In defense of NASA: was Re: Wirin' up blinkenlights

From: Richard Erlacher <richard_at_idcomm.com>
Date: Sat Jun 10 11:40:20 2000

A lot of the security problems would go away if they took the few
individuals they actually catch abusing their net use privilege and dipped
them, slowly, into a hot solder-pot during half-time of a major televised
sporting event.

If they dip a few extra guys, it's OK, since we're overpopulated by 10000%
anyway. An apology would suffice and think of what it would do for the
ratings.

Dick

----- Original Message -----
From: Clint Wolff (VAX collector) <vaxman_at_uswest.net>
To: <classiccmp_at_classiccmp.org>
Sent: Saturday, June 10, 2000 9:34 AM
Subject: RE: In defense of NASA: was Re: Wirin' up blinkenlights


>
>
>
> On Fri, 9 Jun 2000, Douglas Quebbeman wrote:
>
> > > > Is
> > > > the lack of security on the Internet possibly a well designed
feature
> > > > disguised as a flaw?
> > >
> > > No, it is because much of it is Unix oriented. And Unix
> > > security is just not that good.
> >
> > This isn't quite right, but does explain why Internet security
> > has not improved.
> >
> > First and foremost, like most other ARPA projects (such as
> > Multics), the ARPAnet was meant to be a prototype for what
> > a network could be. One of the base-level assumptions was
> > that it would provide information sharing between a small
> > number of trusted and trusting sites.
> >
>
> Yes, the ARPAnet (funded by DARPA - DEFENSE Advanced
> Research blah blah) was the prototype for a distributed
> communications system built to survive a nuclear attack.
> MILnet was built based on this prototype, and is in use
> today. It is mostly secure because there are only a few,
> tightly controlled, gateways to the Internet.
>
> NSFnet was the publically funded arm developed to facilitate
> communication between universities and a few corporations.
> For the most part individuals that had access to the Internet
> were college upperclassmen, who had a real reason to have
> access. My first experience was in the mid-80's, when
> more lowerclassmen were being granted access. This
> brought about the proliferation of ftp sites with pictures
> of nekked women, and the threat from NSF to disconnect
> any site (they could do that, and make it stick) engaged
> in such a frivolous waste of bandwidth. There still wasn't
> a great need for security because the only people having
> access were college educated individuals without a great
> design to destroy. Hacking into remote computers was done
> for the challenge and to discover new stuff.
>
> Then AOL came along :) With the selling of backbone
> connections by AT&T and others, and the proliferation of
> internet connections that NSF didn't control, NSFnet was
> soon overwhelmed and absorbed by the Internet. We now
> have an anarchy of competing ISPs tied into the Internet,
> and low cost access available to any monkey with a keyboard.
> There is now a real need to protect the backbone against
> malicious hackers, but no real way to do it.
>
> > However, from my own personal experience, I have never
> > succeeded in creating a prototype of a system to show to
> > management that management didn't say "a few more tweaks
> > and we're done". Although prototypes, both Multics and
> > ARPAnet were rushed into production because no one wanted
> > to take the time to stop and do it over again, better the
> > second time.
> >
> > regards,
> > -doug quebbeman
> >
> >
>
Received on Sat Jun 10 2000 - 11:40:20 BST