Borja Marcos de la Puerta talk

ENGLISH

Start of #linux buffer: Fri Dec 07 00:06:46 2001

fernand0 well

fernand0 let mi cover this gap

fernand0 saying some words about our speaker

fernand0 :)

* Borja blushes

fernand0 who loves these things called er ... something BSD

fernand0 and also other high end topics in computer science

fernand0 he words for an importan ISP in Spain

fernand0 and we are very grateful about this talk

fernand0 because, even he always has time for UniNet,

fernand0 he is a really busy, busy man

fernand0 Of course

fernand0 we also would like to give thanks to all of you

fernand0 for comming here

fernand0 and we apologize for this small delay

fernand0 in a few moments, the talk will start

Borja Well, this talk will be in the standard language of science,

Borja_ The worm strikes back

Borja that is, Bad English.

Borja Sorry, go on :-)

Borja_ Abstract

Borja_ On November 2, 1988 a worm was released into the Internet

Borja_ network. The worm, which spread among Sun and VAX computers

Borja_ running Unix, caused a major disruption to the net. The

Borja_ Unix systems.

Borja_ After the incident, many important lessons were learned.

Borja_ However, most of these lessons are overlooked by software

Borja_ designers who write software with the same type of problems

Borja_ exploited by the worm and, worse, offers stupid functionalities

Borja_ that severely compromise security.

Borja_ Nowadays Internet is no longer an academic network, and while

Borja_ it is becoming a service as important as the telephone network,

Borja_ the security of the network seen as the set of computers

Borja_ connected to it is in a much worse situation: most of the

Borja_ computers run the same operating system, and the system

Borja_ diversity has decreased.

Borja_ To make things even worse, cheap broadband access is becoming

Borja_ available for households in most developed countries, making

Borja_ home computers available to launch large scale attacks.

Borja_ What is happening today?

Borja_ News stories about computer breakins are becoming commonplace.

Borja_ Connecting a computer to the network is indeed risky. An

Borja_ intruder can be anywhere. Attacking a computer round the

Borja_ corner is as difficult and cheap as attacking a computer

Borja_ in the antipodes. Hence, the number of potencial attackers

Borja_ is very high.

Borja_ Recent incidents just shown the potential of a large-scale

Borja_ automated attack. Worms such as the Code Red saga or Nimda

Borja_ disabled hundreds of thousands of computers worldwide. Compromised

Borja_ computers had to be desconnected from the network, although

Borja_ some of them are still active looking for new victims.

Borja_ These incidents not only affected directly vulnerable computers

Borja_ running Microsoft operating systems; many sites with low

Borja_ bandwidth links or low capacity servers and firewalls were

Borja_ overloaded by the high number of compromised computers scanning

Borja_ the networks for new vulnerable computers. A large number

Borja_ of small sites suffered a severe denial of service during

Borja_ the peak hours of propagation, and even big sites suffered

Borja_ some performance problems in network equipment, being firewalls

Borja_ the most vulnerable. Logfiles in webservers algo grew much

Borja_ larger than usual, leading to storage problems.

Borja_ The latest incidents have been the culmination of a worrying

Borja_ trend we saw with Melissa, the first worm released after

Borja_ the November 1988 one was "ILOVEYOU".

Borja_ It exploited the presence of a programming language in the

Borja_ Microsoft Office suite applications, and propagated with

Borja_ infected Microsoft Word documents. When a user opened a

Borja_ document, the macros present in the document used the Outlook

Borja_ API to send copies of itself to contacts listed in the user's

Borja_ addressbook.

Borja_ The damage done by this simple worm was huge. Many organizations

Borja_ had their mailservers completely overloaded, with the email

Borja_ service stopped until they cleaned the servers.

Borja_ This incident was possible because of two main factors:

Borja_ First, thanks to the monopolistic tactics applied by Microsoft,

Borja_ most home and office computers use the same application

Borja_ software and operating system. In this case, Microsoft Office

Borja_ and the different versions of Microsoft Windows. Hence the

Borja_ number of potentially vulnerable computers was very high.

Borja_ Vulnerable computers were used by people with little or

Borja_ no knowledge on computer security.

Borja_ Second, Microsoft software designers had been ignoring the

Borja_ most elementary security measures in their developments.

