[KLUG Members] Re: Members digest, Vol 1 #51 - 10 msgs

[Mike Williams]

>
>Message: 9
>Subject: Re: [KLUG Members] Re: legality
>From: Adam Tauno Williams <awilliam@whitemice.org>
>To: members@kalamazoolinux.org
>Date: 25 Jul 2001 06:41:16 -0400
>Reply-To: members@kalamazoolinux.org
>
>
>>>>It is so frustrating  to see people so concerned with covering
>>>>thier asses that they don't try the straight forward method of talking
>>>>to people when you have a problem.
>>>understand your point, it's a good one and I agree.  
>>>Now let's look at it from a more practice point of view:
>>>Suppose I discover the box at ip185.battle-creek2.mi.pub-ip.psi.net
>>>(38.33.131.185) has a big security hole.  HOW DO I CONTACT THE OWNER?
>>>My point is your only option may be to contact the ISP since you cannot
>>>always get an email address from an IP address, especially if it's a 
>>>dynamically assigned IP, or the IP is owned by the ISP.
>>>> ... I can literally sue anyone for whatever grounds I like however
>>>> unjustified they may be.  ...
>>>Correct, and that's the reason everyone is trying to cover their ass
>>>and the reason for the original message:  to determine the best way
>>>to handle such a situation.
>>>I like the idea of contacting the owner too, IF POSSIBLE.
>>Which is what the original poster was doing, the most direct way he
>could.  
>>Probably the only certain way.
> 
>Not certain at all.  How many average users check C:\ for any sudden new
>files? 
>Zero of mine.  Windows Explorer? Huh, whats that for.  An average
>Windows user
>could go for years and never see that file.

The file was left in C:\WINDOWS\DESKTOP in all capital letters.  Pretty hard to miss there.

>>>Personally I don't go looking for security holes in other people's
>>>computers, so I don't have to worry about contacting anyone!  :-)
>>Agreed in general, but here's another point that everybody seems to be
>ignoring.  
>>This machine was sharing files (OK, all of them) with the Internet.  It
>was 
>>SERVING files to anybody who could find it.  This was no hack attempt,
>this was
>>a client-server transaction like any other.  
>
>No, the intent of the operator of the remote machine does matter.  I'm
>not saying leaving the file was wrong (morally),  but it was very much
>illegal.  These two, and reason for that matter, have nothing to do with
>each other.  The "victim" could claim with certainty that the person who
>left the note recognized that the victim's machine was not for public
>access simply based upon the content of the note.  Whose to say I didn't
>steal his Quicken files, and then leave a note so I look like a good
>samaritan.  Then I sell his credit card numbers to the local card
>jacker.

True, he knew the machine wasn't intended as a server, but it WAS serving.  And he couldn't be sure of it's intent until opening that share.  Then he left a note because it's the only way to contact the machine's owner.  True, if this newbie's credit cards are stolen, there's one obvious suspect, but there should be more than enough reasonable doubt with the size and openness of the Internet.  

>>Let's try an example.  If a farmer sets up a vegetable stand at the side
>of the 
>>road, and the cash box is sitting there unlocked next to the zuchinni,
>would a 
>>guy get in trouble for slipping a Post-it note into the cash box
>telling him it 
>>wasn't locked?  
>
>Oh yes he would!  Farmer finds note, has said person's fingerprints on
>it,  Farmer says $500 dollars is missing.  Said person gets arrested.
>If said person for whatever reason already had a criminal record or was
>a resident alien they are in big trouble.  Said person was stupid!  And
>if someone sees him WHILE he has the lid open,  criminal intent will be
>assumed as he had NO BUSINESS being inside the box.

Again, one obvious suspect, but more than enough reasonable doubt.  In my example, yes, there is a possibility he got spotted, which could be motive for leaving the note after stealing.  That's where the analogy falls apart.  In the actual event under discussion, there was basically zero risk of being "seen", and our samaritin DID have reason being in the wide-open system.  Defending his own from a hack attempt.