judge the robber but not the guy who dosn't closed the door of >his car? >That's why he can't be judged and I hope he will be free. > > The scope of the discussion is the guy being hired by that company. Whether or not other people are legally guilty of whatever one can come up with, I think is not. Ofcourse one can blame people for being stupid enough to leave the door open and kindly inviting even the largest newbie burglar to sneak in, but does that automatically sets him free? You started drawing the analogy with IT Security, so let me go along that away. Do you consider a person guilty of not having the necessary security when his server is broken into? You can blame someone for being stupid, but the burglar still remains the one who broke in. You can however legaly blame someone when because of the intrusion 3th party material has been stolen, which was kept under the responsibility of the guy owning the server. The question is not necessarily a legal one, but also a business one. It might be very accepted in the country he resides in, but what if the product he's working one will be sold in computer shops in the country I am residing in? Is it a good business plan to hire him, apart from anything else that counts. >And now come down and remember the good old times of Kevin Mitnick >(another criminal, am I right?). > > You are. >And I hope that even our english speaking readers wont comment this >topic anymore and close it. Otherwise we can start talking about politic >and the criminal who's the president of the USA. > > So you want to have the last word, which is quite polite. This is fd, as long as they stick to the topic, people may respond. Moreover, you want this to end by going political. Where did you say you were from, Mr...?
Powered by blists - more mailing lists