Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Recent Attacks

From: "Marcus J. Ranum" <mjr () nfr net>
Date: Sat, 19 Feb 2000 22:40:23 -0500
Ryan Russell wrote:

OK then, what's fair damages for writing Internet Scanner, an evil haxor
tool?  How about releasing the "firewall" toolkit full of holes?  $100M
each?



Ryan,

        The situation is this: you're either part of the problem,
or you're part of the solution. People can build tools that are
part of the problem, or they're part of the solution. I don't think
anyone in their right mind is going to stand up and throw rocks
at people who produce tools in good faith. It's simply ridiculous
to try to draw a parallel between someone who writes a firewall
(even a buggy one!) and someone who writes a tool that, pure and
simple, is designed for nothing but causing mayhem. I certainly
hope that, as a security professional, your professional ethics
are better than that!!

        There's always going to be a grey area in which legitimate
tools can be abused. This almost exactly aligns with the gun debate -
a long and tedious debate that I suggest we avoid in this list - but
similarly to the gun debate, society at large (legally and through
social pressure) defines what are "appropriate" tools and their
appropriate uses. It is not appropriate for me to own heavy
antitank weaponry; it is appropriate for me to own properly licensed
hunting and target weapons. It is not appropriate for me to use those
irresponsibly; it is appropriate for me to use them legally and
carefully at a supervised range. If, for a second I cross the line into
irresponsible use or inappropriate action, by threatening, endangering,
or even merely making someone uncomfortable, I have exitted the
grey area and entered into the wrong. This is a black and white
issue, and police, judges, and juries, are quite capable of
dealing with it. So it is with hackers.

There's a grey area in hacking - tools that are good that can be
used for evil, and a few tools that are designed for evil which
can be repurposed for legitimate ends. My opinion is that society
will cease shortly to tolerate that grey area - it's going to
narrow down (the way it has with guns) sharply in the next few
years.

Apologists for computer crime, such as you appear to be, will
not find your voices welcome in the debate for much longer. That's
my prediction. You go stand over there with the guys who are part
of the problem. I'm going to stand over here with the people who
are sick of it, won't tolerate it, and are trying to be part of the
solution.

Regards,
mjr.
Previous By Date Next
Previous By Thread Next

Current thread: