"The price of liberty is eternal Vigilantism"

Matthew X profrv at nex.net.au
Sat Apr 24 09:47:35 PDT 1999

LAS VEGAS--Can vigilantism save computers from the next big virus threat?
Striking back against a computer that is attacking you may be illegal under 
U.S. law, but a security researcher says people should be allowed to 
neutralize one that is unwittingly spreading destructive Internet worms 
such as Nimda.
"Arguably the biggest threat the Internet faces today is the propagation of 
a big worm," said Timothy Mullen, chief information officer of AnchorIS, at 
the Defcon hacker conference here.
Worms are a form of self-propagating virus that, once set in motion, can 
wreak havoc by taking control of other machines. Once the virus has claimed 
a PC, it can then use the machine to launch attacks on the wider Internet.
"The next worm is going to happen, and it's going to be worse," Mullen said.
The defensive strategy of "strike back" is gaining some support among 
politicians, who will be voting on a bill backed by movie and music studios 
that would allow retaliation to help thwart Internet piracy.
The bill, proposed by Congressman Howard Berman, D-Calif., would protect 
copyright holders from liability if they place destructive decoy digital 
files into peer-to-peer networks to penalize users.
Mullen said his hack-back idea is different because it is designed to 
improve the security of cyberspace and would not harm any computer systems.
The Code Red and Nimda worms that hit last year shut down corporate 
computer systems and gobbled up bandwidth. Nimda was the most widespread 
and one of the most destructive worms of 2001.
To counter this, Mullen has come up with a way for machines that have been 
attacked--but not infected--to trace the worm back to the attacking machine 
and prevent it from spreading the worm to other computers.
Using his technique, the computer that launches an attack is paralyzed and 
requires an administrator to restart it, but it stays online and is not 
otherwise harmed, said Mullen, who is a columnist for SecurityFocus.com.
"What we're doing, (according) to the letter of the law, is illegal," he 
said. "I would like to see the law changed...We've illustrated not just a 
reasonable recourse, but a minimal responsibility."
Contacting the administrators of infected and attacking computers is not 
adequate, Mullen said. "This after-the-fact stuff clearly doesn't work. I'm 
still getting Nimda attacks," often from the same person, he said.
However, several U.S. officials questioned the ethics of the idea.
"You have trespassed on their system," said Mark Eckenwiler, senior counsel 
at the U.S. Justice Department's computer crime division. "There are more 
legally acceptable ways to deal with the problem than what is essentially 
hacking into their system."
There also is also the possibility of hacking back at the wrong computer, 
said C.H. "Chuck" Chassot of the Department of Defense's Command, Control, 
Communications & Intelligence office.
"It is the DoD's policy not to take active measures against anybody because 
of the lack of certainty of getting the right person," Chassot said.
Jennifer Stisa Grannick, litigation director at the Center for Internet and 
Society at Stanford Law School, said she felt Mullen's idea may be 
protected under a self-defense provision.
"This is a type of defense of property," she said. "There is a lot of 
sympathy for that (kind of action) from law enforcement and vendors because 
we do have such a big problem with viruses."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3943 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks-legacy/attachments/19990424/83311f4f/attachment.txt>

More information about the cypherpunks-legacy mailing list