Re: Secure 2.4.x kernel

To: <debian-security@lists.debian.org>
Subject: Re: Secure 2.4.x kernel
From: Juha Jäykkä <juolja@utu.fi>
Date: Thu, 27 Dec 2001 15:18:01 +0200 (EET)
Message-id: <[🔎] Pine.SOL.4.30.0112271506550.26678-100000@alya.utu.fi>
In-reply-to: <[🔎] 002b01c18db7$a66038e0$0400a8c0@gary>

> Just because people are "dumb" or not as fortunate as other more
> "privy" people, doesn't mean that the law should bypass the
> "unfortunate".  The law (at least in the US) were specifically
> created to protect people in such circumstances.  Why should
> computer law be any different?

  Actually, this breaking in to computer systems is more like stealing
weapons from legitimate owners. Attackers often use compromised
systems as launchpads for further attacks. When someone breaks in to
your house and has a party there, it only harms the owner of the house;
possibly the neighbors, too, due to noise etc, but generally only the
owner of the house is harmed. When the burglars steal the assault
rifle and ammunition to it from your house and go shoot some third
party, bank security officials, for example, there is harm to third
parties. Right?
  Now, I do not know about American law, but at least in Finland the
guy whose gun (assault rifles are illegal anyway unless they are
rendered non-automatic) was stolen, is likely to get punished as well!
It depends on how the gun was stored: it needs to be locked away in a
different location than its ammunition etc. I think THIS is something
we need to see in the computer break-in laws as well: the owner of an
exceedingly insecure system being used as a launchpad for further
attacks should be punished as well.
  I do not know why I replied to this particular message... probably
because most people whose systems are very insecure are in some
aspects "dumb": either because they are too lazy or they simply lack
the knowledge to keep it secure (and are too lazy to obtain the
knowledge).  I would call that dumbness.
  Some do not even have the slightest idea of what can be done with
their computer which is sitting 24/7 on a DSL line - that is most
unfortunate. Ever heard the phrase: "There is nothing valuable on my
computer - why would anyone break into it?" Who would educate them..?

-- 
		 -----------------------------------------------
		| Juha Jäykkä, juolja@utu.fi			|
		| home: http://www.utu.fi/~juolja/		|
		 -----------------------------------------------

Reply to:

Follow-Ups:
- RE: Secure 2.4.x kernel
  - From: "Gary MacDougall" <gary@freeportweb.com>

References:
- Re: Secure 2.4.x kernel
  - From: "Gary MacDougall" <gary@freeportweb.com>

Prev by Date: Re: mounting /tmp noexec (was: Campus Computers)
Next by Date: sending password in the command line
Previous by thread: Re: Secure 2.4.x kernel
Next by thread: RE: Secure 2.4.x kernel
Index(es):
- Date
- Thread