Borja_ There is a worrying trend in software development. New versions

Borja_ offer no real innovations, and software manufacturers tend

Borja_ to overload programs with stupid and useless functionality

Borja_ just to add "value".

Borja_ These so-called innovations are always added without paying

Borja_ attention to security. Adding complexity to a program, even

Borja_ paying the due attention to security, increases the risk

Borja_ of introducing a security flaw. But many of the features

Borja_ recently added to mainstream systems and application software

Borja_ have serious design flaws.

Borja_ For example, adding a full-fledged programming language to

Borja_ a word processor does not seem very useful, but it is a

Borja_ great tool for spreading worms. People routinely exchange

Borja_ text documents. "Intelligent"

Borja_ behavior pervades the Window operating system, too. Just

Borja_ remember the recent "Nimda"

Borja_ worm, spreading thanks to a flaw in the handling of some

Borja_ MIME attachments. The routine responsible for opening a

Borja_ file in Internet Explorer tries to determine the type of

Borja_ file by looking at its contents, ignoring the MIME type

Borja_ associated to it. It can seem useful, as it can hide user

Borja_ and/or programmer mistakes, but in this case an executable

Borja_ sent with an audio MIME type circumvented all the pseudo-security

Borja_ checks implemented in Outlook. This was also a serious violation

Borja_ of a fundamental practice in programming: correct modularization.

Borja_ The situations seems to go from bad to worse. One of the

Borja_ conclusions drawn from the 1988 worm was that diversity

Borja_ is good, and can be essential for the surviblity of the

Borja_ communications infrastructure. This is the same issue identified

Borja_ recently in the debate about animal clonation. A population

Borja_ of cloned sheeps could die should they be genetically vulnerable

Borja_ to a particular strain of a germ. If we infect two specimens

Borja_ in good health with the same germ, one of them can die while

Borja_ the other survives. It is a matter of genetic vulnerability.

Borja_ Exactly the same happens with operating systems. If we consider

Borja_ (hypotetically, of course) all operating systems equally

Borja_ secure -hence equally insecure-, it would be possible to

Borja_ develop an automated attack program, perhaps a worm, capable

Borja_ of affecting most of the system installations. What will

Borja_ happen if every users run *the same* operating system? Then

Borja_ the communications infrastructure will be in a high risk.

Borja_ A single worm could make the whole network collapse.

Borja_ The situation is even scarier; there is a trend towards uniformity,

Borja_ as newcomers to the network are using an intrinsecally insecure

Borja_ operating system: Windows. A critical mass of vulnerable

Borja_ systems is being created, and these vulnerable computers

Borja_ will be connected to the networks through broadband links.

Borja_ These computers will be connected 24/7, probably housing

Borja_ personal webservers, etc.

Borja_ A similar trend is being observed in the Unix world, although

Borja_ it is not so dangerous. Many people considering Unix systems

Borja_ for their servers are choosing Linux just because it is

Borja_ what they read in the media. This is an error. Obviously

Borja_ Unix systems are not intrinsecally insecure, although programming

Borja_ mistakes have been the cause of security problems in the

Borja_ past, and will also cause security problems in the future.

Borja_ Which future can we expect? Is Internet about to be shut

Borja_ down by vandals? Is there any hope? Well, I think there

Borja_ is a real risk here. Many people will connect to the network

Borja_ in the coming years. The newcomers will not be trained on

Borja_ computer security at all, and it seems that they will use

Borja_ Windows systems.

Borja_ The worms and viruses we have seen so far are not very sophisticated.

Borja_ Most of them are programs designed only to replicate, causing

Borja_ only collateral damage (significant, unfortunately). Nothing

Borja_ has been done to steal codes, credit-card numbers, etc.

Borja_ Worms have been extremely noisy. The propagation of the

Borja_ worms has caused denial of service problems in many networks,

Borja_ and the worms have been really noticed. However, the scenario

Borja_ of a silent worm propagating at a slow pace during months

Borja_ is not unlikely, and the results would be devastating.

Borja_ We can do something to prevent this. First of all, we must

Borja_ avoid uniformity. When planning a network design, always

Borja_ avoid adopting the same operating system for everything.

Borja_ Use a mix of them. No operating system is equal to the others;

Borja_ even Unix systems have noticeable differences among them.

Borja_ For each task, use the system best suited for it.

