Mapping the real world to the Internet (Was Re: [Techtalk] 216 ssh login attempts, what to do?)

Carla Schroder carla at bratgrrl.com
Wed Oct 13 14:08:23 EST 2004


On Wednesday 13 October 2004 11:33 am, Devdas Bhagat wrote:
> On 13/10/04 07:40 -0700, Raquel Rice wrote:
> <snip>
> > I agree with you on that!  We lock the doors of our homes and expect
> > that is enough to keep people out, even though in reality it's not. 
> > Yet, most people don't try.  Most of those who do are prosecuted. 
> > Why isn't my computer considered the same?
> 

> A doorlock is a clear visible symbol that access is prohibited.
> Computers do not give such visible signs. Imagine a country of the
> blind, where the only way to find an open door is to actually try to
> open it. In such a case, putting up a fence around the house is a good
> way to keep unwanted people for knocking on your door (think firewall).

Perhaps it is different in your hometown. In the US, the accepted social 
contract is you don't mess with other people's stuff. It doesn't matter if 
there is a lock on it, or a sign that says "This belongs to Carla, don't 
touch." It's not yours, so you have no right to it. If you take it, you're a 
thief. If you damage it, you're a vandal. If you find a wallet in the street, 
you're supposed to return it to the owner. Of course not everyone returns the 
wallet, and there are always thieves and trespassers. But they are the 
exceptions. Not like the Internet, where thievery and abuse are the rule.

Returning to the armored bunker metaphor- you can put locks on your doors. Big 
deal, break a window. You can put bars on the windows. No problem, kick the 
door in. Or take your nice battery-powered reciprocating saw and cut a hole 
in the wall, or cut through the door lock. Or, wait til the owner is home, 
and sweet-talk or force your way in. What keeps us reasonably secure in our 
homes and possessions, without having to live in fortresses, is the unwritten 
agreement that doing such things is wrong, and if you do them, you are 
unambiguously in the wrong.

All the excuses that the l33t hax0rs makes- oh, they're just looking around, 
they're not hurting anything, they're actually doing you a favor by finding 
your security holes, etc blah blah are just excuses. It's not that big a 
conceptual leap from "you don't trespass in my home" to "you don't trespass 
in my computer."

> 
> The other big feature on the Internet is anonymity. In real life, I can
> see who you are if you knock on my door.

Yah, that's a big part of it.

> The third point is that the Internet is truly global. The implications
> of this are /not/ understood by most people. Your laws do not apply to
> me, and mine do not apply to yours. Now consider a person breaking into
> US based computers to relay spam to a user in the UK advertising sites 
> hosted in China with the DNS in Brazil and the registrar in Europe through 
> a compromised system based in Korea.
> You need all these countries to cooperate to catch your favorite local
> spammer.

Law enforcement is equally useless against burglars and vandals. It's a low 
priority, you're lucky if you even get a visit from a cop to take the report. 
The risk of getting caught and punished is a small deterrent.

Being pissed off and outraged are appropriate feelings for the state of the 
Internet. Truly the ability of humans to pervert and pollute is unparalleled. 

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Carla Schroder
this message brought to you
by Libranet 2.8 and Kmail
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


More information about the Techtalk mailing list