Beefy Boxes and Bandwidth Generously Provided by pair Networks
Clear questions and runnable code
get the best and fastest answer
 
PerlMonks  

Re^3: Information sharing

by jZed (Prior)
on Jun 05, 2004 at 17:24 UTC ( #361639=note: print w/replies, xml ) Need Help??


in reply to Re^2: Information sharing
in thread Information sharing

Imagine if you were a hardware store employee, and someone in the store asked you what would be more useful to break a window, a brick or a sledge hammer -- you'd have no way to know why they wanted the information. You'd just answer them, and that would be the right thing to do -- unless they told you why they wanted it.
Nice analogy, but I don't think it fits the situation. A better one would be someone asking a pharmacist how to make poison. Perhaps the person asking is a researcher studying antidotes. If so, that person would already have some knowledge about poisons. In this case the person asking had little or no knowledge of the dangerous field he was asking about. Should knowledge about poisons be protected by the first amendment, sure. Should people with that knowledge share it when appropriate (assisted suicide?), that's an individual choice based on an individualistic definition of "appropriate". Should they share it with anyone who asks regardless of how much it looks like the person is intending to do harm to self or others with no indication there is a valid reason behind it? Nope.

Replies are listed 'Best First'.
Re^4: Information sharing
by chaoticset (Chaplain) on Jun 05, 2004 at 18:14 UTC
    Who says that person's going to use it? I've asked plenty of questions in the course of not killing people about things that could kill people. I'm a writer, and I need information about poisons occasionally. Further, that poison (assuming the person didn't ask "How do I make poison?") may have other properties. Asking about sodium doesn't mean you're going to kill someone with it, necessarily.

    Now, you can say that's the exception -- and it may be. Or you can say that "provisions would be made" in an information-restriction strategy to allow special cases like that to get through. Operating in reality, however, will tell you that Special Cases means you have to get a license. On the site, that would equate to being approved for security information by others. I think that's not the kind of thing we'd want.

    You can't gauge appropriate by the question. You can't gauge intent by the question either.

    Should they share it with anyone who asks regardless of how much it looks like the person is intending to do harm to self or others with no indication there is a valid reason behind it?
    Again, I did not say you should encourage destructive acts. I'm saying that if you do not know the intent, then it's your job to ask if you're going to be concerned about how it's used. Even if you ask, you may not find out. You only hope the other person will be honest.

    If freak had the presence of mind necessary to say that he was doing security testing, who would have questioned that? And who's to say that freak isn't just the first illegitimately intentioned person to screw up and be honest? Who's to say that there haven't been plenty of other, less active monks amongst us who might have been a little smarter and a little subtler?

    Who will continue to answer questions related to security issues when they will be held responsible -- even if it's only by their peers and no legal body -- for the questioner's intent? If fewer people answer, where will that knowledge go?



    -----------------------
    You are what you think.

      On the site, that would equate to being approved for security information by others. I think that's not the kind of thing we'd want.
      I agree.
      I'm saying that if you do not know the intent, then it's your job to ask if you're going to be concerned about how it's used.
      I agree.
      Who will continue to answer questions related to security issues when they will be held responsible -- even if it's only by their peers and no legal body -- for the questioner's intent? If fewer people answer, where will that knowledge go?
      Very good questions. I don't think we should feel responsible for knowing the asker's intent. I do think we should feel responsible for trying to find it out when it's in question and to use our best judgement in assessing what we learn. If perlmonks were the only or a major place people got knowledge on security I would be more inclined to support the "answer almost anyone almost any time" approach.
        If perlmonks were the only or a major place people got knowledge on security I would be more inclined to support the "answer almost anyone almost any time" approach.

        Could you expand on that please? I read it as "because there are other places you can ask, it's OK to set the bar higher here". I don't understand the reasoning behind that - there are other places you can ask "why doesn't my CGI work" too.

        Hugo

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://361639]
help
Chatterbox?
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (3)
As of 2017-12-17 23:45 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    What programming language do you hate the most?




















    Results (466 votes). Check out past polls.

    Notices?