Home page logo
/

basics logo Security Basics mailing list archives

RE: How hackers cause damage... was Vulnerabilities in new laws on computer hacking
From: "Ebeling, Jr., Herman Frederick" <hfebelingjr () lycos com>
Date: Wed, 1 Mar 2006 18:14:28 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ----Original Message----
From: Craig Wright [mailto:cwright () bdosyd com au]
Sent: Wednesday, 01 March, 2006 16:27
To: hfebelingjr () lycos com
Cc: security-basics () securityfocus com
Subject: RE: How hackers cause damage... was Vulnerabilities in new laws
on computer hacking

: So do we ban all modems?
: 
: Stop all WAN connections?
: 
: Not all remote connections are via the Internet. Next, there are
: "virtual surgery" links from Australia to PNG to help the hospitals
: there - these use Private VPN's. If the Carrier stuffed up and the
: hospital had taken all due care is a compromise of the network during
: surgery ok?
: 
: Again, look at what has occurred from the so called non-malicious phone
: phreaks. They have stopped (without intent) emergency services lines.
: They have placed people at risk. We still charge people for culpable
: driving even when they manage not to kill somebody on the road.
: 
: I understand the 2600 argument, but it is flawed. It reduces trust in
: systems and causes damage. What is misunderstood is that society is
: about collective rights. No person has the rights to do whatever they
: want to another and this is the argument.
: It is similar physiologically to the military using distancing to
: condition people to war. Killing at a distance is easier to doing it up
: close. Breaking into systems you do not see the victims and thus you
can
: lie to yourself in the delusion that they do not exist. The facts are
: however that they do.
: 
: The quoted cases below, none of these was connected to the Internet.
: Phone systems have to be public, by definition.
: 
: Craig
: 

Craig,

        Please don't get me wrong, as one of those "faceless" victims I agree
with ya 110%.  As yer "perching" to the choir here.

        As I think that all of us here know that the most secure computer is the
one that is still in it's original box.  The next step down is the one
that is setup, but not plugged into the power/turned on.  And the next
step down from there is the one that is turned on, but has no connection
to the "outside" world. . .

        Cause as we all know even the most "secure" computer isn't that secure
once a phone line, or network connection is made to/from it. . .

        In one issue of 2600 (and I hope that everyone who has any interest in
computer security reads it if for no other reason then to keep up with
what the "hackers" are doing) they had a letter from someone who while
still in high school used the schools pay phone to call an Embassy (or
some such) in Russia all for "free."

        There was NO mention of how what he'd done was wrong, or how he probably
kept funds from going to some school program because of his "prank."

        Ya'd think that for a group/publication that is trying to pain "hackers"
in a good/positive light that they'd admonish people for breaking the
law.  Instead of turning a "blind eye" to their actions. . .

        I mean they still think that Mitnick got a bad deal for being arrested
and tried and convicted for his crimes.  Granted from what I've read
Mitnick isn't much of a programmer, and that he primarily used social
engineering to get what he wanted.  So can someone PLEASE explain how
that makes him a "master/uber" hacker???

Herman
Live Long and Prosper
 ___________________          _-_
 \==============_=_/ ____.---'---`---.____
             \_ \    \----._________.----/
               \ \   /  /    `-_-'
           __,--`.`-'..'-_
          /____          ||-
               `--.____,-'

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3 - not licensed for commercial use: www.pgp.com

iQA/AwUBRAYqwB/i52nbE9vTEQJUXgCdGzCHfyK48X/Ymt9IHQVIvzx/9TUAn2Di
HjWoCgp96x91DeUMNe3/QBdS
=z5/y
-----END PGP SIGNATURE-----


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]