Worm/Passwords

Ron Elliott ron at embossed.UUCP
Sun Nov 13 01:15:07 AEST 1988 

In article <8563 at rpp386.Dallas.TX.US>, jfh at rpp386.Dallas.TX.US (John F. Haugh II) writes:
> In article <17830 at glacier.STANFORD.EDU> jbn at glacier.UUCP (John B. Nagle) writes:
> >      Some years ago, I posted a small piece of code to the net which
> ...
> >troubles, I am reposting it to comp.sources.unix.
> 
> It has been posted to alt.sources and pubnet.sources.  I truly welcome 
> comments and invite your participation.  I'd have posted it to
> comp.unix.sources but it is far from finished.
> -- 
	THANKS, WE DON'T SEE ENOUGH OF THESE POSITIVE REACTIONS!!


	I guess it's too much to hope for, but here goes:

	1) There are more and better minds avaliable to fix problems
	   regarding virii, worms, bugs, and the like than there are
	   people who will exploit these problems.  However, if these
	   problems aren't widely and openly discussed, the more and
	   better minds won't be thinking about solutions.

	   Hence, count one vote for net.security.

	2) The courts and society will have their way with the 
	   Morriss'.  That's the American way.  I doubt that
	   net.fuzzy.opinions will count for much.  Let's move
	   on.

	3) Thousands of us out here don't have source code, and have
	   to rely on software venders.  These venders are mostly
	   unresponsive to any problem brought up by end-users. Only
	   high level publicity and threat of negative corporate
	   image will move these venders to react.  Often, even these
	   these threats aren't enough.  Until there are more responsive
	   venders, we source-code-users are vunerable to all kinds of
	   attack -- and will remain vunerable.

	4) Many of you talk about the thousands of hours lost due to 
	   the Morris Worm.  How about something like "rm *" ?  How many
	   hours have been lost over the last 15 years over that 
	   bug-feature.?  Yes, I know the workarounds, and have installed
	   them.  How come though Un*x venders still havn't issued fixed
	   rm's or even discuss the matter in their documentation?  Or
	   even supplied the workarounds in their distribution?

	Just had to put in my $0.02.  Thanks for your attention.

Ron Elliott.
Flames Burn Bandwidth.  Better Sent to /dev/null

More information about the Comp.unix.wizards mailing list