Borja_ Another problem is the current software monopoly situation;

Borja_ it must be fighted at all costs. It has almost killed innovation

Borja_ in the industry, as no company can try to introduce a new

Borja_ operating system. Microsoft has exclusive agreements with

Borja_ every PC computer manufacturers. the situation is serious

Borja_ indeed: people buying computers "withut

Borja_ an operating system" (this means without

Borja_ a Microsoft operating system, but this is one of the effects

Borja_ of monopolies) are treated as suspicious of software piracy.

Borja_ And the main battlefield here is education. We must make

Borja_ sure that students learn the fundamental principles. Nowadays,

Borja_ fashion dictates that computer science students must learn

Borja_ to use mainstream systems. Most of them are not proficient

Borja_ in proper data structures and algorithms design. Most of

Borja_ them don't know about operating systems design. Without

Borja_ foundation, it is impossible to have a good knowledge, and

Borja_ a professional with no solid knowledge is a bad professional.

Borja_ Bad professionals will only ensure that the present problems

Borja_ will be worse in the future.

Borja_ THE END

fernand0 plasplaspl plasplasplasplas

Kefar plas plas plas plas plas

Dr_Q clap clap clap clap

Dr_Q clap clap clap clap

niyul bravo!!!!!

Dr_Q very interesting indeep

Kefar plas plas plas plas plas

Kefar plas plas plas plas plas

> clap clap clap clap clap clap clap clap clap clap

fernand0 plas plas plas plas plas plas plas plas plas

> clap clap clap clap clap clap clap clap clap clap

> clap clap clap clap clap clap clap clap clap clap

> clap clap clap clap clap clap clap clap clap clap

> clap clap clap clap clap clap clap clap clap clap

> clap clap clap clap clap clap clap clap clap clap

Kefar plas plas plas plas plas

kiwnix plas plas plas

Kefar plas plas plas plas plas

> clap clap clap clap clap clap clap clap clap clap

> clap clap clap clap clap clap clap clap clap clap

dardhal "Education is key" <<-- that is the important thing. Great.

kiwnix clap clap clap

> a moment , Borja is traslating in #redes to spanish

> and hi have a delay....

> a moment

> very good Borja !!!

> clap clap clap clap clap clap clap clap clap clap

> clap clap clap clap clap clap clap clap clap clap

> clap clap clap clap clap clap clap clap clap clap

> clap clap clap clap clap clap clap clap clap clap

limitations)

fernand0 plas plas plas plas plas plas plas plas plas plas

fernand0 plas plas plas plas plas plas plas plas plas plas

fernand0 plas plas plas plas plas plas plas plas plas plas

fernand0 plas plas plas plas plas plas plas plas plas plas

Oroz plas ...

Oroz :)

fernand0 eso pareció mas una bofetada

> <sarnold> borja_ thank you; some thoughts .. when most

programs designed to perform a function, ftpd, smtpd, etc, the clear majority

fall prey to the same problems .. how can diversity truly help?

Borja Sorry... I was answering in #qc :-)

> <Borja> Hi

> <hensema_> Borja: what's your opinion on the recently

released Evolution email-client, which is -- at least in appearance -- similar to

Microsoft Outlook?

> <sarnold> Borja_, furthermore, true completely seperate

implementation diversity is *expensive* .. there are really only a few good mail

clients out there .. implementing more is way too much work!

Borja Well, different implementations are not usually vulnerable to the

same flaws, or, at least, to the same exploits.

Borja You shouldn't bet all your money to the same horse, I think... ;-)

diva chao a todos

diva que la pacen bien

Borja Next?

Borja regarding the appearance of Evolution, I don't think it is an

issue. Outlook is a bad program from the security point of view. I don't use it,

so I cannot comment on other issues ;-)

Borja I am using Kmail right now and I want to try Evolution.

#linux

Dr_Q now

Dr_Q after this conference

Dr_Q i have clear

#linux

Dr_Q what are the main causes about

Dr_Q the insecure at internet but...

Borja <leonardop> Borja... thanks for your interesting talk. Just for

curiosity, what's your favorite BSD OS? and why?

dardhal Another "single point of failure" on today's Internet is DNS

root servers, many of them using some version of BIND, which is scary

Borja Well, my favourite version of BSD is FreeBSD. I use PCs and it

seems to be the best optimized for PCs.

