Re: melissa and her daughters

Peter C. McCluskey (pcm@rahul.net)
Tue, 6 Apr 1999 09:44:36 -0700

spike66@ibm.net (Spike Jones) writes:
>The reason you saw a notice from me regarding the THAAD
>failure on Thursday afternoon when I actually posted it Monday
>morning (an hour after the event) was that our computers were
>melissa-ed and the network was down all week.

It's nice to hear that a company involved in our defense has reliable systems.

>CNN reports they nabbed the dirty scoundrel who wrote the
>virus. I cheered. For about three seconds. Then I said: wait
>a minute. What charge? Is this not covered under the US
>first amendment granting free speech? If he is charged with

The first amendment only protects speech that listeners can ignore if they don't consent to hearing.

>obstructing public communications, should not Microsloth
>be named as a co-conspirator? Should not this perp and
>Bill Gates share a cell? Could not Microsloth have shipped
>their product so that macros were disabled until *specifically
>enabled* by the 2% of the populace that will ever actually
>read the manual and decide we *need* word macros? How

Yes, they could have inconvenienced those who want to use macros. They probably assume that more users would get annoyed at them if they did that.
Failing to discourage a third party from committing a crime generally isn't a crime. Our society generally assumes that the creator of a virus is the only one who has done something wrong. As long as it's possible to track down virus creators and as long as they are rare, that approach can be more cost-effective than making systems secure. If it becomes hard to track down and punish virus creators (which wouldn't surprise me), then security will need to become the responsibilty of users.

>Legal eagles, help me out here: is the melissa author in real
>danger of going to the slammer? I am tempted to defend the

IANAL, but it seems safe to assume that he'll go to jail if a jury decides it was deliberate, and I wouldn't be surprised if he goes jail even if they don't.

>unsavory character. He did us all a service by pointing out
>yet another bug in Microsloth word. spike

Bug? Anyone who cares already knew that Microsoft products were vulnerable to this kind of attack. He didn't convey any worthwhile info.

-- 
------------------------------------------------------------------------
Peter McCluskey          | Critmail (http://crit.org/critmail.html):
http://www.rahul.net/pcm | Accept nothing less to archive your mailing list