Self-defense isn't about recovering lost property, or preventy further loss. There are civil remedies for that kind of tort. Those who simply don't want to bother presenting their case before a trier of fact, who would instead rather just take matters into their own hands are vigilantes,

Your ambiguous use of the term "self-defense" amounts to a false analogy for a couple of reasons:

1) There's a difference between defending against personal, physical harm and keeping malicious traffic from reaching your network. (I shouldn't have to explain what that difference is.) Consequently,

2) There is no exigent circumstance. We are allowed to use force to stop an attack only when we believe life or bodily injury to ourself or to another is imminent.

3) Even when there has been bodily harm, the use of reasonable force is still limited to that required to stop the immediate attack, against a specific victim. What you propose would neutralize a machine indefinitely, and would not be limited to stopping the attack on YOUR system.

Imagine you were riding down the street on your bike and someone throws a rock at you. Maybe it even hits you and injurs you. You can go to his/her house and complain. But you can't go in and beat the crap out of them. Our system of jurisprudence guarantees us due process of law and the only exception to this is when life or limb are in imminent danger.

You might argue that some systems are indeed responsible for ensuring personal safety -- traffic lights or even ICU monitoring. I would hope that such machines are properly secured against any form of attack. It would be truly negligent to leave them exposed to attack via the Internet.

Your solution engenders greater problems -- legal, moral, and fiscal -- than the the one it purports to solve. Hardening systems against attack may not be a very good solution, but it's the best we can have at this point.

Nick

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/203/24166#24166