Dr_Q isnt there other solucions but education to improve security?

Borja Yes, it is a single point of failure but if it is not excuted in the

*same* operating system, at least it would be a daunting task to take over most

DNS servers. If all of them were running exactly the same, we would be at a

real risk.

Borja Education is critical in this case. This is related to a similar

problem affecting society in general, the lack of scientific culture.

sarnold dr_q -- a massive help would be to switch to more type-safe

languages ...

dardhal Borja: correct, but maybe you don't want more than taking the

servers down, and halt the Interet as a whole :(

Dr_Q x

Dr_Q sarnold: thank you

#linux

Bacchus[brutus.conectiva.com.br]: EOF from client)

Borja People can be easily deceived by someone using some

scientific words. Take, for example, homeopathy. many people think that it is

legitimate. With some scientific culture you can see for yourself that its claims

are absurd

Borja There are many risks now, sarnold. Someone may want to take

the net down. Someone may want to compromise as many computers as

possible to get valuable information. It has happened...

Dr_Q the only secure computer is the unplugged computer :-)

Borja Yes, but today an unplugged computer is just a pile of metal

and sand.

LarstiQ van Eck phreaking et al, make that the demolished computer

Borja :-)

#linux

Borja Next?

JAZZANOVA here it is spoken about the education, that is

fundamental without a doubt, but what we do to spread it, to foment it?

Borja Well, university teachers must make sure that students learn

computer science, not how to use a visual programming toolkit, a frequent

mistake.

STAR[shine.cmw.sld.cu])

g/ <-- php developer? hop on in ....)

Borja All of us can make a difference. I am sure many of you have

friends who ask for help.

Borja You can educate them.

JAZZANOVA thanks

Borja And I don't think type-safe languages will alone fix the problem.

Borja I agree that C is not the best language for all the tasks for which

it is used now. But it is great for systems programming.

velco especially when people just keep using old-fashined C ...

from client)

Borja But buffer overflows are not the only kind of security flaws.

There is a more dangerous kind, derived from interactions between programs.

fernand0 well there is an aforism i read somewhere

fernand0 choose any language

fernand0 and you can find a 'hacker' doing assembler in that

language

fernand0 hehe

Borja I mean, of course wiping buffer overflows wouls make our lives

easier, but it is not a silver bullet.

Borja Yes, it is true :-)

Borja And this kind of things bring us to my obsession... E D U C A T I

O N

Borja Students are exposed to really bad influences.

-- Accept no limitations)

Borja They are growing among poorly designed programs.

fernand0 discipline an order are not well considered features

Borja How many of you have used a non-Windows or non-Unix

operating system?

Borja (And non-MSDOS, of course)?

fernand0 macos ?

fernand0 hehe

fernand0 pre-X, of course

pdp as400

JAZZANOVA beos :)

Borja Sorry, I mea "non-mainstream"

dardhal Linux-only for some time :)

Borja :-)

fernand0 i supposed it, but wanted to joke

Borja VSTA? Amoeba? Plan 9? Inferno?

Borja Anyone?

leonardop non-Unix? I mean... there's a non-Unix OS out there? :-)

Borja ErOS?

sarnold (heh, don't say that loud enough for The Open Group to hear

you.. :)

sarnold borja -- EROS! I've not yet booted it, but I've read all the docs

:)

pdp os/360//390 for instance

fernand0 vms ?

Borja Yes, but I am thinking about systems with new ideas:-)

fernand0 it was mainstream hehe

Borja VMS... the previous work of the artist who perpetrated NT...

fernand0 well

Borja Vomit Making System, as Richard Stallman used to call it years

ago

fernand0 i read somewhere that they are proud of it, at digital 0:)

sarnold yeah, but RMS removed the wheel check from 'su', so ... :)

Eliz saludos a todos!

Borja Well, VMS was stable. I just didn't like it

kiwnix HURD is a non-unix?

fernand0 well, mos unices are, aren't they?

Borja But Windows NT is a piece of crap. id any of you read the

special issue of "IEEE Computer" covering Windows NT?

