Re: [fw-wiz] Re: Ethics, morality and the industry

From: Mark Teicher (
Date: 10/29/04

  • Next message: Paul D. Robertson: "[fw-wiz] Topical ethics link"
    To: "Paul D. Robertson" <>, Paul Foster <>
    Date: Fri, 29 Oct 2004 14:18:39 -0400 (GMT-04:00)

    Actually there is difference between Frank Abigale and Mitnick. After serving a portion of his time, Frank Abigale went to work in designing systems that are currently in use today. Mitnick, on the other hand, has not contributed at that scale to help improve any of the systems he supposedly broke into it, except to jump start a fledging security industry in taking an interest in the types of ways Mitnick was successful in defeating the security systems in place at the time. The Telecommunications providers have yet to make all the recommended security improvements that allowed Mitnick to accomplish what he did. Let's take a look at other people who suffered the same sort of fate. Intel vs Randall Schwartz (1993), Randal spoke at SANS a while back about his case on "What not to do as a System Administrator". It was a very good talk, getting back on topic, having former criminal speak at conference is not a crime, and they should be rewarded for it, and there should be big statements, like this speaker's honorium/fee is being collected to pay restitution to their victims.


    -----Original Message-----
    From: "Paul D. Robertson" <>
    Sent: Oct 29, 2004 1:16 PM
    To: Paul Foster <>
    Subject: Re: [fw-wiz] Re: Ethics, morality and the industry

    On Fri, 29 Oct 2004, Paul Foster wrote:

    > > To my mind the issue is that he's still *profiting* from his crimes.
    > > That doesn't do justice to the victims, nor does it send the right message
    > > IMO. Crime should not pay.
    > How so? He talks about how he would exploit security systems, and this
    > is his area of expertise. The guy spent many enjoyable years in jail
    > (on his knees?) which does not sound like 'crime pays' to me.

    It's also his area of criminality. That's not a good message- there are
    *plenty* of good guys who have the same expertise who haven't created
    victims who can give out the same information.

    It worries me socially that the royal we tend to put these folks on
    pedestals when they're nothing more than confidence tricksters who have no
    special information or skills.

    > > I think that the fettering should include profiting from whatever badness
    > > the person did- hey, if he was lecturing on IPv6 security, then I don't
    > > see as much of an issue.
    > Perhaps he doesn't know squat about IPv6. If we prevent him from
    > legally earning a buck on issues he does know, we could inadvertently be
    > encouraging use of those skills illegally.

    IMO, society would be better served if we *really* rehabilitated them.
    Having them stand up in front of people and proclaim how great they were
    when they were doing illegal activities seems to run counter-productive
    to that to me.

    He doesn't know squat about IPv6 because we're letting him cruise on
    notoriety rather than making him go get a real job that doesn't profit
    from his criminality. And yes, if he's so bent on doing wrong than on
    doing the right thing, then let's let him commit more crime, and lock him
    up again- because that means he's not reformed and shouldn't be out of

    > > I hope that in the future, CSI chooses its keynote speakers more
    > > carefully.
    > Should we bury our heads in the sand and not learn from people like this?

    You can learn all there is to learn without paying them princely sums and
    celebrating notoriety. There's both more value in what Howard Schmidt and
    Bill Murray say than in what Abignale and Mitnick say, and a better
    overall message for the industry and society to send by using them.

    Paul D. Robertson "My statements in this message are personal opinions which may have no basis whatsoever in fact." Director of Risk Assessment TruSecure Corporation
    firewall-wizards mailing list

    firewall-wizards mailing list

  • Next message: Paul D. Robertson: "[fw-wiz] Topical ethics link"

    Relevant Pages

    • Re: Off-Topic -- Gender Discrimination
      ... Not victims per se. ... It is not healthy for a society to place too LITTLE emphasis on personal responsibility either. ... conditioning and possible social disapproval, ... akin to socialism. ...
    • Communalism, Centrestage
      ... Life and liberty are not the gift of society, ... innocent young Muslim boys are being victimised by the police on ... poor victims are virtually defenceless. ...
    • Re: One for Turk...
      ... Liberal opinion holds they are victims, because society has failed to provide them with opportunities to develop their potential. ... Rather, they are victims of a perverted social ethos, which elevates personal freedom to an absolute, and denies the underclass the discipline - tough love - which alone might enable some of its members to escape from the swamp of dependency in which they live. ... Only education - together with politicians, judges, policemen and teachers with the courage to force feral humans to obey rules the rest of us have accepted all our lives - can provide a way forward and a way out for these people. ...
    • Re: One for Turk...
      ... They are an absolute deadweight upon society, ... victims, because society has failed to provide them with opportunities to ... with the courage to force feral humans to obey rules the rest of us have ... accepted all our lives - can provide a way forward and a way out for these ...
    • Holocaust victims assets published on net
      ... The society for restituting property belonging to victims of the Holocaust published Wednesday a list of 3,500 bank accounts and real estate properties located in Israel, worth over NIS 100 million, that belong to Holocaust victims. ...