Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.off-topic : White hat? Black Hat? : Re: White hat? Black Hat? Server Time
10 Oct 2024 08:20:41 EDT (-0400)
  Re: White hat? Black Hat?  
From: somebody
Date: 13 Sep 2008 13:56:09
Message: <48cbfeb9$1@news.povray.org>
 
"Warp" <war### [at] tagpovrayorg> wrote in message
news:48cbefd0@news.povray.org...
> somebody <x### [at] ycom> wrote:

> > >   Finding a security weakness and then *not* exploiting it for your
own
> > > selfish purposes but instead reporting the weakness so that they will
> > > patch it justifies it.

> > If the end justifies the means, am I to assume you also agree that
breaking
> > into people's homes to expose their security flaws and pretend-robbing
> > people at gunpoint to expose their unprotectedness are also just dandy,
and
> > moreover a good deed, provided you don't actually steal anything?

>   Yes, those two things are completely equivalent.
>
>   Breaking into someone's home usually causes material damage which costs
> money. Breaking into a computer system usually doesn't.

You can break into a house without costing material damage. Ever head of
picking locks? Does that legitimize it?

>   Breaking into someone's home exploits a security flaw which everyone
> *already knows*.

No. Do you know how secure your lock is? Do you know how long it takes to
pick it? I'm doing you a service by demonstrating how easy it is.

> There's nothing to prove.

Ah, that's the crux of the matter: A hacker proves his superiority!

> It's up to the owner of the
> house to decide whether he wants to fix it or not. Breaking into a
computer
> system exploits a flaw which is *not known* by the system administrators.

Whether it's known or not known or in the process of being fixed or not is
completely irrelevant. Hacking is a crime, same as lockpicking without
owner's consent.

If the admins invited him to hack, that would be fine. As it is if you
invite a locksmith to pick your lock.

>   Upgrading the security of a house is expensive. Security upgrades of
> a computer system are usually part of the software license (ever heard
> of free security patches?)

Again, completely immaterial how expensive or cheap it is to fix something.
Having said that, it's not necessarily cheap to fix security flaws either.

>   A malicious robber breaking into a house causes damage to the owner
> of that house only. A malicious hacker breaking into a university computer
> can potentially cause damage to thousands of people.

That makes no sense whatsover. If anything, you are legitimizing breaking
into institutions instead of houses. Maybe I should change my example to
breaking into a business, a hospital, a school, a military bases... etc. I'm
sure courts will then give me even bigger medals of honour for doing the
public a service which affects many more people.


Post a reply to this message

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.