1993-06-08 - Re: CERT

Header Data

From: TJO <space2@stein.u.washington.edu>
To: cypherpunks@toad.com
Message Hash: d1ac50f55f3c052dd95242e73b1aa2fb8514c7f610d901dd99492885a67a7110
Message ID: <9306082300.AA18418@stein.u.washington.edu>
Reply To: <9306082031.AA12159@boxer.nas.nasa.gov>
UTC Datetime: 1993-06-08 23:00:28 UTC
Raw Date: Tue, 8 Jun 93 16:00:28 PDT

Raw message

From: TJO <space2@stein.u.washington.edu>
Date: Tue, 8 Jun 93 16:00:28 PDT
To: cypherpunks@toad.com
Subject: Re: CERT
In-Reply-To: <9306082031.AA12159@boxer.nas.nasa.gov>
Message-ID: <9306082300.AA18418@stein.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain

J.E.T. writes:
> >computer EMERGENCY response taskforce or something like that? They should have
> >no business bothering you unless you requested some kind of assistance from
> >them, IMHO.
> I personally like being contacted by an organization trying to tell me
> that someone might be misusing my computing resources.

Certainly that may be so.. but in this case they didn't merely tell 'you'
with a simple note, instead they did atleast 2 things which really are 
bothersome and overstepping common 'courtesy' of merely informing 'you':
	1) Instead of going directly to the owner of the directory in
question or the administator of the host they jumped over 'your' head and
went to the domain administrator. I can see going to a site administrator
if they had reason to believe the owner of the directory was doing something
illegal.. but then again they have no authority to make/enforce/etc any
kind of laws.  They were just plain out of line. Consider this example
(and I'll give them the benefit of doubt here that someone really did complain
to them and they aren't on some witchhunt of their own): I am Cert and Mr
Von Karman has emailed me to say that a /jet/Enigma-cypher-code directory
appears to have illegal software of some kind.. so I send up my email.. not
to you.. but to Goldin, the new NASA head that I believe this directory
owned by you has illegal software on it. Well that is a good way to put some
bad marks on your record even if you do prove it untrue to your boss.. maybe
you had just removed the evidence before he checks out your acct.. either way
he shuts down your net access for a while..'just to be sure', and look out
next time you want a promotion.. can't be to safe.. you might be a security
	2) They didn't check the system out before hand and blatantly said
		as much.. what kind of service to you is that? my friend
		met a guy who knows bigfoot..but certainly you don't see
		me bothering the people who own the land where bigfoot
		is supposed to live. 

	3) They want to confiscate logs from the system.. That sure as heck
isn't any of their business..

	3) other complaints which I'll file for now.

Tim Oerting		|                  |insert disclaimer|
Computer Consultant	| U. of Washington |I speak 4 myself |
School of Law		|  <Seattle>	   |..blah..blah..   |