+comunity+ AUP - Acceptable/Apropriate Use Policy Vorschlag

[Reinhard Braun]

At 15:59 12.03.03 +0100, you wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1

wollte nur an ein projekt von knowbotic research vom april letzten jahres 
erinnern;
PUBLIC DOMAIN SCANNER
http://channels.mur.at/muratnews/1020777183/index_html
hat eine grosse diskussion ausgeloest;
portscanning kann also auch ein thema "kuenstlerischer" projekte sein;
und auch dort geht es dann darum, dass es nicht im vorfeld abgesprochen ist ...

ich haeng mal einen ausschnitt der debatte hier auch einfach an,
ist nicht sdo lang ...

lg-rein

Date: Thu, 9 May 2002 11:50:59 -0400
From: "knowbotic.research" <krcf at khm.de>
To: nettime-l at bbs.thing.net
Subject: <nettime> Re: PUBLIC DOMAIN SCANNER [x2]
Sender: nettime-l-request at bbs.thing.net
Precedence: bulk
Reply-To: "knowbotic.research" <krcf at khm.de>
Status:


digested at nettime

    Re: [rohrpost]  PUBLIC DOMAIN 
SCANNER
      "knowbotic.research" 
<krcf at khm.de>

    Re: <nettime> PUBLIC DOMAIN 
SCANNER
      "knowbotic.research" 
<krcf at khm.de>



------------------------------

Date: Wed, 08 May 2002 10:48:42 +0200
From: "knowbotic.research" <krcf at khm.de>
Subject: Re: [rohrpost]  PUBLIC DOMAIN SCANNER


 >
 >unitedwehack.ath.cx
 >
 >All 1549 scanned ports on  (209.73.19.97) are: UNfiltered


May 5 21:00:34 on open scanner:

May 5 21:00:23 snd sshd[16010]: fatal: Read from socket failed: Connection
reset by peer

netname: CABLECOM-MAIN-NET descr: Cablecom GmbH descr: Zuerich
May 5 21:00:34 snd sshd[16032]: Failed password for illegal user su from
217.162.194.136 port 1116

May 5 21:00:39 snd sshd[16032]: fatal: Read from socket failed: Connection
reset by peer
May 6 06:14:11 snd sshd[31593]: Did not receive identification string from
211.124.245.7


Hutchison Telecommunications (Hong Kong) Limited
May 7 12:18:46 snd sshd[14426]: Did not receive identification string from
210.0.210.16


[Network Name] CWO-NET g. [Organization] City Wave Osaka Inc.
May 7 19:03:56 snd sshd[28072]: Did not receive identification string from
211.124.245.7

Freie Universitaet Berlin
May 7 19:26:24 snd sshd[31515]: Bad protocol version identification 'QUIT'
from 160.45.155.53
May 7 19:27:27 snd sshd[31728]: Did not receive identification string from
160.45.155.53

netname: DOM-NET descr: digital online media Gmbh descr: Bismarckstr. 60
descr: D-50672 Koeln
May 7 21:07:02 snd sshd[11961]: Bad protocol version identification '^D'
from 194.77.86.7




------------------------------

Date: Wed, 08 May 2002 17:27:40 +0200
From: "knowbotic.research" <krcf at khm.de>
Subject: Re: <nettime> PUBLIC DOMAIN SCANNER


  >I've never received an email that has caused me quite so much concern,
  >indeed, terror.

Yes, you are potentially right. Each network actor who does not follow the
legal guidelines of the political logic of security immediately becomes a
focus of concern.
If we published the precise vulnerabilities of the public domain in the
networks, the 18 U.S.C. 1030 Fraud and Related Activity in Connection with
Computers would make us hackers=terrorists.
(see http://www.usdoj.gov/criminal/cybercrime/1030_new.html
and the new Amendments
http://unitedwehack.ath.cx/infoPatriotAct.htm)

