LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

LWN.net Weekly Edition for February 2, 2012

A tempest in a toybox

LWN.net Weekly Edition for January 26, 2012

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Savanna.gnu.org compromised too

Savanna.gnu.org compromised too

Posted Dec 4, 2003 16:40 UTC (Thu) by ccchips (subscriber, #3222)
In reply to: Savanna.gnu.org compromised too by RobSeace
Parent article: Savanna.gnu.org compromised too

Maybe it's also time for a change of focus, as I've said before.

I keep reading people saying things about locks, defects in locks, lock picks, and beating up people for not locking their doors properly.

Now, correct me if I'm wrong, but if I should (accidentally or on purpose) leave my back door open on my house, does that action tell you that you have the right to go in there and steal my washing machine?

Or, let's say I buy a lock from the Super-Defender Lock Company, and it turns out that somebody knows about a flaw in the metal, and that such a flaw allows them to break the lock, and get into my house. Does that mean people have the right to go on my property, break the lock, and hide in my house until I leave, then steal all my diskes?

We can fortify our computers until Hell freezes over, and as long as the people who break into them contine to be allowed to have no respect for our rights, they will continue to be broken into.

Once, a long time ago, my father left the back door of our house unlocked when we went on vacation. When we returned, we found the door locked on the bottom (one of those automatic locks once you leave,) and a note inside the house from a neighbor, saying that we had left it unlocked and that he'd locked it for us.

Now, I'm not trying to fault anyone for fixing problems in the computer; it seems fairly easy to conclude that a lot of security breaches are possibe because of software flaws. However, I do believe that people need to wake up to the fact that there are fundamental social issues at stake here that technology will never fix.

You've got to know that people are going to try really hard now to compromise Linux installations, especially since Gates and Co. made their big announcement about its insecurity. Don't be surprised if they are disillusioned former GPL supporters or current Microsoft fanatics who also happen to be expert crackers. You've got to have been expecting this, and for a long time. Also, Linux is now being advocated heavily by large, money-making concerns, as a possible desktop alternative. Joe User is not going to know (or care) about security the way some of you do. He may leave his window open, his door unlocked, or he may install a cheap-o-flex alram system.

Does that give anyone the right to violate or hijack his computer system? No.

It's not my fault if I'm the victim of a crime, it's the fault of the criminal. This was true when Microsoft was the butt of jokes about security, and it's still true now that Linux may be.

(Log in to post comments)

Savanna.gnu.org compromised too

Posted Dec 4, 2003 16:53 UTC (Thu) by RobSeace (subscriber, #4435) [Link]

Sure, of course the one breaking in is at prime fault... I don't think I
saw anyone arguing otherwise anywhere...

However, that doesn't mean you should say, "Well, since they're at fault, I
don't have to worry about protecting myself, then!"... That's just stupid...
Just because something is illegal, wrong, and/or anything else, does NOT
prevent some people from still doing it... Smart people will realize that
there are people out there that WILL do it, and so they'll take measures
to protect themselves... If they fail to do so, that doesn't mean the
person breaking in is any less criminal or wrong; but, it does mean they
have a lot easier time of it, and are more likely to get away with it...
Ranting and raving about how it's not YOUR fault someone broke in and stole
your stuff, just because you left your front door wide open is just rather
silly... Your stuff is still GONE, isn't it?? The person who stole it is
also long since gone, and will never be caught, will they?? So, why are you
yelling at the wind, and proclaiming your innocence? I don't think the
cops have any intention of throwing you in jail for not locking your door...
However, the only one you're hurting is yourself... So, it would be in your
own best interests to start locking those doors in the future...

Savanna.gnu.org compromised too

Posted Dec 4, 2003 17:10 UTC (Thu) by ccchips (subscriber, #3222) [Link]

Absolutely right. Howefer:

Start with a wide-open door. Then a lock. Then a better lock. Then a dog. Then an alarm system. Then what---a full-time armed guard?

I'm just saying we should never lose sight of the causes for this situation happening in the first place. If those are not addressed, all computer users will be in a vicious cycle forever.

I'm waiting for the day when those codes on the dashboard radios no longer have any effect on thieves. Maybe then someone will ask themselves where this ends.

Savanna.gnu.org compromised too

Posted Dec 4, 2003 19:57 UTC (Thu) by RobSeace (subscriber, #4435) [Link]

And, how exactly do you propose to address these causes?? I personally
don't know of any magic method of transforming everyone on the planet into
an ethical and law-abiding person... I quite suspect that for as long as
the human species exists, there will be some of us who break the law, and/or
do bad things... (And, let's be clear: the law is not always in line with
what's right, either...) I just don't see that it's possible at all to
ever do anything to change that basic fact of our nature... Short of
maybe some intensive genetic-engineering to breed out our bad sides, but
that will lead to a race of soulless zombies, like in every dystopian
sci-fi movie ever made... ;-)

So, I think we're better off addressing an issue which we actually have a
hope of doing something about: protecting ourselves from those people who
would choose to try to do us harm... Sure, it's a never-ending battle, and
there is a constant escalation on both sides... But, really, what else IS
there to do??

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds