lists.openwall.net   lists  /  announce  john-users  owl-users  popa3d-users  /  xvendor  oss-security  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4 
Open Source and information security mailing list archives
 
This website is powered by Openwall GNU/*/Linux security-enhanced OS
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Tue Aug  2 15:44:44 2005
From: bkfsec at sdf.lonestar.org (bkfsec)
Subject: Cisco IOS Shellcode Presentation

Michael Holstein wrote:

>  
> You bet! .. as it pertains to anything past their demarc at their 
> properties, they're entirely free to log and review every packet that 
> comes/goes.
>
> That means they can legally review your IM chats, go back and read 
> your email from a month ago, whatever ...
>
> The legal precedent for this is essentially "He who onws the network, 
> owns the data" (with respect to an employee/employeer relationship). 
> It's a bit different for commercial ISPs.
>

(Disclaimer: I'm not a lawyer....)

Actually, it's even a bit more complicated than that.  Technically, you 
could copyright every e-mail sent to this list.  As long as you state 
that it is copyright to your legal name, it is, in fact, copyrighted.  
Of course, in the case that you send that e-mail to a public mailing 
list that you know is archived, it can clearly be argued that your work 
was intended to be distributed with license implied for all.  However, 
that doesn't remove ownership and limited monopoly.

It's not just that they're commercial ISPs versus private networks... 
what also matters is who's writing the material and what function 
they're serving when they write that material.  If you're working at XYZ 
Corp and you send out an e-mail, depending on your business arangement 
that e-mail is probably copyrighted to XYZ Corp by default since you're 
acting as an agent of XYZ Corp. 

What makes it possible for us to examine any data which comes in contact 
with our networks is, essentially, fair use.  If someone transmits a 
copy of MS Windows XP across my network, do I own the packets that make 
it up?  Of course not... if that were true it would be possible to 
circumvent every copyright out there.  However, since that data was 
transmitted across my network, it's fair use for me to analyze it as it 
resides on my property.  This is particularly true if transmission was 
not instigated by the one doing the monitoring.

Sure, the company may own the databases that any packet captures may be 
on... but the content in those packet captures may still carry copyright 
requirements with it, depending on what it is and how constructable the 
data is.  Non-solicited transfer may be considered providing a limited 
license...

What happens in the event that mass numbers of copyrighted data 
including packets get misrouted?  I have no idea. :)

In either case, boiler plate restriction statements on e-mail sent to 
mailing lists is silly because it is almost definately unenforcable.

                -Barry

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux