today | current | recent | random ... categories | search ... who ... syndication

Peter G. Neumann : [W]hen there is no security in place, the alleged culprit cannot have exceeded authority

when no authority is implied. As long-time RISKS readers will recall, this issue came up relating to the trial of Robert Tappan Morris: in 1988, the Internet worm never exceeded authority, because no authority was required to use the sendmail debug option, to use the .rhosts mechanism, to execute the finger daemon, or to read an unprotected encrypted password file. I wonder how if prosecutors will ever figure this out! As long as we attempt to shoot the messenger and hide lame security behind overly broad laws, weak security will prevail, and whistleblowers will be much rarer than glassblowers. (For example, DMCA is among other things an attempt to outlaw whistleblowers.)"

refers to


N.Y. Times : "Beck and his ilk try to emulate Gainsbourg ←  → The dict-ified word of the day is corpulent