In relation to our project PUBLIC DOMAIN SCANNER, minds of
concern::breaking news
this means concretely:
A) if we used in this Public Domain Scanner the full range of a Security
Scanner, i.e. enact also intrusive scans,
B) and/or we published the adresses of the scanned servers and their
vulnerabilities
we would turn immediately illegal.
Thats the dilemma: security becomes the leading principle of today's
politics; if you dare to go in this political mousetrap (public domain is
the zone of instability and contestation, and has nothing to do with the
concept of security=regulating disorder by means of appeasement) and
discuss, crisscoss, enact publicly/in networks the concept of security, the
law forces you immediately to obscure the topic.
We had hoped to raise these issues unobscured in an Art museum, but since
Art Instutions are unwilling to enter this zone, even or maybe especially
not in an 'Art Hacking' show, due to the ubiquitous paranoia and threat of
getting sued, - the museum and the curators made it very clear to us that
we as artists are 100% alone and private in any legal dispute -, we decided
by ourselves to hide parts of the information on the scanner.
  >, but more importantly, <intently>who</intently> is behind it?
The artist group Knowbotic Research, based on vulnerable site
194.95.163.253, part of a current show in NY New Museum called
OPEN_SOURCE_ART_HACK. (netartcommons.walkerart.org)

Lachlan,
have a look at Critical Art Ensembles Book4: Digital Resistance: (chapter:
2 The Mythology of Terrorism on the Net
http://www.critical-art.net)
and i hope you will find out who uses tactics of near random paranoia,
panic and (virtual) violence in order to define critical people als
terrorists. The sovereign imposes an immanent threat on network actors of
making them terrorists, or even become himself the cracker (see German
interior minister Schily's state actions of cracking websites).
We think the only way of escaping this spectacle of paranoia in networks
demands new tactics and agencies inside the domain of the public. Such new
ways of public acting cannot fall into the trap of the worn dichotomy of
private and public but rather open new possibilities of public agency for
domains of the commons which include tactics which were seen as
inappropriate for the contextualization of the public domain in the
modernist sense. Instead of referring only to the concepts of transparency,
visibility and manifestation, we suggest to upgrade the public agencies
with non-representational activities like encrypting, rendering invisible,
disinforming, hiding, fleeting, tunnelling, disturbing, spoofing, and other
camouflage tactics.

knowbotics/christian



>hi august!
>
>On Mar 12, 2003 august said:
> > unter 8.12 Portscanning,  wuerde ich vorschlage wegzustreiken oder unter
> > malicious software zu geben.
> >
> > portscanning ist ein bischen wie atmen koennen online.
> >
> > waere meine meinung nach besser vage zu halten, oder mehr genau zu
> > definieren als bosartige absicht (malicious software).
>
>IMHO ist portscanning eine boese absicht und daher extra aufgefuehrt. ich
>sehe das so:
>
>entweder ein host betreibt services, die oeffentlich erreichbar sind. dann
>brauch ich nicht zu scannen. wenn services nur bestimmten userinnen zur
>verfuegung stehen (z.b. datenbanken via tcp socket) dann hat das meistens
>seinen guten grund. der scan nach einem derartigen port kann IMHO nur
>bedeuten dass jemand boese absichten hat (also suche nach bekannten
>exploits, der moeglichkeit, traffic zu sniffen etc).
>
>eine andere moeglichkeit ist es, ganze netze nach ports zu durchsuchen.
>dann findet mensch alle rechner, auf denen 'zufaellig' irgendwelche ports
>offen sind (meistens M$ netbios ueber TCP so nebenbei).
>
>da ich aber weiss, dass ich in punkto networking leicht zu paranoia neige
>und wir natuerlich niemandem das atmen verbieten moechte, bin ich an
>widerspruechlichen argumenten aeusserst interessiert.
>
>soweit mal danke fuer die rasche rueckmeldung.
>gruss
>- --
>j.h.
>jogi hofmueller <jogi at mur.at>
>         GPG-public-key: http://mur.at/~jogi/text/public.key.txt
>         or
>         wwwkeys.at.pgp.net[:11371]
>         GPG-key-ID: B972CEC1
>         Key fingerprint: 2CD5 4786 AA9E F315 6430  868F 00FA E375 B972 CEC1
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.0.6 (GNU/Linux)
>Comment: Made with pgp4pine 1.75-6
>
>iD8DBQE+b0tzAPrjdblyzsERAic8AJ47oHghWMJWEheagbIELopm2PgWBgCgn2Bp
>Z0Hg7IXVlyjugh4DJRUReow=
>=LcEz
>-----END PGP SIGNATURE-----
>
>
>_______________________________________________
>comunity mailing list
>comunity at mur.at
>http://mur.at/mailman/listinfo/comunity