From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Tue, 14 Aug 2001 09:17:40 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Tue, 14 Aug 2001 09:17:21 -0400 Received: from dvmwest.gt.owl.de ([62.52.24.140]:33295 "HELO dvmwest.gt.owl.de") by vger.kernel.org with SMTP id ; Tue, 14 Aug 2001 09:17:17 -0400 Date: Tue, 14 Aug 2001 15:17:29 +0200 From: Jan-Benedict Glaw To: linux-kernel@vger.kernel.org Subject: Re: [OT] DMCA loop hole Message-ID: <20010814151729.E20719@lug-owl.de> Mail-Followup-To: linux-kernel@vger.kernel.org In-Reply-To: <3B791B59.5F5F4113@idb.hist.no> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3B791B59.5F5F4113@idb.hist.no>; from helgehaf@idb.hist.no on Tue, Aug 14, 2001 at 02:36:41PM +0200 X-Operating-System: Linux mail 2.4.5 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 2001-08-14 14:36:41 +0200, Helge Hafting wrote in message <3B791B59.5F5F4113@idb.hist.no>: > "Joshua b. Jore" wrote: > How is making a virus any different from making any other weapon, like > a gun? Using it against someone might of course be illegal. Well... It's quite different in some points: - building some kind of weapon means hand-working on "real" iron. - programming a virus is just altering bits. - Nobody will claim building an arbitrary warpon is some kind of art ("I've always seen a weapon within this block of iron. I've only cut off some peaces to let it appear") - Many programmers will in fact have others to see their work as art. Esp., if it's kind of difficult work. Another effect is that firing a weapon means real movement of material whereas "firing" a virus is "just" altering bits. For humans, this is a big difference. I (speaking for me) would feel quite more guilty firing a weapon than firing a virus... > There are certainly valid reasons for making viruses. For example > in order to test (and develop) antivirus software that > automatically detect new viruses without being told about them first. There are even more uses of viruses: a major one is to show up security flaws. As of today, we've reached (in some countries) a state of stagnation (sp?): - You think you found some kind of security weakness - You're not allowed to do further investigation because you mustn't do reverse engineering - You're asked to report that bug. Then, you may wait for the next update soming some months later (which may cost you some $$). However, what so you do if your software you've just found a security relevant bug in isn't licensed? You can't report the bug. (Which is why I use Linux at al.) Then, you've got 2 possibilities: Either the leak is fixed before some maliculous people write a virus for, or you hope (or write it yourself) that a virus will occur on this topic. Reason: if it's a really bad virus, people will fasten their work on your bug and you'll get your patch learlier. > Oh, and surely someone can invent an excuse for using a virus > offensively > too. "I need this to defend my site from cyber-terrorists..." Come on, don't fiddle with the bullshit. Software (both, commercial as well as GPLed) lives and goes through evolution. Weak species (those with bugs and security flaws) will die out, stronger ones (stronger against virus attacks) will survive. By sending out viruses, you put more preassure on the weak species. Looking at today's software world, you'll find thousands fo programs doing more-or-less the same. However, all of them need to be cared about. Putting preassure on this system will help minorities to better grow because it's easier to care about short programs than about monoliths (like famous word progrssing programs and so on). OTOH, this suggests to keep really near to up-to-date software. I like that, too. Looking for bugs in *old* versions is boring. The concept of only working on HEAD sounds better to me... So my result: I'm not that much against viruses. People using computers shoul know what they do. Then, they'll never (or not that often) get hit by a virus. I've never really had trouble with them:-) MfG, JBG -- Jan-Benedict Glaw . jbglaw@lug-owl.de . +49-172-7608481