| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Feb 2006 02:55:17 +0000 From: Glynn Clements <glynn@...ements.plus.com> To: self-destruction@...best.com Cc: bugtraq@...urityfocus.com Subject: Re: Vulnerabilites in new laws on computer hacking self-destruction@...best.com wrote: > New generations of teenagers will be scared of doing online > exploration. I'm not talking about damaging other companies' computer > systems. I'm talking about accessing them illegally *without* > revealing private information to the public or harming any data that > has been accessed. Even if rootkits aren't actually installed and information isn't actually revealed, the victim cannot be sure of that. Once they discover that unauthorised access has occurred, they have to act accordingly (e.g. notify customers, issue new cards, re-install the system etc). Anyone who manages to obtain unauthorised access may have already done harm, regardless of what (if anything) they do with that access thereafter. Regarding new "hacking" laws, a more serious threat to overall security is the idea of criminalising the posession of "hacking tools", which will make even legitimate pen-testing difficult. It may not be possible to simply outsource pen-testing to a country where such tools are legal (e.g. due to laws restricting the transfer of sensitive data abroad). -- Glynn Clements <glynn@...ements.plus.com>
Powered by blists - more mailing lists