lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <401FC8B0.5070205@tco.net.br>
Date: Tue, 03 Feb 2004 14:13:36 -0200
From: Daniel.Capo@....net.br
To: chris@...lix.hedonism.cx
Cc: emsi@...rtners.pl, computerguy@....rr.com,
	BUGTRAQ@...urityfocus.com
Subject: Re: Major hack attack on the U.S. Senate


Christian Vogel wrote:

> 
> i think "technical" people often think of the law-system as something
> as C-code, as it's written there is only one way for a standard
> compliant compiler to interpret it. I think the judges are more flexible
> than gcc in this regard, they can also assume that one perfectly knows
> that one is supposed to read http://www.cnn.com but not to read
> http://qz25srv.competitor.com/internal/memos/strategy.doc (made up
> example) even if -- from a technical standpoint -- there is no
> difference.

What concerns me most is that not one objection I received addressed the 
point I made. I spoke of the _legal_ definition of "hacking", and all 
people came up with was disagreement based on their own personal 
feelings on the matter.

Excuse me, but personal feelings in this matter is irrelevant. People 
objected to the press applying the term "hacking" to what happened, and 
I pointed out that their usage was correct according to the law, 
assuming their portrayal of the events was accurate.

And every single person who objected did so on the grounds that they 
don't like this definition. Sheesh. Who cares? This is bugtraq, not 
slashdot. Prove me wrong by quoting legislation, point out that the 
facts of the case do not lead to this conclusion, but, please, more 
signal, less noise.

On a side not, I'm a technical person myself, and I much dislike this 
fuzzyness in the law. This case seems pretty clear, but I can conjure up 
dozens of real life scenarios where it's ambiguous or the actual ruling 
would be "just wrong", IMHO. And that's all that this is: mho.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