[Prev][Next][Index][Thread]

Re: Perl Co-inventor Convicted



In article <NEWTNews.807904872.8080.lsantist@lsantist.dfrf.nasa.gov>,
 <lsantist@lsantist.dfrc.nasa.gov> wrote:
>[...]
>*FLAME ON*
>
>What about the facts as some of us understand them?
>
>1: Randall is guilty as charged by his own admission.

That much is in fact not disputed. Where the dispute comes up is in other
points:

* Some of us feel that the law under which is was charged is terrifyingly
  dangerously over-broad, as demonstrated by how it was applied; the fact
  that it was written, applied by the prosecutors, and upheld by judge and
  jury stands as clear evidence that none of those people understood the
  basics of computer security.

* Some others feel that computer security means securing your own machine,
  and ignoring problems on your neighbors machines, even if you've worked
  there in the recent past and it's all part of the same larger
  organization.

So we're arguing about whether the situation is just or not, and calling each
other unprofessional. This is in my opinion a really useful and constructive
debate; it's getting people to put their names and affiliations on the answers
to really important questions. _I_'m saving this traffic, and will hang onto
it to use when checking potential hires, as well as considering new positions
myself. No matter who (if anyone) is ``right'', this info is fantastically
useful since you won't want to be anywhere near people in the opposing camp!

Specifically, I don't want to work in a company where I can be charged as a
criminal for trying to do my best for their machines --- and I don't want
people who aren't going to aggressively pursue security to be responsible for
machines in places where I work.

Indeed, a precis of Randal's case will be part of my interviewing discussion,
whichever side of the table I'm on; a person's opinion on this question is a
great measure of whether I want to be associated with them professionally.

-Bennett
bet@mordor.com

References: