Implications of recent virus (Trojan Horse) attack

Dennis L. Mumaugh dlm at cuuxb.ATT.COM
Wed Nov 16 12:06:00 AEST 1988 

In article <8844 at smoke.BRL.MIL> gwyn at brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>) writes:
>So where is the student to learn better?  The current culture is
>founded more on the philosophy of pragmatism than anything else,
>and accordingly the student is encouraged in his belief that
>nearly anything is okay so long as he doesn't get caught.
>
>If you want to establish rational values as the norm, you have your
>work cut out for you.  It's a worthwhile goal, but won't be
>accomplished quickly.

This is a short essay on the mores and  morals  of  the  computer
culture.  It  is  caused  by  the  controversy  over  whether the
originator of the recent internet worm should be hailed as a hero
or  hauled  off  to  jail  and  his life and career ruined by his
actions.

There are two attitudes towards  life  that  are  exemplified  by
various social systems.  In an authoritarian/totalitarian society
that which is not permitted is forbidden.  In  a  "free  society"
that which is not prohibitted is permitted.

In the computer culture we have similar  attitudes.  Some  people
feel  that  since UNIX has file permissions, if you don't protect
your files they should be  able  to  browse  them  (and  if  your
terminal  is not locked they can use it and browse).  Others feel
that personal directories and files are out of bounds.

Part of this culture clash comes from the differences between the
"academic community" and the "business community".

I remember back in 1967 when a Freshman student  of  physics  was
making  a nuisance out of himself with the University of Maryland
Computer Center by breaking the  operating  system  and  stealing
time.  He  lead  the  systems people a merry chase.  They finally
stopped the activities by hiring him  as  a  systems  programmer.
Today  that person is famous as the inventor of <product deleted>
and was a professor of a well known  academic  institution.  [His
name is deleted because he is now a well known person, but I knew
him way back when.]

Today, the same actions would result in disciplinary  action  and
since  the  advent  of  the  new federal law on computer security
would be cause for criminal action.  What was once  considered  a
harmless prank is now a "serious" offense.

What has changed?  Computers have changed.  They used to be  toys
of  the  privileged  few  researchers  and  now they are the work
horses of the world.  The analogy is that between horses and  the
current  automobile.  In the old days borrowing a horse for a bit
wasn't that serious, nowadays joy riding in  a  car  is  a  major
offense. [We did hang horse thieves though didn't we?]

Our academic community encourages browsing and "snooping" as long
as   we  don't  destroy  or  conceal  the  origination  of  ideas
[plaigarism].  The ideal of co-operation between people  and  the
spread of knowledge is generally taught as the highest goal.

Our business community is just the opposite.  We have found  that
information is power is money.  The FSF to the contrary, computer
data is now valuable [I  rememeber  trying  to  get  a  mag  tape
through  Candian  Customs:  those  who  said "Computer Data" paid
duty; those who said "Software" got by for  free].  As  more  and
more people  commit  their fortunes and lives [figuratively] onto
computer media, the more we will become intolerant of people  who
disrupt those computers or idlely browse through files.

In another newsgroup [news.sysadmin or some  such]  the  question
was  raised: "What authority does a systems administrator have to
browse files." I can remember some times when I happened  upon  a
torrid  love  affair  being  conducted  by two married people via
EMail, and .... today  I  would  almost  be  required  to  inform
authority of this abuse of computer resources.

Essentially what Doug is raising and I am seconding is that times
have  changed.  This  worm  incident  has  rattled some cages and
arroused  some  sleeping  dragons.  Hopefully,  the  Professional
Societies  will  provide  a  code of ethics about computer use in
reference to these areas.  If they don't the US Government  will.
Already  the new law could be used to charge rogue players with a
crime [unauthorized use of facilities].  Then of course those who
read  netnews without official sanction .....  I suspect that one
could even make  a  case  for  routing  personal  mail  over  the
Internet as being a crime.

-- 
=Dennis L. Mumaugh
 Lisle, IL       ...!{att,lll-crg}!cuuxb!dlm  OR cuuxb!dlm at arpa.att.com

More information about the Comp.unix.wizards mailing list