RE: OT: RE: Legal consequences (Was: RE: OT: Loser found responsible for worm)

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Sat, 30 Aug 2003 14:16:44 -0500

Hi Jim,

Its cool to disagree. The reason why I don't like RBLs is that the
people who maintain them aren't very professional. They aren't
accountable, they can put anyone they like on them, and they thumb their
collective noses at people who question the inviolate nature of their
mission. Now, if they took responsibility, had a mechanism to be removed
from the RBL within 24 hours when they make a mistake, and published
their methods for determing how they add and remove entries from their
RBL, then they would be legit in my eyes. 

Note that I don't have any problem for blacklisting SMTP servers
configured as open relays. But those machines should be removed from the
RBL within 24 hours that the open relay has been fixed.

But as it stands now, most of the RBLs I'm aware of are run by people
who are almost as abusive as the spammers the claim to protect us
against. That is to say, they're run by power hungry little trolls who
probably have never kissed a girl ;-) (or boy, if run by a woman).

IMHO,
Tom

Thomas W Shinder 
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1 
Configuring ISA Server: http://tinyurl.com/1llp 



-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] 
Sent: Saturday, August 30, 2003 10:06 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OT: RE: Legal consequences (Was: RE: OT: Loser
found responsible for worm)


http://www.ISAserver.org


Hi all,

I agree that this isn't necessarily an ISA-specific issue, but it's not
like
it passed us by, either.
I like (and sometimes use) the stove analogy, but it also follows that
the
kid will only suck-start a pistol once, too.
As with any "learning mechanism", the value of personal experience has
to be
weighed against the potential damage incurred in that event.

As a side note, there was other business-related fallout as well.
http://slashdot.org/articles/03/08/27/0214238.shtml?tid=111&tid=126
I know Tom and others disagree with the use of RBLs as a rule, but I
like
them.
I find the few false positives generated to be well worth the added
benefit
of a large reduction in spam.


 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message ----- 
From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, August 29, 2003 09:53
Subject: [isalist] RE: OT: RE: Legal consequences (Was: RE: OT: Loser
found
responsible for worm)


http://www.ISAserver.org


Hi Kenny,

Very well said! I don't agree with all of it, but you can be my atty any
time ;-)

I think we probably should drop the topic now. Back to ISA Server
fixing!

Thanks!
Tom

Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp




-----Original Message-----
From: Kenny Mann [mailto:Kennymann@xxxxxxxxxxx]
Sent: Friday, August 29, 2003 11:46 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] OT: RE: Legal consequences (Was: RE: OT: Loser found
responsible for worm)


http://www.ISAserver.org


I'm unsure if this topic should really continue on the mailing list, so
if anyone wants it to stop, please ask.
I don't know any better.

Do I think Microsoft could have done a better job? Maybe. They have lots
of money.
Could they have placed  more [money] in security? Yes.
Should they have to? No. They are a company, their goal is to make
money.
Don't get me wrong, I think they [Microsoft] are doing an excellent job
as far as getting better for security.

When you say that once you start blaming the victim, the game is over,
agree and disagree.
I sleep with my doors locked at night. I do some amount of effort every
night to make sure no one can get in easily.
People should do the same with their computers.
The price of freedom is forever vigilance.
At where I work, we barely felt a tap from this because the servers were
up to date. We have some people receiving massive amounts of mail trying
to get through with attachments because someone else is infected.
On the other hand, with a company with hundreds of servers, this is a
much more difficult task (especially of management micro-manages to hell
and doesn't let you for whatever reason) so I do have sympathy for other
buisness's.

Currently I'm having mixxed feelings about this.
Had that person not written those virus's, lotsa people would not have
updated their machine and thus been open to an even worse attack by some
other monkey.
I don't think the virus writter is 100% to blame, but I think he is
about 95% to blame.

Something I overheard a whole ago...
A mother sees her child about to touch a hot stove and says "Don't touch
that, it's hot." and repeats.
A father says "He's only gonna touch it once."

By this I mean, if people get hit hard, they will learn to udpate their
machines and attacks like this will be more difficult to make.

Perhaps these views are skewed, could someone give me their views?


