Date: Fri, 4 Apr 2014 19:18:23 +0000
From: "Brunner, Mark" <Mark.Brunner@...okfield.com>
To: "fulldisclosure@...lists.org" <fulldisclosure@...lists.org>
Subject: Re: [FD] Legality of Open Source Tools

Real people can die if you move the right electrons attached to say life support systems in buildings, water treatment plants, hydro electric dams, and power stations.  Real people will be affected if you manipulate electrons associated with banking, investing and finance.

Mark



Mark Brunner
Security Architect


Brookfield Corporate Operations
eArchitecture and Enterprise Information Security
1 Adelaide Street East, Suite 1400, Toronto, ON M5C 2V9
T 416.649.8206, F 416.649.8245
Mark.Brunner@...okfield.com



View important disclosures and information about our e-mail policies  http://www.brookfield.com/emaildisclaimer.

-----Original Message-----
From: Fulldisclosure [mailto:fulldisclosure-bounces@...lists.org] On Behalf Of Andres Riancho
Sent: Friday, April 04, 2014 2:57 PM
To: Not EcksKaySeeDee
Cc: fulldisclosure@...lists.org
Subject: Re: [FD] Legality of Open Source Tools

Software is SO different to a gun... you can't really compare them.
Real people will die in most cases when a gun is misused, only electrons are disturbed (in the great majority of cases) if you misuse a hacking tool.

On Fri, Apr 4, 2014 at 3:50 PM, Not EcksKaySeeDee <noteckskayseedee@...il.com> wrote:
> Re: Use of a disclaimer on these sort of tools (i.e., those that can
> harm and/or be used for good).
>
> Wonder if any gun dealer applied something similar in their shop, or
> for that matter, in a hardware store under the hammer section.
>
>
> On Fri, Apr 4, 2014 at 2:29 PM, Andres Riancho
> <andres.riancho@...il.com>
> wrote:
>>
>> Hi. As w3af's project leader I've not received any legal threats over
>> the seven years this project has been alive.
>>
>> Only a couple of months ago, and just to be sure, I added this
>> disclaimer which users need to accept to run the tool.
>>
>> DISCLAIMER = """Usage of w3af for sending any traffic to a target
>> without prior mutual consent is illegal. It is the end user's
>> responsibility to  obey all applicable local, state and federal laws.
>> Developers assume no liability  and are not responsible for any
>> misuse or damage caused by this program."""
>>
>> On Fri, Apr 4, 2014 at 7:58 AM, Bryan Bickford
>> <bryan@...wildhats.com>
>> wrote:
>> > Greetings
>> >
>> > I am a security researcher who is working on a project in my free
>> > time, without going into details - the project will end with a
>> > powerful tool being publicly released.
>> >
>> > Obviously most cyber security tools have the potential for abuse.
>> > What sort of legal hurdles (if any) do you need to overcome to
>> > protect yourself when releasing software along the lines of
>> > metasploit?
>> >
>> > _______________________________________________
>> > Sent through the Full Disclosure mailing list
>> > http://nmap.org/mailman/listinfo/fulldisclosure
>> > Web Archives & RSS: http://seclists.org/fulldisclosure/
>>
>>
>>
>> --
>> Andrés Riancho
>> Project Leader at w3af - http://w3af.org/ Web Application Attack and
>> Audit Framework
>> Twitter: @w3af
>> GPG: 0x93C344F3
>>
>> _______________________________________________
>> Sent through the Full Disclosure mailing list
>> http://nmap.org/mailman/listinfo/fulldisclosure
>> Web Archives & RSS: http://seclists.org/fulldisclosure/
>
>



--
Andrés Riancho
Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3

_______________________________________________
Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists