Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.off-topic : White hat? Black Hat? : Re: White hat? Black Hat? Server Time
10 Oct 2024 06:16:35 EDT (-0400)
  Re: White hat? Black Hat?  
From: somebody
Date: 13 Sep 2008 12:41:26
Message: <48cbed36$1@news.povray.org>
 
"Orchid XP v8" <voi### [at] devnull> wrote in message
news:48cbe6bb$1@news.povray.org...
> >> Well, no, because fixing a broken window costs money.

> > And it doesn't cost money to fix a compromised system?

> Depends how it was compromised, doesn't it?

There are many costs (including waking up the sys-admin in the middle of the
night and paying overtime wages, or taking the system offline for a while
and inconvenience legitimate users) with any systems attack. It's naive to
assume it's all bits and bytes so no physical harm is possible.

> >> You can "break into" a computer system without causing damage that has
> >> to be repaired.

> > OK, assume I only go into houses that have windows that are ajar, or
that I
> > leave money for the window repair, or that I pick the lock instead...
etc.

> If you tell somebody "hey, your window is ajar", they'll believe you.

What's this obsession with convincing people of something? Anyway, moving
on...

> If you tell somebody "hey, your computer system is insecure", it's
> unfortunately rather unlikely that they'll believe you.

Question: If you have not already hacked into the system, how do you know if
it's not secure?

> Now if some guy wanders round randomly trying to break into systems,
> then yes, that's not really acceptable and they deserve to be convicted

Ah. So since this guy presumably did not design the system himself, he'd not
know if it's secure or not. Like you yourself mentioned, as well as Warp
mentioned in another post, it's not like looking at a window that's ajar.

So, by your admission, "wandering round randomly trying to break into
systems" is precisely what he must have been doing. And by your conclusion,
"that's not really acceptable and they deserve to be convicted".

> with something. But if you tell somebody their system is insecure and
> they fail to do anything about it... what else are you supposed to do? I
> mean, if it has no impact on you, then fine. But if that system holds
> data about you, presumably you'd *like* it to be nice and secure.

What happened to good old method of communication?

> (Obviously, I don't know which of those two scenarious was actually the
> case in this particular story. Presumably the court case will decide.)

True. But regardless, it's a crime. And I'm tempted to think that he did not
contact and try to communicate with the sys-admin first. I don't know of
many hacker who do that before hacking.


Post a reply to this message

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.