on Mon, Aug 06, 2001 at 10:54:10PM -0500, Nathan E Norman (nnorman@micromuse.com) wrote: > On Mon, Aug 06, 2001 at 10:24:04PM -0500, John Hasler wrote: > > Ian Perry writes: > > > You could, but wouldn't be better to alert then than shutting them > > > down... there could be legal ramifications in lost income etc etc for a > > > public server. > > > > Making any use at all of the backdoor, even just to send the admin a > > message, is probably a crime under US law. > > When I worked for a cable ISP, we had a customer who thought it would > be cool to alert other people on the network about their security > problems by printing a message on their printers. Some (clueless) > customers thought this was prelude to an attack and called the cops. > > I have to agree with John ... using a security hole in someone else's > server for good or evil is probably not a good idea legally. I'd > advise against it. As noted on Slashdot, if you were to post a CR fix service installed at http://<yoursite>/default.ida, which would run a remote command on the connecting host, to de-worm and patch the offending box, who's culpability is it if your site is connected to and the patch is run? This is stretching the case a bit, but it's an interesting hypothetical. Frankly, I'm moderately convinced it's not a bad idea. Not quite a Cheese Worm -- it doesn't actively hunt hosts -- but widely distributed, an effective antidote. Personally I favor the "Debian GNU/Linux install" service model myself.... -- Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/ What part of "Gestalt" don't you understand? There is no K5 cabal http://gestalt-system.sourceforge.net/ http://www.kuro5hin.org Free Dmitry! Boycott Adobe! Repeal the DMCA! http://www.freesklyarov.org Geek for Hire http://kmself.home.netcom.com/resume.html
Attachment:
pgpRV7qQKreZH.pgp
Description: PGP signature