From: Johan Helsingius <julf@penet.FI>
Date: Tue, 8 Jun 93 19:50:37 PDT
To: smb@research.att.com
Subject: Re: CERT
In-Reply-To: <9306090049.AA03320@toad.com>
Message-ID: <9306090458.aa20630@penet.penet.FI>
MIME-Version: 1.0
Content-Type: text/plain



> As I said before, they might not know who was involved.  Even if they
> did, and even if the account wasn't compromised, it's the SA's
> responsibility to investigate.  What if a local user is doing un-
> authorized things?  Take this particular case -- they could easily end
> up being sued for contributing to copyright infringement.  They might
> win -- but defending against a lawsuit is expensive.

Yes. Agree. And I would have had no problem had they contacted the SA at
my site (me) or even my connectivity service provider (EUnet), but they
didn't. They contacted the domain admin for Finland. A high-level
"political" authority on a national level! Without consulting anyone
involved...

	Julf