On Mon, 22 May 2000, Gregory Hicks wrote:
> > community practice of contacting technical contacts during incidents? I
> > know there's probably a lot of "Cybercrime" funding at stake here, and I'm
[snip]
>
> Well... If everyone contacts the NIPC whenever an 'incident' occurs,
> they (the NIPC people) will be able to go to Congress and say "... See
> how much cybercrime there is? After we started, there was an X%
> increase. We have been able to 'contain' x%, arrest y%, and, by our
> efforts, are making the internet more secure for "Motherhood and Apple
> Pie". Thus we need more money, poeple, resources, et al. ..."
That's why I said the line quoted above. I'm worried about the long-term
social change that moving from a "report to domain contact" to "report
*everything* to law enformcement" _could_ make. (especially since they
seem to want "trap and trace" type cooperation from admins, and *most*
non-dial-up things I've tracked back have turned into compromised
machines/networks where the extra time has helped the compromised site
immensely.)
I'm all for chasing down bad people and holding them accountable for their
actions, but it seems to me that there may be a concerted effort to start
pushing too hard in the other direction.
> Please pardon my cynicism, but ...
My cynicism is why I posed the question. I'm worried that we're moving
quickly from a self-policed community to a street with locked gates on
each property, and that hinders our own efforts to help the less-clued as
a community.
Creating a class of clueless victims who wait for police clean-up after
the fact is a bad real-life precident that I don't like the thought of.
Paul "They can have my copy of nmap when they pry my cold dead fingers
from the keyboard" Robertson
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
