lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040402143855.27920.qmail@www.securityfocus.com>
Date: 2 Apr 2004 14:38:55 -0000
From: K-OTiK Security <Special-Alerts@...tik.com>
To: bugtraq@...urityfocus.com
Subject: Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France


In-Reply-To: <81637804AB36A644BBDE3ED9DD4E73FDC94B22@...mes.eCompany.gov>

well ! this story is just a beta version of the new french liberticide law wich will come into effect very soon (next week).

France became a pseudo-monarchical-democracy, where the laws are made without requiring the opinion of the concerned people.

The article 323-3-1 of this "Law" will prohibit publication of any vuln. technical details, any proof of concept and any exploit. 

We can see that "searching & finding vulnerabilties" is/and will be a crime !

The legislators forgot that finding vulnerabilties and publishing exploits is not the cause of the problem, it's just a consequence of the insecurity.

They want to show reality as they wish it, and not as it exists ...

God bless (in)security and god bless (in)liberty !

Bekrar Chaouki - Security Consultant
http://www.k-otik.com


>Received: (qmail 11436 invoked from network); 31 Mar 2004 22:12:32 -0000
>Received: from outgoing3.securityfocus.com (205.206.231.27)
>  by mail.securityfocus.com with SMTP; 31 Mar 2004 22:12:32 -0000
>Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
>	by outgoing3.securityfocus.com (Postfix) with QMQP
>	id 69B15A3C45; Wed, 31 Mar 2004 15:03:09 -0700 (MST)
>Mailing-List: contact bugtraq-help@...urityfocus.com; run by ezmlm
>Precedence: bulk
>List-Id: <bugtraq.list-id.securityfocus.com>
>List-Post: <mailto:bugtraq@...urityfocus.com>
>List-Help: <mailto:bugtraq-help@...urityfocus.com>
>List-Unsubscribe: <mailto:bugtraq-unsubscribe@...urityfocus.com>
>List-Subscribe: <mailto:bugtraq-subscribe@...urityfocus.com>
>Delivered-To: mailing list bugtraq@...urityfocus.com
>Delivered-To: moderator for bugtraq@...urityfocus.com
>Received: (qmail 28325 invoked from network); 31 Mar 2004 14:06:37 -0000
>X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0
>Content-class: urn:content-classes:message
>MIME-Version: 1.0
>Content-Type: text/plain;
>	charset="us-ascii"
>Content-Transfer-Encoding: quoted-printable
>Subject: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France
>Date: Wed, 31 Mar 2004 12:20:39 -0800
>Message-ID: <81637804AB36A644BBDE3ED9DD4E73FDC94B22@...mes.eCompany.gov>
>X-MS-Has-Attach: 
>X-MS-TNEF-Correlator: 
>Thread-Topic: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France
>Thread-Index: AcQXXaIuxPoBesWyT3SJ6PLz7USnzQ==
>From: "Drew Copley" <dcopley@...e.com>
>To: <bugtraq@...urityfocus.com>, <full-disclosure@...ts.netsys.com>
>
>http://www.guillermito2.net/archives/2004_03_25e.html
>
>[thanks to AJ 'Effin' Reznor]
>
>[Disclaimer: I don't know who has seen this already, and I do not
>pretend to know the full facts of the case. -- Drew ]
>
>Excerpt:
>
>It's quite interesting to discover, from the inside, how the french
>justice system works. I'm back from Paris. I've just been indicted and
>charged of distributing programs that violated Intellectual Property
>rights (literally translated, it's "counterfeiting and concealment of
>counterfeiting"). Maximum punishment for these charges are two years in
>jail and a fine of 150.000 euros. I'm not yet judged guilty or innocent,
>but I already had to pay around two or three thousands dollars for two
>trips to Paris (I live in Boston, MA, USA), plane tickets, and lawyer
>fees. I already talked about my story here (in french).
>
>...
>
> In march 2002, I published on my website a long analysis about this
>software. This webpage showed how the program worked, demonstrated a few
>security flaws, and some tests with real viruses. I showed that, unlike
>the advertizing claimed, this software didn't detect and stopped "100%
>of viruses". So, nothing really extraordinary. The company first reacted
>in a weird way: they denounced me publicly as a "terrorist", probably a
>nice attempt to make me change my mind. Later on, they filed a formal
>complaint against me in a Paris tribunal.=20
>
>...
>
>
>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