Borja It was similar to a PC magazine. Horrible

fernand0 business are business

Dr_Q i think windows is more secure than linux

Borja Really?

viXard Borja, what about theres an stadarized OS like happened with

C language

Dr_Q juer, say that have caused me a stomach-ache

sarnold Dr_Q -- for kicks, sometime, head to securityfocus.com, look

for the bugtraq archives, and look for the advisories from any single linux

vendor, and any single microsoft vendor (heh heh) and do some counting... :)

Dr_Q Borja: no, i was joking again

viXard would this be a really problem ?

Borja :-)

Dr_Q i use debian for a long time ago, and from then i dont know

what a antivirus is

fernand0 it is not secure, it is sure that IT professionals will get more

money securign it :)

viXard Borja, what about theres an stadarized OS like happened with

C language, would it be a disaster ?

Borja viXard, I don't think so. I mean, standardization affects APIs and

command syntax, but there are many different CPUs out there.

Eliz[169.158.164.136])

velco sarnold: in fact, IIRC CERT has such lies, damned lies and

statistics, which show similar number of vulnerabilities in Linux and Doze

sarnold velco, which just goes to show that, for some set of rules,

windows isn't moer secure than linux :)

velco sure.

Borja But those vulnerabilities are different indeed.

vulnerabilties wide open :)

sorts of odd behaviors in Windows, like that stupid routine in IE that tries to

determine the type of a file by its contents instead of using the MIME type.

dardhal sarnold: so we come to the point Borja talked about,

education (both users' education and vendors' education)

Borja This sord of confusion is bad, it is serious. I don't see this in

Unix.

Borja Of course there are minor programming mistakes, but most of

them are fixed with at most a 100 line patch.

Dr_Q ive notice that my level of english have been getting lower and

lower :-(

> some data.... Borja: Message Labs estimate that que en 1999 la

relacion virus / messaje mail ratio was 1/1400 during 1999. At 2000 year, this

ratio was 1/700 and probably will be 1/300 en 2001. Also we have spam...

indeed, do you think that the email have a good future?

Borja Which is the size of a Windows fix? I am not talking about the

size of the service packs, but have a look at the very nature of the flaws.

Borja Do you think they are similar?

viXard Borja, what about those people that are technitians but don´t

know anything about MIME type and networks structures. Are they helpless ?

Borja Well, email is the most important Internet service. It is funny,

considering that its designers didn't think it would be used at all..

fernand0 what about .Net ?

fernand0 how will go things there ?

Borja Well, the security of Passport has already been compromised ;-)

pdp it is also the most Mis-used service on the Internet

fernand0 hehe

Borja .Net is a real risk.

Borja Even the Gartner Group says it!

fernand0 some experts said that it was not so bad

sarnold pdp has a good point .. the fact that emails have 'attachments'

demonstrates that distributed filesystems for the most part need work

Borja Fernand0, if you believe in diversity you don't belieeve in .Net

or any similar iniciative.

fernand0 that's true

viXard What about privacy security, is there a way to keep my privacy

from the owner of the service ?

lack of attention to security... would you trust it?

Borja Yes, viXard, strong cryptography, fortunately available for all of

us.

Borja Have a look at the Phil Zimmerman's pages in MIT.

viXard what abut LSSI ?

Borja PGP has saved lives of people under dictatorships

Borja Well, I think the golverment knows nothing about Internet. They

have to learn...

Borja LSSI has some good points, but unfortunately it has very

danbgerous points.

Borja Anyway it won't pass. It is against the constitution.

viXard Spanish Constitution

Borja Yes, I forgot it :-)

viXard what about the rest of europe and the world ?

Borja (I'm Spanish)

for being a country with great civil freedom, despite their claims.

dardhal Borja: Spanish LSSI prerelease3 does have major changes

with respect to the original version.

viXard US have released new laws that permits authorities to look

under our dresses ;)

Borja I know, but have not read the 0.33 version.

#linux

viXard solo 5 mins

dardhal Borja: it is far from perfect, but is a major advance with repect

to the original one

viXard If Kriptopolis moved their servers to US away from LSSI, then

they must be back running away fron new US laws XD

viXard Is an endless running

dardhal viXard: jeje, what kriptopolis did is something still not

explained

viXard jej

viXard they are going to end on south pole

dardhal viXard: a good place to overclock Athlons :)

viXard or inside a submarine called Nautilus

viXard yeah !

viXard they can make a conection to chile XD

Borja Mars? :-)

Borja Or perhaps with a wireless link to a backpack!

