CDR: Re: AT&T signs bulk hosting contract with spammers

[Alan Olsen]

On Mon, 6 Nov 2000, Jim Choate wrote:

> > no. the argument is: if you make probing illegal, we'll see even more
> > (and *much* more) "security through obscurity" - because figuring out
> > that this crap is insecure will land you in jail.
> 
> Going to jail won't stop anyone from figuring it out if that's what they
> want. I would be so bold as to suggest that if they make it illegal then
> you'll see a significant rise in the behaviour, along with increased use
> of anonymous remailers and Open Source software than can be kludged.

My personal opinion is that if the Government(tm) wants to make security
illegal, then they should suffer for their actions.

The research will go on, no matter what. Making it illegal is not going to
stop human curiosity.

What I think should happen is that anyone in the security industry should
refuse to help the feds in any form. They should not help them secure
their systems. They should not let them have access to their ftp servers.
(Hosts.deny is your friend.)  They should let them feel the pain of their
stupidity.

And after they get rooted by the script kiddies for the millionth time,
maybe they will get a clue and allow people to find and fix the holes
without having to worry about the feds carting off every thing they own.

Making security work illegal is a BIG hint that they do not like security.
I certainly won't work with someone who holds a grudge against me.
Neither should anyone else.

alan at ctrl-alt-del.com | Note to AOL users: for a quick shortcut to reply
Alan Olsen            | to my mail, just hit the ctrl, alt and del keys.
    "In the future, everything will have its 15 minutes of blame."