The Internet Virus--A Commentary

[Doug Gwyn]

In article <17592 at adm.BRL.MIL> drears at ardec.arpa (Dennis G. Rears (FSAC)) writes:
>    In security matters one should make something secure to the
>point of making sure the effort to break the security is more than
>the value of what you get once you break it.

That is the PRIME RULE for security of any kind.  There is no absolute
security, just different degrees.  What degree is "good enough" depends
on what sort of threat must realistically be expected.  A skilled
"tiger team" can almost always defeat any amount of security, but they
have to work harder and take greater "risks" (were they not authorized
tiger team members) in some cases than any espionage agent, etc. would
resort to.  The reason tiger teams exist is that sometimes it is so
easy to defeat security that there really is a probable danger that it
would be defeated by whoever one wishes to guard against.  Presumably
the first step in correcting such flaws is to discover them.

>  I don't believe so.  If you get the signal over the airwaves (antenna or
>satellite reciever) that is legal.  A ruling by the Supreme Court
>states the airwaves belong to the public.  If you decode that it is
>not illegal.  However if you attach a decoder to a cable line
>or converter that is.  

Unless the laws have recently changed, FCC regulations (do these count
as laws? One would think not..) prohibit disclosure of intercepted
transmissions without permission of the original communicating parties.
I suspect that encrypted downlinks intended for eventual distribution to
paying customers would be covered by this, so although you can watch the
TV shows you decode yourself, you could not tape them to show to others.