Hackers Targeting Home Computers (fwd)

Eugene Leitl Eugene.Leitl at lrz.uni-muenchen.de
Mon Jan 7 12:41:03 PST 2002 



-- Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBMTO: N48 04'14.8'' E11 36'41.2'' http://www.leitl.org
57F9CFD3: ED90 0433 EB74 E4A9 537F CFF5 86E7 629B 57F9 CFD3

---------- Forwarded message ----------
Date: Mon, 07 Jan 2002 11:15:48 -0800
From: Hack Hawk <hh at hackhawk.net>
To: Kent Borg <kentborg at borg.org>,
     Eugene Leitl <Eugene.Leitl at lrz.uni-muenchen.de>,
     cryptography at wasabisystems.com
Cc: Hadmut Danisch <hadmut at danisch.de>, dcsb at ai.mit.edu
Subject: Re: Hackers Targeting Home Computers

Although I originally used the word filter to describe a possible ISP
action to address certain problems, the following statement from KB was
more what I meant to suggest.  And also Lynn Wheeler's statement about
Dynamic IP addresses not being allowed to host HTTP services because it's
not in the consumer/client agreement anyway.

At 09:02 AM 1/7/02 -0500, KB wrote:
>Once word gets out that letting your computer be breached can get your
>internet account suspended, people might start applying patches, Linux
>might start making some inroads, and Micro$oft might quit shipping so
>many new bugs every week.

Now, since the suggestion/idea prompted several responses, I'd like to
offer one other opinion to see what some of you think about it.  I know
that it's possibly been discussed here before, but hopefully I won't get
flamed too bad.  :)  Sorry, I'm kind of new to this particular list.

When I performed my experiment a few months back, I had the idea to create
a Code Green worm (like somebody actually did) that would go out and
forcefully patch those vulnerable systems.  I even went as far as
developing a small tftp daemon that could serve up the CG virus to other
infected systems for a short period of time.

In light of all the discussion I've previously read on such matters, I
decided against implementing the CG counter Virus.

However, I'm starting to think that such counter viruses aren't such a bad
idea, and here's the primary reason *why* I believe that.

Currently, our government (people like Ashcroft) are slowly taking away our
freedoms in an effort to gain control over the problem.  Personally, I have
a real hard time with this.  I don't like Ashcroft and others like him
having the ability to come into my home and phone lines and monitor
everything I do.  If they just happen to label me as a potential terrorist,
then I'm basically f*#$ed and loose all my rights.

I fully appreciate the dangers of our world, and why somebody like Ashcroft
may want to sacrifice our liberties to gain control of worldly
problems.  However, there is *another* way.  We can either sit back, and
let people like Ashcroft take control of the cyber situation, or we can
step up to the plate, and take control of the problem ourselves.

My non-technical mailing list was my first non-intrusive step up to the
plate.  Perhaps in the future, stepping up should be a little more
intrusive.  If the freedoms I value so much are at stake, then maybe the
rewards outweigh the risk of damaging someone's ego by patching their
systems for them.  IMHO.

- hawk




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cypherpunks-legacy mailing list