[147264] in North American Network Operators' Group
Re: [fyodor@insecure.org: C|Net Download.Com is now bundling Nmap
daemon@ATHENA.MIT.EDU (Owen DeLong)
Tue Dec 6 13:56:06 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <1323196220.28950.YahooMailNeo@web162102.mail.bf1.yahoo.com>
Date: Tue, 6 Dec 2011 10:50:40 -0800
To: "andrew.wallace" <andrew.wallace@rocketmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Dec 6, 2011, at 10:30 AM, andrew.wallace wrote:
> On Tue, Dec 6, 2011 at 4:48 PM, <Valdis.Kletnieks@vt.edu> wrote:
>> On the other hand, just being Fyodor is sufficient to get him taken =
seriously.
>=20
> It could be argued that Nmap is malware, and such software has already =
been called to be made illegal.
>=20
> If I was Cnet, I would stop distributing his software altogether.
>=20
> Link: http://nmap.org/book/legal-issues.html
>=20
> Andrew
>=20
That's a stretch. Malware generally, IMHO, means software which does =
something other than what it claims to do.
I don't believe that nmap does anything other than what it claims. I =
understand you may not like the idea of having such a tool available to =
users of your network. Personally, I'd rather that the users had access =
to such a tool than live without it myself. Kind of a double-edged =
sword, I know, but, nmap is a tool. In and of itself, neither bad nor =
good. Malice is in the intent of the user.
This distinguishes it from malware in that with malware, malice is in =
the intent of the author and not the user. Malware, once installed, does =
what its author wants it to do regardless of the intent of the user.
Sure, you can do things with nmap that are at best antisocial and at =
worst potentially illegal.
I can do things with a Bowie Knife that are as well.
However, used properly in the right context, both can be very useful =
tools.
I don't think we should outlaw either one. Then again, I'm rather =
liberal in that regard. I believe that we should not ban something if it =
has both legitimate and nefarious uses, but, rather, should only ban =
those things which pose a public hazard and have no legitimate use.
I suspect that he would rather Cnet stop distributing his software =
altogether than do what they are doing.
I appreciate the warning and have stopped using CNET as a result.
Owen
