[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: "Small" Bug - silly question again

> "Alan P. Laudicina" <alanp@linux.com> writes:
> > On Thu, 16 Mar 2000, Marcus Brinkmann wrote:
> > > You are desperately in need for a shell, to read your email (via IMAP),
> > > browse the net, check a domain name, or whatever. A machine is nearby
> > > running the Hurd.
> > > 
> > > You go to the machine and use it.
> > > 
> > 
> > I started this thread and here is where I comment again.  I see your above
> > example and think of one of my own.  A "script kiddy" gets ahold of a list
> > of usernames and passwords of a machine at fakedomain.com.  He is at the
> > local university and needs a shell to telnet to the machine and use the
> > illegally obtained login and passwords.  A machine running The HURD is
> > nearby...
> > 
> This "script kiddie" will find his/her shell anywhere, even if there
> is no HURD nearby...
Why make it easier???

It seems this whole argument comes down to the argument "So what? if we supply
the login shell or not malicious users are still gonna find a way to be 
malicious". But why make it easy for them? I think we should make it as hard
as possible for script kiddies to do such things to discourage it.


da Bobstopper

Reply to: