| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: bpope at crec.coop (Bobby Pope) Subject: Hacking into private files, my credit card purchases, personal correspondence or anything that is mine is trespassin g and criminal. Enforcement of a law is a function of how many people are policing a behavior. Take smoking, we've made it increasingly socially unacceptable in most circles and the number of people smoking DECREASED rapidly and for a sustained period. There will always be people bucking societal norms and the element of hard core crime that will persist but it may be possible to stop some of the vandalism by refusing to give them what they want; notoriety, even in their anonymity -- most are still cowards at heart. The big obstacle to this is that smoking a cigarette in public impacts a relatively small group of people who can express instant disdain toward the perceived offender in their presence; the risk vs. reward is very high. Cyber offenders operate in relative anonymity, affect large groups of people, are hard to catch and get loads of attention; risk vs. reward is very low. That said, I'm with you on the emotional rant level but realistically if I want my stuff safe I will have to do my best to protect it and sometimes even that isn't good enough. I just had $5k-$6K worth of stuff stolen from a "secure" storage facility with cold forged 3/8in shank lock on the bolt; they just cut through the bolt and d?voil?: this month's family camping trip is cancelled. I suppose there is more I could have done but the measures seemed reasonable at the time. I think this condition will persist until we all become the enlightened utopian socialists of Gene Roddenberry movies or we establish an absolute moral code and instill fear of "burning in hell for all eternity" into the psyche of every man, woman and child on the planet. In either case, I wouldn't hold my breath and I would do everything possible to secure my network and applications. Cheers, Bob -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Harlan Carvey Sent: Friday, October 08, 2004 11:36 AM To: full-disclosure@...ts.netsys.com Subject: Re: [Full-Disclosure] Hacking into private files, my credit card purchases, personal correspondence or anything that is mine is trespassing and criminal. > No > matter how many laws are passed or how many policies > are written, they are pretty much useless as they > are not capable of changing people. Laws don't change people's behaviour...the enforcement of the laws does. In the days of NIPC, the Attorney General mandated a threshold of $5k losses when reporting cybercrimes in order for the FBI to become involved. Did that change behaviour? Yes, but not the behaviour we would want...the crimes still occurred (or in some cases, were thought to have occurred), yet the case load was so overwhelming that unless you could demonstrate a financial loss of $50K, they didn't even blink. Having laws...words written on paper...is ineffective in and of itself. Enforcing those laws, or at least being able to do so, is what has an effect. Even if you have enough trained, qualified LE personnel to enforce the laws, you still have issues of...is the "victim" capable of determining/demonstrating when a crime has occurred? ===== ------------------------------------------ Harlan Carvey, CISSP "Windows Forensics and Incident Recovery" http://www.windows-ir.com http://groups.yahoo.com/group/windowsir/ "Meddle not in the affairs of dragons, for you are crunchy, and good with ketchup." "The simplicity of this game amuses me. Bring me your finest meats and cheeses." ------------------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists