-- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBMTO: N48 04'14.8'' E11 36'41.2'' http://www.leitl.org 57F9CFD3: ED90 0433 EB74 E4A9 537F CFF5 86E7 629B 57F9 CFD3 ---------- Forwarded message ---------- Date: Mon, 07 Jan 2002 11:15:48 -0800 From: Hack Hawk <hh@hackhawk.net> To: Kent Borg <kentborg@borg.org>, Eugene Leitl <Eugene.Leitl@lrz.uni-muenchen.de>, cryptography@wasabisystems.com Cc: Hadmut Danisch <hadmut@danisch.de>, dcsb@ai.mit.edu Subject: Re: Hackers Targeting Home Computers Although I originally used the word filter to describe a possible ISP action to address certain problems, the following statement from KB was more what I meant to suggest. And also Lynn Wheeler's statement about Dynamic IP addresses not being allowed to host HTTP services because it's not in the consumer/client agreement anyway. At 09:02 AM 1/7/02 -0500, KB wrote:
Once word gets out that letting your computer be breached can get your internet account suspended, people might start applying patches, Linux might start making some inroads, and Micro$oft might quit shipping so many new bugs every week.
Now, since the suggestion/idea prompted several responses, I'd like to offer one other opinion to see what some of you think about it. I know that it's possibly been discussed here before, but hopefully I won't get flamed too bad. :) Sorry, I'm kind of new to this particular list. When I performed my experiment a few months back, I had the idea to create a Code Green worm (like somebody actually did) that would go out and forcefully patch those vulnerable systems. I even went as far as developing a small tftp daemon that could serve up the CG virus to other infected systems for a short period of time. In light of all the discussion I've previously read on such matters, I decided against implementing the CG counter Virus. However, I'm starting to think that such counter viruses aren't such a bad idea, and here's the primary reason *why* I believe that. Currently, our government (people like Ashcroft) are slowly taking away our freedoms in an effort to gain control over the problem. Personally, I have a real hard time with this. I don't like Ashcroft and others like him having the ability to come into my home and phone lines and monitor everything I do. If they just happen to label me as a potential terrorist, then I'm basically f*#$ed and loose all my rights. I fully appreciate the dangers of our world, and why somebody like Ashcroft may want to sacrifice our liberties to gain control of worldly problems. However, there is *another* way. We can either sit back, and let people like Ashcroft take control of the cyber situation, or we can step up to the plate, and take control of the problem ourselves. My non-technical mailing list was my first non-intrusive step up to the plate. Perhaps in the future, stepping up should be a little more intrusive. If the freedoms I value so much are at stake, then maybe the rewards outweigh the risk of damaging someone's ego by patching their systems for them. IMHO. - hawk --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com