30 Apr 2000 Rasputin   » (Journeyer)

I've been thinking about system security and the people who try to break it.

Scenario: I pretense my way into some corporate offices and when nobody is watching photocopy a random selection of documents from an unlocked filing cabinet. There is no intent to sell or otherwise profit from this information. After the fact, when I'm talking to the police about my "break-in", I justify it as intended to highlight the horrible physical security in most corporate offices. The company whose information I acquired asserts the value of the stolen material at several thousand dollars, so I get tried for very serious crimes with a real potential for a long jail term.

I honestly see no significant difference between what I described and the all too common cracking that shows up in the news every now and again. The difference is in the perception. Crackers are (commonly) considered harmless experimenters, doing it for the joy of learning and to show the security flaws in most computer networks. A person doing the more physical version (as described) is clearly recognized as a criminal and few people would believe there was no intent to profit.

I realize I'm barely scratching the surface of a very serious set of questions. I believe, however, that the Advogato group is more likely to have considered some of these things than a similar random sampling of North American society in general. As well, as (future) computer professionals, we're much more likely to have had our lives impacted by these types of activity.

Comments welcome ;)

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!