| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 Mar 2009 16:53:02 -0400 From: "Elazar Broad" <elazar@...hmail.com> To: acastigliola@...m.com, tbiehn@...il.com Cc: full-disclosure@...ts.grok.org.uk Subject: Re: BBC cybercrime probe backfires -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am inclined to agree, except that you still have issues with the electronic equivalent of breaking and entering. Case in point, there is a good chance you would be arrested and prosecuted if you opened the door to another persons dwelling which did not have a lock installed, and installed a lock and left him/her the key, simply because you entered their property without permission. From a ethics perspective, most people would judge you a good Samaritan, you helped someone else protect their property, however the law doesn't see it that way, primarily because of the fact that, if you don't have permission to be there, chances are you are not wanted there, no matter what your intentions may be. As far as hijacking bot nets, one who steals from a thief may be a thief, but one who stops one in the act is a hero. Bot nets are always "in the act"... On Fri, 13 Mar 2009 14:00:47 -0400 T Biehn <tbiehn@...il.com> wrote: >More people should hijack machines and push updates to them if >their >users are unable or unwilling. > >First an Analogy: >If someone's letting money launders use their bank account to >launder >money out of INACTION that's still illegal, the same SHOULD be >true of >people who leave their systems unpatched. > >These machines are negligently left open to be used in 'nefarious >criminal activity.' > >Plan of Action: >It's your civic duty to write worms, hijack botnets and patch >machines >with or without user consent. >This is absolutely moral holding to the various tests (is it self >defeating if -everyone- does it etc etc) >Just don't get caught doing it. > >I'm disgusted by the imposition that you'd decry their actions for >being illegal when they were clearly moral and represent a net >benefit >for society. Haven't you heard of this guy called Gandhi who >didn't >subscribe to the arbitrary superficial morality provided by the >word >of the law and only acted on what he knew to be moral? > >It's time to elevate yourself out of your own mind-slime and into >2009. >We all still have a long way to go. > >-Travis > >On Fri, Mar 13, 2009 at 9:00 AM, Castigliola, Angelo ><ACastigliola@...m.com> wrote: >> Very unorthodox and unethical. >> >> >> >> Angelo Castigliola III >> EISRM - Application Security Architecture >> >> Unum >> >> acastigliola@...m.com >> >> >> >> Disclaimer: The opinions expressed are my own personal opinions >and do not >> represent my employer's view in any way. >> >> ________________________________ >> >> From: full-disclosure-bounces@...ts.grok.org.uk >> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of >James >> Matthews >> Sent: Friday, March 13, 2009 8:10 AM >> To: Ivan . >> Cc: full-disclosure >> Subject: Re: [Full-disclosure] BBC cybercrime probe backfires >> >> >> >> I agree! Why can't another people hack into computers to >show.... This is >> such BS and the BBC should be hit hard by what they did. >> >> On Fri, Mar 13, 2009 at 7:18 AM, Ivan . <ivanhec@...il.com> >wrote: >>> The BBC hacked into 22,000 computers as part of an >investigation into >>> cybercrime but the move quickly backfired, with legal experts >claiming >>> the broadcaster broke the law and security gurus saying the >experiment >>> went too far. >>> >>> >>> http://www.smh.com.au/news/technology/security/bbc-cybercrime- >probe-backfires/2009/03/13/1236447465056.html >>> >>> _______________________________________________ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> >> >> >> -- >> http://www.astorandblack.com/ >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ -----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQECAAYFAkm6x64ACgkQi04xwClgpZhBnQP9Gyf79ajWHLQWT/qwpcTlXRRo2Aev RPy7fqKDezxbdW6Wj4+NF01jJKnN1hxvzO6y7UJu8nZb/8MjFjQpptX8cDEOXkSS/eL2 6BQk6awvUVE3bDaGnSGtKxzRoB/9QacSWIY2aesUei3SO+nLvDY6yDSTgluY297qecO2 5IDsLvU= =uFrf -----END PGP SIGNATURE----- -- Easy-to-use, advanced features, flexible phone systems. Click here for more info. http://tagline.hushmail.com/fc/BLSrjkqmC5s2cecqKfSSclHfpTNNeiKm5PudF1bmQuvHeBlZWDiL7es1xba/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists