Re: Re: (OT) Pending Anti-Terrorism Legislation in the US could impact us all

THX for pointing these out ... for the nmap section, I did not mean to imply I perform such actions without the knowledge of the external entities. Yet my interpretation of the law makes no distinction between using such tools in a professional capacity versus in a terrorist capacity. But I'll re-read it when I get into work this morning EDT.

Who was that guy in Tulsa (?) who found a hole in someone's web server, nabbed some data to prove the problem, notified the site of their security issue, and was arrested? While I do not agree with the data theft or having performed such actions without the knowledge of the site itself, could one argue that finding open ports, software versions, etc. on a remote machine acquiring "data"? I'm no legal eagle, and I've asked my employer's legal department read the legislation and tell me how it may impact my day-to-day activities.

I guess my concern here is having to prove one adhered to the law. It seems easy under this section to have a "Salem Witch Hunt" kind of scenario, moving the burden of proof back to the defendent. And, only time will tell how policing agencies enforce it and how the judicial interprets it.

THX

YMMV
--
idnopheq
Apply yourself to new problems without preparation, develop confidence in your ability to to meet situations as they arrise.

~ Shunryu Suzuki

Comment on Re: Re: (OT) Pending Anti-Terrorism Legislation in the US could impact us all

Replies are listed 'Best First'.
Re: Re: Re: (OT) Pending Anti-Terrorism Legislation in the US could impact us all by Masem (Monsignor) on Oct 01, 2001 at 16:32 UTC
I believe you're thinking of Brian West vs a newspaper. Slashdot has a followup here and here. The end result was that while he did find a hole, he did a lot more than he claimed based on server and ISP logs than just confirm it; he grabbed info from their servers, modified several pages, etc. Most agree that when West told his story to various online outlets, he was trying to drum up sympathy akin to other cases (DeCSS, Adobe). However, it failed miserably once the details were released. What should be pointed out is that Section 1030 as pertaining to computer crime is still valid; if there are problems with using a tool like nmap on a system to begin with, then theorhetically, that's already illegal, but I've yet to hear anyone prosecuted for just doing an nmap or the like. It's just that the more 'cracker'-like crimes are going to get stiffer penalities, including up to the same terms as terrorists acts. ----------------------------------------------------- Dr. Michael K. Neylon - mneylon-pm@masemware.com \|\| "You've left the lens cap of your mind on again, Pinky" - The Brain It's not what you know, but knowing how to find it if you don't know that's important	[reply]

Replies are listed 'Best First'.

Re: Re: Re: (OT) Pending Anti-Terrorism Legislation in the US could impact us all
by Masem (Monsignor) on Oct 01, 2001 at 16:32 UTC

here

What should be pointed out is that Section 1030 as pertaining to computer crime is still valid; if there *are* problems with using a tool like nmap on a system to begin with, then theorhetically, that's already illegal, but I've yet to hear anyone prosecuted for just doing an nmap or the like. It's just that the more 'cracker'-like crimes are going to get stiffer penalities, including up to the same terms as terrorists acts.

-----------------------------------------------------
Dr. Michael K. Neylon - mneylon-pm@masemware.com || "You've left the lens cap of your mind on again, Pinky" - The Brain
It's not what you know, but knowing how to find it if you don't know that's important

[reply]