Borja :-)

viXard jeje

sarnold borja -- one still needs to find an uplink, which can be tough..

viXard yeah, The moon is american

dardhal viXard: the submarine could be attacked by a huge and

horrid slow-moving species called Mozilla XDD

viXard damn right

Borja Anyway, I don't think it will be so hard.

SKARLET[169.158.164.157])

viXard what about self-implanted worms?

pdp just eat a Burger....

viXard administrators that are unconfortable with their companies and

write their own worms

sarnold heh, protecting against upset administrators can be pretty

tough :)

Borja It is just the same old problem with internal security.

Borja Almost impossible, depending on the resources available ;-)

Oroz keep the administrator comfortable...

viXard je

viXard no way to do it XD

CTCP TROUT THIS, BITCH!)

sarnold sure .. have the OS and applications require N identical

actions from N different administrators before any changes can be made

Borja Anyone with responsibility can cause a lot of damage. What

about excutives?

Borja Yes, but it is expensive. You need complex systems to do that.

Borja That's why I say "depending on available resources" :-)

sarnold ayup :)

sarnold it was important enough that nuclear command and control

systems were designed that way ..

dardhal Borja: "common sense" seems to be a scarce resource,

specially at many Spanish companies :(

sarnold but you will note that WinNT/XP was *not* designed that way,

and .. to the best of my knowledge, no Unix systems either :)

sarnold dardhal: s/Spanish//

dardhal sarnold: but here the situation seems even worse, we are

some years behind in everything

Borja No, but Unix has a simpler dsign, and it is a plus.

dardhal sarnold: including "common sense"

Borja I don't think so, dardhal

Borja True, there are fewer Internet users than in USA. And so?

dardhal Borja: not talking about users, but about "corporate

computing"

Borja Problems are similar in USA and in Spain in corporations

Dr_Q dardhal its worse in other country like Cuba, where access to

internet is censured

dardhal Dr_Q: sure, but we are talking about places were "freedom"

is not a primary concern, because you "have it"

Dr_Q i agree

Borja Anyway, we should not get it for granted. Now and then

someone will try to limit our freedom.

Borja Look at what is happening now.

viXard yeah

viXard kill the bastards XD

sarnold heh, you don't have to put up with .us's ashcroft :)

Borja We have our own ashcrofts here...

sarnold oh; I'm sorry to hear that :(

dardhal Borja: but many people think lack of freedom is when you are

put into jail, not before. There is no "critical mass" of people concerned about,

for example, what is going on in the USA

sarnold I figured the EU countries were generally more sane...

Dr_Q well, good night to everybody

Borja dardhal, I think many people here are concerned indeed

dardhal sarnold: Europe is like The Matrix, nobady can tell what it is :(

Dr_Q i promise to pratice my english to improve it :-)

Borja Yes, sarnold, but there are crazy politicians all over the world

viXard darhal: jeje

dardhal Borja: one think is to be concerned about facts, and the other

about what some political parties and social groups want you to believe

Borja Well, what is your opinion on my Bad English? ;-)

dardhal Borja: not bas, excelent english

dardhal s/bas/bad/

viXard how many people in here don´t speal spanish ?

Dr_Q your english is very bueno

Dr_Q :-)

Borja Of course, we are lucky. This conversation is actually taking

place!

viXard my vocabulary is going down XD

Dr_Q and mine

Borja :-)

sarnold viXard -- 'hola', 'como te lama', 'bueno', are about all my

spanish :)

Dr_Q some time ago, i used to practice english every day

viXard i don´t know how to say "glutamato de potasio "

Dr_Q sarnold: using that words you can build a lot of phrases

dardhal Dr_Q: I'm sure you read much more english pages a day

than in spanish

sarnold donde esta el banos .. :)

Dr_Q dardhal: yes

sarnold (I can't find the n~ key on my keyboard :)

Dr_Q but its different understands what you read that try to write in

english what a have in my mind

Oroz sarnold: una cerveza por favor?

sarnold groz, jejej :)

Dr_Q bye

Dr_Q ;-)

Oroz usually everbody knows the meaning of that

viXard going back to tiranosaurious species......

sarnold 'night Dr_Q

viXard what about that meeting about cybercrimen just few days ago ?

viXard what´s was the real declaration of that ?

