lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <A0EC0D6EB6418C4BB0C17849E4D6A1B263C957@exchange_server.crec.coop>
From: bpope at crec.coop (Bobby Pope)
Subject: Hacking into private files, my credit card 
	purchases, personal correspondence or anything that is mine is trespassin
	g and criminal.

Enforcement of a law is a function of how many people are policing a
behavior.  Take smoking, we've made it increasingly socially unacceptable in
most circles and the number of people smoking DECREASED rapidly and for a
sustained period.  
There will always be people bucking societal norms and the element of hard
core crime that will persist but it may be possible to stop some of the
vandalism by refusing to give them what they want; notoriety, even in their
anonymity -- most are still cowards at heart. The big obstacle to this is
that smoking a cigarette in public impacts a relatively small group of
people who can express instant disdain toward the perceived offender in
their presence; the risk vs. reward is very high. Cyber offenders operate in
relative anonymity, affect large groups of people, are hard to catch and get
loads of attention; risk vs. reward is very low.
That said, I'm with you on the emotional rant level but realistically if I
want my stuff safe I will have to do my best to protect it and sometimes
even that isn't good enough. I just had $5k-$6K worth of stuff stolen from a
"secure" storage facility with cold forged 3/8in shank lock on the bolt;
they just cut through the bolt and d?voil?: this month's family camping trip
is cancelled. I suppose there is more I could have done but the measures
seemed reasonable at the time.  
I think this condition will persist until we all become the enlightened
utopian socialists of Gene Roddenberry movies or we establish an absolute
moral code and instill fear of "burning in hell for all eternity" into the
psyche of every man, woman and child on the planet.  In either case, I
wouldn't hold my breath and I would do everything possible to secure my
network and applications.

Cheers,
Bob


-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Harlan Carvey
Sent: Friday, October 08, 2004 11:36 AM
To: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Hacking into private files, my credit card
purchases, personal correspondence or anything that is mine is trespassing
and criminal.

 
> No
> matter how many laws are passed or how many policies
> are written, they are pretty much useless as they
> are not capable of changing people.

Laws don't change people's behaviour...the enforcement
of the laws does.

In the days of NIPC, the Attorney General mandated a
threshold of $5k losses when reporting cybercrimes in
order for the FBI to become involved.  Did that change
behaviour?  Yes, but not the behaviour we would
want...the crimes still occurred (or in some cases,
were thought to have occurred), yet the case load was
so overwhelming that unless you could demonstrate a
financial loss of $50K, they didn't even blink.

Having laws...words written on paper...is ineffective
in and of itself.  Enforcing those laws, or at least
being able to do so, is what has an effect.  Even if
you have enough trained, qualified LE personnel to
enforce the laws, you still have issues of...is the
"victim" capable of determining/demonstrating when a
crime has occurred?

=====
------------------------------------------
Harlan Carvey, CISSP
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://groups.yahoo.com/group/windowsir/

"Meddle not in the affairs of dragons, for
you are crunchy, and good with ketchup."

"The simplicity of this game amuses me. 
Bring me your finest meats and cheeses."
------------------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