Roland Piquepaille's Technology Trends
How new technologies are modifying our way of life


mercredi 15 janvier 2003
 

This opinion is not mine, but the one of Tim Mullen, from SecurityFocus Online. In this story, he expresses some strong ideas regarding systems infected by worms.

I believe you should have the right to neutralize a worm process running on someone else's infected system, if it's relentlessly attacking your network. I've even written code to demonstrate the process. Though the initial news coverage of the concept was grossly inaccurate in conveying my ideas, it has stirred up a constructive dialog.
I knew my idea was controversial, but I was wrong about something -- I figured everyone in the security biz would "get it" and that the hard part would be convincing everyone else that if they can't or won't secure their machines, we as the defenders would have the right to terminate the process attacking us.
It has turned out to be the opposite.

The author then looks at the criticisms about this strikeback idea raised by some security experts -- to dismiss them of course. His *opponents* include Eugene Schultz of U.C. Berkeley's Lawrence Berkeley National Laboratory or Bruce Schneier.

Finally, he suggests a "new way of thinking about the parties involved in a strikeback scenario."

Since the owner of a system has no responsibility for the actions of a worm, or any malicious process, that runs without their knowledge, I submit that they also have no rights to the process. No responsibility means no rights.
So, if they have no rights to the process, there is no infringement against them when we neutralize it. If someone wants to claim that their rights were violated by our taking out the attacking process, then they should be held accountable for the actions of the process from its inception. They can't have it both ways.

I'm not sure I completely endorse his idea, but his claims have some merit.

Source: Tim Mullen, Security Focus Online, January 13, 2003


12:15:08 PM  Permalink  Comments []  Trackback []


Click here to visit the Radio UserLand website. © Copyright 2004 Roland Piquepaille.
Last update: 01/11/2004; 11:41:45.

January 2003
Sun Mon Tue Wed Thu Fri Sat
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31  
Dec   Feb



Search this blog for

Courtesy of PicoSearch


Personal Links



Other Links

Ars Technica
BoingBoing
Daily Rotation News
Geek.com
Gizmodo
Microdoc News
Nanodot
Slashdot
Smart Mobs
Techdirt
Technorati


People

Dave Barry
Paul Boutin
Dan Bricklin
Dan Gillmor
Mitch Kapor
Lawrence Lessig
Jenny Levine
Karlin Lillington
Jean-Luc Raymond
Ray Ozzie
John Robb
Jean-Yves Stervinou
Dolores Tam
Dylan Tweney
Jon Udell
Dave Winer
Amy Wohl


Drop me a note via Radio
Click here to send an email to the editor of this weblog.

E-mail me directly at
pique@noos.fr

Subscribe to this weblog
Subscribe to "Roland Piquepaille's Technology Trends" in Radio UserLand.

XML Version of this page
Click to see the XML version of this web page.

Technorati Profile

Listed on BlogShares