Borja Well, I think cybercrime must be fught

Borja (fought)

dardhal viXard: it was signed, approved by some countries, and

about to generate country-wide laws to enforce it

Borja I mean, we need freedom. But nobody needs freedom to

damage others.

viXard but they "way " they apply those laws, is what matters me

viXard i´m more paranoic about authorities than about crackers

Borja I am paranoid about both

viXard or a damn stupid script kiddie

dardhal viXard: this treaty about cybercrime says little about

punishment, but talks a great deal about "ISP collaborating with authorities to

gather data an evidences"

Borja But crackers, even the lamest of the script kiddies, are limiting

our trust on communication networks.

Oroz 'nigh *

But then again, who does?)

viXard I was readind few weeks ago, "the hacker crackdown", and

there was a lot of abuses against people

Borja I agree with you, and we need well-thought laws.

Borja But, as there is a law that protects you from being stolen, raped

or killed, there should be one protecting your email

viXard FBI and USSS were a real pain in the ass, for every BBS owner

Borja I know. It was very bad done, indeed. They knew nothing

(Aplicación Saliendo)

viXard but they don´t acuse you for rober at least they have proves

JAZZANOVA anyone knows about "Linterna Mágica" ? i dont know

the real name...

viXard instead of cybercrime, they asume that as you know computer

stuff, you´re dangerous

Borja It is a cultural problem. They must learn.

sarnold 'Magic Lantern'

Borja If I say I am a supporter of nuclear energy, how many of you will

see an alarm flashing?

sarnold borja, I've got mixed feelings, for sure ..

dardhal Borja: nuclear energy is good, is taken seriously

Borja There are lots of irrational feelings about many subjects. This is

happening with cybercrime among judges, politicians and lawyers, and the

society in general.

#linux

viXard peoples rights are are subvaluated

dardhal viXard: people are not aware of their rights, and so they don't

fight for them

viXard my mailbox was digged out whithout my knowlegde, and

without no authority permission

viXard just because a suspicious

viXard where did I should go?

viXard nowhere! nobody´s deffending my rights against that

Borja That should be punished, of course.

sarnold viXard -- run your own ISP :)

Borja Anyway, no court would accept it as a proof

viXard laws don´t consider this as a right

viXard sarnold, that was at my last job

viXard people

viXard http://www.walc2002.pucmm.edu.do/

viXard El V taller en teconologias de redes e internet para america

latina y el caribe

krUNIX viZard?

viXard May 2002

viXard KrUNIX ?

krUNIX linuxlatino?

viXard sep

krUNIX cool

krUNIX viniste a la conferencia?

dardhal It's been a great pleasure to talk with all of you

viXard PARTICIPANTES EXTRANJEROS

viXard 1.- US$1,300.00 PARA LOS QUE SE INSCRIBAN ANTES DEL 15 DE FEBRERO 2002.

viXard Incluye participación en el taller seleccionado, alojamiento, desayunos, almuerzos, Refrigerios, Transporte desde el hotel al lugar del evento, Seguro de Hospitalización y Cirugia en caso de accidentes.

viXard 2.- US$1,400.00 PARA LOS QUE SE INSCRIBAN DESPUES DEL 15 DE FEBRERO 2002.

viXard Incluye participacion en el taller seleccionado, Alojamiento, Desayunos, Almuerzos, Refrigerios, Transporte desde el hotel al lugar del evento, Seguro de Hospitalización y Cirugia en caso de Accidentes.

dardhal Godd morning/evening/night || Buenos días/tardes/noches

viXard same, darhal XD

sarnold dardhal :)

viXard krUNIX: sip, estaba charlando un poco con el conferencistas y otras personas

krUNIX aja

krUNIX pero ya termino la confrencia?

viXard sep

krUNIX :(

krUNIX llegue tarde

krUNIX los logs los publicaran?

viXard http://umeet.uninet.edu/umeet2001/spanish/prog.html

Borja Estarán en el web mañana, supongo

viXard http://umeet.uninet.edu/umeet2001/spanish/des.html <-- los logs

krUNIX cool

krUNIX ;)

krUNIX grax

krUNIX aja

viXard me cambio de conexion

wings)

krUNIX entonces mañana es ataques de DoS

End of #linux buffer Fri Dec 07 00:06:46 2001

Generated by irclog2html.pl by Jeff Waugh - find it at freshmeat.net!

Mas información: