Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.off-topic : White hat? Black Hat? : Re: White hat? Black Hat? Server Time
10 Oct 2024 10:24:44 EDT (-0400)
  Re: White hat? Black Hat?  
From: Warp
Date: 13 Sep 2008 14:18:54
Message: <48cc040e@news.povray.org>
 
somebody <x### [at] ycom> wrote:
> > There's nothing to prove.

> Ah, that's the crux of the matter: A hacker proves his superiority!

  No, the hacker proves that there's a concrete security hole which
should be fixed.

> If the admins invited him to hack, that would be fine. As it is if you
> invite a locksmith to pick your lock.

  So as long as he didn't ask permission it's better that the sysadmins
are kept ignorant of the security flaw in the system.

  Basically the situation is that the sysadmins *benefited* from the
hacking, and as a reward, the university sues the person who performed
the hacking.

> >   Upgrading the security of a house is expensive. Security upgrades of
> > a computer system are usually part of the software license (ever heard
> > of free security patches?)

> Again, completely immaterial how expensive or cheap it is to fix something.
> Having said that, it's not necessarily cheap to fix security flaws either.

  Which is not the fault of the hacker, really. He shouldn't be punished
because fixing a security hole (which was not created by the hacker) is
expensive to fix.

> >   A malicious robber breaking into a house causes damage to the owner
> > of that house only. A malicious hacker breaking into a university computer
> > can potentially cause damage to thousands of people.

> That makes no sense whatsover. If anything, you are legitimizing breaking
> into institutions instead of houses. Maybe I should change my example to
> breaking into a business, a hospital, a school, a military bases... etc. I'm
> sure courts will then give me even bigger medals of honour for doing the
> public a service which affects many more people.

  No. If you break into a big institution and then make a report on how
you did it and which flaws you exploited, the institution will benefit
from it (because they will be able to fix those flaws), and you will be
rewarded with jailtime.

  Of course nobody breaks into institutions for the sole reason of
reporting how he did it. Too much work for no benefit.

  Hacking a computer, however, is a hobby.

-- 
                                                          - Warp


Post a reply to this message

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.