Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Rate Stratfor's Incident Response
From: Paul Schmehl <pschmehl_lists () tx rr com>
Date: Fri, 13 Jan 2012 10:37:31 -0600

--On January 12, 2012 3:16:19 PM -0500 Benjamin Kreuter 
<ben.kreuter () gmail com> wrote:

Hash: SHA512

Really, calling it "breaking in" is a stretch.  You connected a
computer to a publicly accessible computer network, where anyone can
send anything to your computer.  If hacking such a system is "breaking
in," you might as well claim that shouting across your neighbor's yard
is "breaking in."

Bzzzt.  Bad analogy.  A better one would be noticing your neighbor's garage 
door is open, walking across the street, entering the garage and rummaging 
around in his belongings.

I suspect at least some of your neighbors would take offense to that and 
ask you what you think you're doing.  And if they wanted to press charges 
for trespass, you'd likely go to jail.

The law is not going to stop the really bad people
from attacking your system, nor is it going to stop them from profiting
from whatever access they gain; sending law enforcement after someone
who reports problems to you accomplishes little and only discourages
people who might try to help you.

Assuming everyone's motives are as pure as the driven snow is a bit naive, 
don't you think?

Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson
"There are some ideas so wrong that only a very
intelligent person could believe in them." George Orwell

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]