1997-10-03 - Intruder Alert!

Header Data

From: Tim May <tcmay@got.net>
To: “cypherpunks@cyberpass.net>
Message Hash: 0007ee7bec3f73c793fdddfc47f01168c5043fbf76c5f8782b3b31ebac31d270
Message ID: <v03102803b05a203e101f@[207.167.93.63]>
Reply To: <01BCCF84.84FC2100.hallam@ai.mit.edu>
UTC Datetime: 1997-10-03 04:27:58 UTC
Raw Date: Fri, 3 Oct 1997 12:27:58 +0800

Raw message

From: Tim May <tcmay@got.net>
Date: Fri, 3 Oct 1997 12:27:58 +0800
To: "cypherpunks@cyberpass.net>
Subject: Intruder Alert!
In-Reply-To: <01BCCF84.84FC2100.hallam@ai.mit.edu>
Message-ID: <v03102803b05a203e101f@[207.167.93.63]>
MIME-Version: 1.0
Content-Type: text/plain



At 7:32 PM -0700 10/2/97, Phillip Hallam-Baker wrote:
>On Thursday, October 02, 1997 11:54 AM, Attila T. Hun
>[SMTP:attila@hun.org] wrote:
>>     if Phill is secure, what difference does it make if you assault
>>     him?  my guess is he is not secure, and probably has no clue how
>>     to get from there to secure.
>
>Because when you ring the alarm bell on my system
>it is answered by law enforcement and it costs about
>$10,000 a time to deal with the issue.

Hmmmhhh, you must have a law enforcement arrangement different from the
ones around here (here being the Bay Area/Silicon Valley). Around here, law
enforcement is usually the last to be brought in, and they in fact have
little interest in answering computer intrusion alert calls.

If it costs you, or the taxpayers (through your law enforcement situation),
$10,000 for each quiver of your alarm system, maybe you ought to find ways
to cut the costs.

And setting off an alarm is not necessarily a crime, of course. Depends on
where the alarm was placed. If someone bumps a car in a parking lot and
sets off a motion sensor alarm, no crime has generally been committed. At
least this is the situation in all the places I know of.

And if dealing with a false car alarm cost $10,000, or even $100, this
would tell the alarm owner to do something to reduce the number of false
alarms.

>Setting off fire alarms costs real money.

Indeed, because people panic, evacuate, leave work in progress, lose
manufacturing runs, etc. But I can't think of many computer intrusion
alarms which have the same effect, nor should they. If someone sets off
panic alarms because an incorrect password is typed too many times, or some
biometric test fails, or access to some files is unexplained, or whatever
the alarms are, then this is an overreaction.

Better security, better firewalls, write protecting Web sites, air gaps
with the Net, or whatever, these would seem to be better alternatives than
calling in the cops and running up a $10,000 bill for each alarm.

(In any case, cops in my area will definitely _not_ come to my aid if I
call them to report an attempted incursion into my system. Your cops must
be different.)

--Tim May

The Feds have shown their hand: they want a ban on domestic cryptography
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
ComSec 3DES:   408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^2,976,221   | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."








Thread