Re: [Full-Disclosure] Scandal: IT Security firm hires the author of Sasser worm

From: Barry Fitzgerald (bkfsec_at_sdf.lonestar.org)
Date: 09/20/04

  • Next message: Georgi Guninski: "Re: [Full-Disclosure] Scandal: IT Security firm hires the author of Sasser worm"
    To: ktabic <lists@ktabic.co.uk>
    Date: Mon, 20 Sep 2004 15:43:14 -0400
    
    

    ktabic wrote:

    >Well, I vaguely recall laws that state that a convicted criminal isn't
    >allowed to profit from his crime, even after he has served his sentence.
    >This does, however, sound like he is profiting from his crime.
    >Think: would he have been given this job if he hadn't had his named
    >plastered all over the newspapers?
    >
    >

    I don't have an opinion on this particular situation. I really,
    seriously don't.

    But, here are some things everyone should think about:

           - Have you ever exceeded 20 mph above the speed limit? If so,
    does that make you incapable of driving a big rig truck? If so, I think
    we should probably
              be very wary of our use of the roads. It's much more
    difficult to get a commercial license if you've been caught speeding,
    but no one ever said it was
              impossible.

           - What about the people who were never caught? How's the
    paranoia setting in now? :) Seriously, though, which is more
    dangerous? A cracker's who's been
              caught and knows he's being watched, or a cracker who has
    never been caught and knows that he can silently observe the inner
    workings of an organization
              and, with time on his side, exploit it. If you say "the guy
    who got caught", then you need to rethink your stance on reality.

           - How do criminals reintegrate into society if they're not
    allowed to be gainfully employed in their specialty? You may scoff at
    this, but it's a very valid question.
              Not allowing a criminal, once released, to be openly and
    gainfully employed only gives them more reason to again turn to crime.
    Would you prefer that he
              work for the russian mafia writing web exploits? If you want
    to take away his ability to be employed, then you're virtually forcing
    him into a life of crime.
              How productive is that?

           - Employing known crackers is not new. People have been throwing
    around the term "unethical" with regard to his employment, but I fail to
    see how his being
              employed is unethical. It would be unethical if the company
    were employing him to crack their opponents, but thus far there's no
    indication that that's the case.
              In fact, it hasn't even been mentioned what he was employed to
    do. How do you know that he's not in a basement somewhere with a 386
    and a floppy drive
              dissecting malware that's been handed to him physically? You
    don't know what he's doing, so why start making silly assumptions about
    the basis for his
              employment? But this practice, of employing known crackers,
    is not new and it's not unethical. The act of simply employing someone
    to do a legal job can't
              be unethical unless what they're being told to do is
    unethical. If your perspective is that it's unethical *because* he
    wrote a worm and should be barred from
              employment for the rest of eternity because of it -- well,
    you're advocating the use of stigma judication, like having a scarlet A
    for adultery. I thought we were
              beyond that?

    I don't have an opinion on the specific case at hand, but these points
    apply to the issue. This seems to be the hot topic on the list right
    now. Can't we just agree that we simply don't have enough information
    to pass judgement?

    And, for the sake of the list, let's get off whether someone should be
    employed or not -- isn't that a better topic for a sociology list than
    this one? I'll tell you one thing, you'll get better formed opinions on
    the sociology list. So far, people seem to be taking emotional sides...
    and that will never lead to a reasoned solution.

                    -Barry

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Georgi Guninski: "Re: [Full-Disclosure] Scandal: IT Security firm hires the author of Sasser worm"

    Relevant Pages

    • Re: [Full-Disclosure] Scandal: IT Security firm hires the author of Sasser worm
      ... >>allowed to profit from his crime, even after he has served his sentence. ... country) unless you can come up with a really good reason. ... > allowed to be gainfully employed in their specialty? ... > were employing him to crack their opponents, but thus far there's no indication ...
      (Full-Disclosure)
    • Re: The fat oaf
      ... Why oh why do they persist in employing him? ... called 'weak' language in my opinion). ... Mick Channon said shit on the Morning Line today and no one turned a hair. ...
      (uk.sport.horseracing)
    • The fat oaf
      ... after Tanya had corrected his ignorance about a winning jockey earlier? ... oh why do they persist in employing him? ... called 'weak' language in my opinion). ...
      (uk.sport.horseracing)