Return-Path: <sentto-279987-1501-996553294-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 30 Jul 2001 21:22:15 -0700 (PDT) Received: (qmail 27597 invoked by uid 510); 31 Jul 2001 03:24:02 -0000 Received: from n31.groups.yahoo.com (216.115.96.81) by 204.181.12.215 with SMTP; 31 Jul 2001 03:24:02 -0000 X-eGroups-Return: sentto-279987-1501-996553294-fc=all.net@returns.onelist.com Received: from [10.1.4.52] by hp.egroups.com with NNFMP; 31 Jul 2001 04:21:36 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@yahoogroups.com Received: (EGP: mail-7_2_0); 31 Jul 2001 04:21:33 -0000 Received: (qmail 14603 invoked from network); 31 Jul 2001 04:21:32 -0000 Received: from unknown (10.1.10.142) by m8.onelist.org with QMQP; 31 Jul 2001 04:21:32 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta3 with SMTP; 31 Jul 2001 04:21:32 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id VAA08343 for iwar@yahoogroups.com; Mon, 30 Jul 2001 21:21:31 -0700 Message-Id: <200107310421.VAA08343@big.all.net> To: iwar@yahoogroups.com In-Reply-To: <20010731025852.2987.qmail@web14501.mail.yahoo.com> from "e.r." at Jul 30, 2001 07:58:52 PM Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 30 Jul 2001 21:21:31 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] Why it doesn't work to fight back - for now... Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Per the message sent by e.r.: > This is no longer a game and it is time to put your money where your > mouth is. To claim we are the "all knowing" of the IWAR circut and > then to do nothing makes you look just as bad as the AOL lover-Im not > kidding- on Dr. Rice's Committee. In fact it makes you look worse > because you know better. > Fred, Tony and company, we have to attempt to effectuate change, or at > a min. not allow these fools to damage national security dependent > parts of the cyber infrastructure beyond repair. It is a real > possibility with the attacks like Code Red, and others from foreign > nationals whose goals are to trash that system we rely on. I hate being > correct in such situations, but it is hard to deny. I did grow up in a > second rate nation and I will do whatever I can to slow down the > adversaries. How about you, folks? It is gut check time and I hope you > will take the chance at intervention. Remember, this is an open and global forum. Many on this forum may not be on your side. The problem of going out and solving these problems is a bit complex today. For example, I am pretty certian I could stop the Red Code virus in its tracks without much effort - a half a day with a skilled Windows programmer would probably do it - the problem is that the techniques available for doing this are violations of law - so I would have to do it covertly and at personal risk of prosecution. I know that you could try to claim necessity in court, but I don't have time for that and I doubt if Red Code will get to the level where we need to use these techniques against it. We are about to abandon our counter-staganography research because of the DMCA - which basically makes it illegal to crack the codes used by the bad guys (you cannot create a mechanism that bypasses an effective security measure that protects copyright material - allmost all material is effectively copyright when you write it down or put it in a computer - so digital forensics is now a very dubious field to be in). The sad truth is that the government continues to restrict my ability to legally do research and most everything I can do that actually has large-scale effect is highly dubious from a legal standpoint. This does not stop the bad guys from doing it - when steganalysis is illegal, only criminals will do steganalysis - when forensics is illegal, only criminals will do forensics - that's where it's going. Enough ranting - back to iwar... FC --This communication is confidential to the parties it is intended to serve-- Fred Cohen Fred Cohen & Associates.........tel/fax:925-454-0171 fc@all.net The University of New Haven.....http://www.unhca.com/ http://all.net/ Sandia National Laboratories....tel:925-294-2087 ------------------------ Yahoo! Groups Sponsor ---------------------~--> Small business owners... Tell us what you think! http://us.click.yahoo.com/vO1FAB/txzCAA/ySSFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:38 PDT