lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: b.griffin at cqu.edu.au (Brad Griffin)
Subject: Cisco's stolen code

 I'm curious as to why you are subscribed to Full-disclosure when you
are obviously a lawyer Alan...


> 
> Copyright means the right to publish a work in its entirety.  
> As long as
> they aren't republishing the whole code when they find a 
> vulnerability,
> it's protected under fair use.  What is illegal to republish isn't
> illegal to acquire.  If one acquires the Cisco code outside of a
> licensing arrangement, they surely didn't agree to their additional
> restrictions preventing audit or duplication.

Let's forget the copyright argument for a second here. Cisco's text of
their code is their property. It was stored in a (up until now) secure
location and was only available to Cisco employees and those that Cisco
allowed to have access. The code has been stolen in some manner. Now
that this code is stolen, anyone who has a copy of that code is a
suspected thief until such time as they show that they did not steal it,
or that they are not an accomplice or have not received stolen property.
Holders of the code must (if necessary) show that they are holding the
code legitimately.

Copyright has three parts of stuff all to do with stealing property and
does *not* apply here (not where I come from at least). 


> 
> Yes, the DMCA changes things slightly, but it doesn't change 
> it in this
> regard.  No 'protections' were circumvented if they merely got it from
> somebody else.  Cisco will have to go after the original culprit.

That's called Receiving Stolen Property.



> 
> I for one will not allow right-wing bigots to redefine 
> copyright to mean
> something it never intended.  The law is not broken in this case, even
> though you think it is morally wrong.  Get over it.

Ooooh, a flame. You shouldn't try to redefine where copyright applies
either Alan. BTW, that soapbox is mighty high. Be careful you don't fall
after making personal attacks like that.

Brad

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