lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: ggilliss at netpublishing.com (Gregory A. Gilliss)
Subject: Re: Forgive Me My Trespasses (and take it off-list otherwise)

First things first - I am *not* an attorney (although I am taking the
Law School Admissions Test next month - pointers off-list pls).

The argument about the security of information that ISPs have access to 
is already a done deal. If attorneys or <shudder> the government want to
get their filthy little hands on your emails, they are going to get them.
Same goes for your naughty Web surfing habits and anything else computer
related. Why? Because ninety-plus percent of them elected officials in
America (and I would like very much to hear from subscribers in other
countries about the composition of your respective representative bodies -
off-list pls) are attorneys, and they know how to use the law (and they
use it - way too often IMHBAO) to get what they want.  Remember the phrase
"legal ethics" is an oxymoron <G>

In the eyes of the law (a catch phrase that roughly translates to "the
rules of the game whether you like them or not"), ANYTHING can be had. 

ISPs (and I've worked for some and am currently running one) are ignorant
of legal issues (I've sat and watched flagrant E.O.E. violations in a
crowded office, fortunately not mine).  Old school people know - don't
write anything in an email tha you wouldn't want plastered on the front
page of your local news rag (extend that to Web surfing as well). Right
now this post is going to be stored on the hard disk somewhere in
Fairlawn, New Jersey (anyone bother to run whois netsys.com). That means
if Mister Leonard Rose of Fairlawn, New Jersey is in any way entangled in 
legal proceedings, what I am typing could very well become part of a
court case ANYWHERE (depending upon jurisdiction which I am *not*
going to get into in this post).

The salient point that Mark Rasch makes is that the legal reasoning in
this case was lousy. But it's the 9th Circus Court - you expect them to
go off the deep end. The subpoena (Latin - compels testimony, and yes,
they are negotiated routinely) was bad and should have been thrown out. 
Period. The rest, about "there must have been a break-in or trespass" 
is contemptible legal reasoning, as the author points out.

BTW, the 9th Circuit Court is routinely referred to in California as
the 9th Circus Court. These are the people who brought you the ruling
that the phrase "under God" doesn't belong in the Constitution. If 
anyone wants to go into this point more, take it off-list, since it
doesn't belong here, but I'm always up for a good legal argument :-)

There is no guarantee of privacy for citizens in America (at least),
and your information (including this post and all previous and subsequent
posts) can and may end up in a courtroom.  So watch your fingers while
you type because you might regret what you say when the lawyers swoop down
and take it. In this case they abused their subpoena power (routine), took
advantage of the ignorance of the ISP (also routine), and then (and this
is gonna get the list admin on my case for sure) took advantage of your
(yes, you reading this, human) busy life to render yet another stroke
against freedom and liberty and consent. And if you live in America,
shame on you for letting this happen because we still can own guns and
vote the bums out of office.

Bottom line, people, is that there *is* no security for your information
when it comes to the law. So watch your back!

G

Postscript:

I am going to have to change my userid to instigator after this one :-)

On or about 2003.09.09 01:05:50 +0000, morning_wood (se_cur_ity@...mail.com) said:

> re - Forgive Me My Trespasses
>  http://www.securityfocus.com/cgi-bin/sfonline/columnists-item.pl?id=183
> 
> resp:
> i would have to agree that the request is "social engineering".
> the case should be treated as such as if the requesting subpoena was for "files"
> of memos ( and messages ) contained in a file cabinet of all traffic from all
> customers. Much like the Western Union of the early west. this case has nothing
> to do with computers and any precedents that stem from this case should be
> struck and nulled from the books.

-- 
Gregory A. Gilliss                                    Telephone: 1 650 872 2420
Computer Engineering                                   E-mail: greg@...liss.com
Computer Security                                                ICQ: 123710561
Software Development                          WWW: http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