Kenny Mann

>-----Original Message-----
>From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
>Sent: Friday, August 29, 2003 11:19 AM
>To: [ISAserver.org Discussion List]
>Subject: [isalist] RE: Legal consequences (Was: RE: OT: Loser
>found responsible for worm)
>
>
>http://www.ISAserver.org
>
>
>Hi Kenny,
>
>I honestly don't see how anyone can reasonably blame Microsoft
>(unless you're a lawyer and want to cash in).
>
>Microsoft has put in more than enough due dilegence in trying
>to protect their systems. Criminals *must* be held accountable
>for their criminal behavior. Once you start blaming the
>victim, the game is over and everyone loses. Microsoft was a
>victim, I was a victim, you were a victim, and millions of
>others were victims.
>
>Jim mentioned that the worm was the result of "research".
>Well, does all research need to be done. During WWII in
>Germany, there was some medical research done in the field of
>neurology that provided information we still depend on today.
>Should that research been done? The information would have
>become available using legit means later.
>
>Just some food for thought on where people might best spend
>their time and effort.
>
>IMHO,
>Tom
>
>Thomas W Shinder
>www.isaserver.org/shinder
>ISA Server and Beyond: http://tinyurl.com/1jq1
>Configuring ISA Server: http://tinyurl.com/1llp
>
>
>
>
>-----Original Message-----
>From: Kenny Mann [mailto:Kennymann@xxxxxxxxxxx]
>Sent: Friday, August 29, 2003 11:08 AM
>To: [ISAserver.org Discussion List]
>Subject: [isalist] Legal consequences (Was: RE: OT: Loser
>found responsible for worm)
>
>
>http://www.ISAserver.org
>
>
>Hmm, I've started thinking...
>The kid is probably going to be put to jail for a long while
>and given some hefty fines for billions of dollars worth of
>damages probably.
>
>Should we treat virus writers (and modifiers) as rapists and
>murderers? For the most part, most viruses do not deal bodily
>harm or really hurt someone. Hmm, interesting question. I
>believe I recall one of the viruses (Sobig or Lovsan) that
>screwed over a Nuclear Power Plant. Many people could have
>died because of his actions. Not just cost business's money,
>cost people their lives. Should Microsoft be held partly
>responsible for not devoting enough to security or should
>people have their own fault to blame because they didn't
>update their machine, or should it all go to the virus
>writter? OR spread it around? If I write a virus and it deals
>$100 million, but the guy across the street writes one and it
>deals $4 billion, will the consequence be adjusted accordingly?
>
>In my administration folder (A folder which received emails
>that state if anything weird happens), I get 100+ more emails
>per day of prohibited attachments and such because this dude
>wrote a virus. On the other hand, I get _more_ emails from
>spammers. Almost all those viral emails are directed towards
>only 4 people of our <50 person company.
>
>Something to dwell on for the day.
>
>Kenny Mann
>
>>-----Original Message-----
>>From: Bill Kuhn - MCSE [mailto:bkuhn@xxxxxxxxxxxxx]
>>Sent: Friday, August 29, 2003 10:58 AM
>>To: [ISAserver.org Discussion List]
>>Subject: [isalist] RE: OT: Loser found responsible for worm
>>
>>
>>http://www.ISAserver.org
>>
>>
>>I'd still use the sharpest tool in the shed on his head. I
>>have some sharp tools in my shed and I volunteer to use them
>>on him and on each and every other criminal a$$hole who pulls
>>that kind of stunt.
>>
>>-----Original Message-----
>>From: Bailey, Matthew [mailto:MBailey@xxxxxxxxxxx]
>>Sent: Friday, August 29, 2003 10:35 AM
>>To: [ISAserver.org Discussion List]
>>Subject: [isalist] RE: OT: Loser found responsible for worm
>>
>>
>>http://www.ISAserver.org
>>
>>
>>I don't think I made my point very clearly.  The guy they
>>arrested today deserves EVERYTHING he gets and maybe more.  I
>>think the point I was making is they haven't caught the true
>>culprit behind Blaster worm just some script kiddie who
>>modified the existing code and tested it in a public place.
>>We aren't talking about the sharpest tool in the shed.
>>
>>- Matt
>>
>>Matthew Bailey
>>LAN Engineer
>>CSK Auto, Inc.
>>Voice: 602.631.7486
>>Fax: 602.294.7486
>>
>>
>>------------------------------------------------------
>>List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
>>ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>>ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
>>------------------------------------------------------
>>Other Internet Software Marketing Sites:
>>Leading Network Software Directory: http://www.serverfiles.com
>>No.1 Exchange Server Resource Site: http://www.msexchange.org
>>Windows Security Resource Site: http://www.windowsecurity.com/
>>Network Security Library: http://www.secinf.net/ Windows
>>2000/NT Fax Solutions: http://www.ntfaxfaq.com
>>------------------------------------------------------
>>You are currently subscribed to this ISAserver.org Discussion
>>List as: kennymann@xxxxxxxxxxx To unsubscribe send a blank
>>email to $subst('Email.Unsub')
>>
>
>------------------------------------------------------
>List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
>ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
>------------------------------------------------------
>Other Internet Software Marketing Sites:
>Leading Network Software Directory: http://www.serverfiles.com
>No.1 Exchange Server Resource Site: http://www.msexchange.org
>Windows Security Resource Site: http://www.windowsecurity.com/
>Network Security Library: http://www.secinf.net/
>Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
>------------------------------------------------------
>You are currently subscribed to this ISAserver.org Discussion List as:
>tshinder@xxxxxxxxxxxxxxxxxx
>To unsubscribe send a blank email to
>$subst('Email.Unsub')
>
>------------------------------------------------------
>List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
>ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
>ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
>------------------------------------------------------
>Other Internet Software Marketing Sites:
>Leading Network Software Directory: http://www.serverfiles.com
>No.1 Exchange Server Resource Site: http://www.msexchange.org
>Windows Security Resource Site: http://www.windowsecurity.com/
>Network Security Library: http://www.secinf.net/
>Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
>------------------------------------------------------
>You are currently subscribed to this ISAserver.org Discussion
>List as: kennymann@xxxxxxxxxxx
>To unsubscribe send a blank email to
>$subst('Email.Unsub')
>

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » OT: RE: Legal consequences (Was: RE: OT: Loser found responsible for worm)
• » RE: OT: RE: Legal consequences (Was: RE: OT: Loser found responsible for worm)
• » RE: OT: RE: Legal consequences (Was: RE: OT: Loser found responsible for worm)
• » RE: OT: RE: Legal consequences (Was: RE: OT: Loser found responsible for worm)
• » RE: OT: RE: Legal consequences (Was: RE: OT: Loser found responsible for worm)
• » RE: OT: RE: Legal consequences (Was: RE: OT: Loser found responsible for worm)

1. Home
2. isalist
3. Archive
4. 08-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---