-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: Bryan Andersen [mailto:[EMAIL PROTECTED]]
> Sent: Friday, July 23, 1999 5:06 AM
> To: Frank Knobbe; firewalls
> Subject: Re: Response to hack attempt?
>
> [...]
> I'd like to know what your stance on this statement is
> after you've had to rebuild a mission critical system
> after a hacker trashed you DB tables.
One always has to bite the bullet. If your system got compromised and
you had to rebuild your DB's, I'm sorry. However, you did (or could
have done) provide us with information of this break-in, allowing
other to implement countermeasure to prevent an attack like your.
That's why information security professionals share information,
because we are all in it together. Your 8 hours spent rebuilding your
system (could have) saved countless hours of other folks from
rebuilding their systems.
> [...]
> I hate to break it to ya, but the war on drugs is failing
> miserably. Why is it failing so badly, because there is
> great money to be made selling illegal commodities. Alcohol
> Prohibition also had this same failure.
>
> Theft (the only one of these analogies that makes sense) is down
> because we put better security systems into our homes and
> businesses.
> We should also do this with computers, all computers.
>
> And finally on to witchcraft. [...]
Let me first say that I should have put a smiley behind the
witchcraft. It was meant as a funny. I was counting older crimes,
thought witchcraft might be good for a grin. Apparently I was taking
seriously (wow, never thought that would happen... :)
Anyway, I hate to break it to ya, but there are huge differences
between our physical world and the electronic world. Take the war on
drugs, let's say, border patrol. In the real world we can not place
guards next to every fence post at all of our borders. At checkpoints,
we can not inspect every vehicle or person that crosses the border.
However, in the electronic world we can. We employ guards to patrol
all access points of our network. These guards are called firewalls.
These firewall have also the neat ability to inspect every packet
crossing the router. Something a real person can not do.
These advantages of the electronic world, that allow us to do almost
everything we can think of, where possibilities are almost unlimited,
are the reason we are coping with various aspects of this electronic
world, such as usage, laws, and a lot of other actions and reactions.
Spam and junkmail, email chain letters and paper chain letters, email
fraud and mail fraud, unauthorized access and trespass, we are trying
to apply the same laws of the physical world to the electronic one.
However, the electronic world is far ahead in respect to
possibilities, so we are trying to catch up and create new laws that
cover these aspects. Eventually these new laws me be reflected back to
the physical world (i.e. email advertising being ruled legal as long
as the sender is identifiable. Anonymous email advertising being
illegal. Boy, I wish that would apply to the real world, so those
morons that stuff all these anonymous notes in my (physical) mailbox
could be stopped.)
Theft is probably one of those analogies, where we are ahead in the
electronic world. We may not prevent theft in any world, but some
connected crimes such as disclosure of information. Authentication,
authenticity, disclosure, these issues are better addressed in the
electronic world than in the real one. We can create an authentic
email by employing digital signatures, yet we still have no means for
an artist to employ a mechanism that would let him prove his painting
as authentic. Authentication. In the real world, a traffic officer for
example, checks your picture on the drivers license. In the electronic
world we can use algorithms in tokens, which are harder to compromise
than a picture. (Authentication seems to be one of those areas where
the electronic and physical world are catching up fast. Fingerprint
authentication systems are an example). Disclosure. We can easily
protect sensitive information from disclosure by encrypting it
electronically. In the physical world, disclosure is harder to avoid.
For example, take your wallet and open it up. Take out your drivers
license and look at all that information (including SSN), which is
available to anyone stealing your wallet. If we had means to encrypt
such information, where only the police for example could decrypt it,
we could solve a lot of problems.
Many of the techniques we use in the electronic world today, would be
very useful in the physical world. In this so called Information Age,
we seem to advance farther electronically than physically, because of
the incredible potential the electronic world provides. But we use
computers, email, the web, etc slightly different than paper mail,
news papers, etc. In some areas the electronic world is more
'perfect', in others, like defining what cyber crimes, investigation
cyber crimes, and reacting to cyber crimes through legal means of
punishment, we still have a lot to learn. To learn, or to transfer
ideologies and methodologies from the physical world into the
electronic world.
We need to be aware of the boundaries, similarities and differences
between these two worlds, and strive to behave civilized in both
worlds....
Regards,
Frank
PS: I did not pick up on your argument of alcohol. Whereas I'm aware
that computers get 'sick' when they catch a virus, I have not come
across an intoxicated computer. Especially not one with an addiction.
I guess that will have to wait until artificial intelligence
advances...
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.0.2
Comment: PGP or S/MIME (X.509) encrypted email preferred
iQA/AwUBN5nvWSlma9DCzQQeEQK/kACeIKXsmfIyK/a+B6xEhVsOzcNCDOEAn1JL
dr5CsJO5E2FfnVVuoz0KUH3Z
=Lbj5
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
