[LinuxUsers] Dan Tentler's script kiddie antics last night

Roger E. Rustad, Jr. roger.rustad at gmail.com
Sun Dec 28 17:50:24 UTC 2008 

Hey guys,

I would like to formally address the "man in the middle" script kiddie 
stuff that Dan Tentler was doing to the SoCal Linux group last night at 
the coffee shop.

Personally, I take issue with Dan...

(a) Not formally and publicly disclosing that he was using Backtrack to 
sniff other members' traffic.
(b) Not immediately getting rid of another member's gmail password once 
he handed out a fake certificate and sniffed it with Ethereal.
(c) Doing what he was doing secretly, rather than for the edification of 
the group
(d) Changing the of an otherwise friendly meeting.

I consider Dan's actions last night tantamount to pick pocketing fellow 
members when we're having a discussion that's not about pick pocketing.

I also would argue that if we, as a group, are going to be cool with 
other members (or, in this case, a friend of a member) secretly doing 
this kind of thing to each other, then we have an obligation to inform 
newbies in our group who do not know any better, particularly 
unsuspecting friends, girlfriends, coworkers, or kids who sometimes 
accompany us.

Our meetings are not mini Defcons or 2600 meetups, and it's not 
reasonable for new people to come and expect this type of sophomoric 
crap to take place. When one goes to Defcon, one can reasonably expect 
to get messed with. It is the nature of the conference, and much of what 
is done is often made public for everyone's edification (e.g. Wall of 
Shame).

I like to think of SoCal Linux as a group of open source advocates who 
work at places like Apple, Google, Microsoft, ESRI, etc. Kiddie 
scripting is not, in my opinion, the tone of our group, and if we are 
going to be cool with someone doing this sort of thing, then we should 
should ask the person in question to formally disclose what s/he is 
doing beforehand or perhaps make a public presentation about it, not do 
it on the side secretly.

I would be curious to know what other people in the group think about 
this. (Dan Tentler is cc'd on this, as well)

Rog

More information about the LinuxUsers mailing list