lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: dcopley at eeye.com (Drew Copley)
Subject: Clarification of My Post RE: Bugfinder Being Indicted As Criminal in France

The below email was misunderstood by some and I wish to make an explanation and some clarifications.

My only point of bringing this up was that I did not want to see the whole country of France being improperly accused, as we have not seen all details of the case yet.

This is an extremely hurtful case and some have felt that I should not have noted I heard "some" evidence that he may have been a virus writer from old. 

I did note, however, that:
  a. "I wouldn't convict him yet, either."
  b. "I saw some evidence", as opposed to "I saw evidence", or "I saw conclusive evidence" [in context, it should be further noted that I did not claim to have heard evidence directly pertaining to the case but to previous misdeeds -- which very well may be entirelly irrelevant to the case]
  c.  "What is productive is to remember -- we don't know the full facts of the case. Very often we become convinced a suspect is guilty or innocent... but then we discover we did not see all of the facts."
  d. "I have seen a friend [thierry of tlsecurity] in France be prosecuted unfairly before for computer crimes - he was innocent and let go - but went through some bad times just for the questioning. But, the same thing could happen anywhere."

I am extremely careful about what I say in these situations.

However, it is a very hurtful situation as the company has reportedly made some atrocious claims about the individual such as "he is a terrorist". That kind of statement is extremely uncalled for and is entirely despicable. A "terrorist", by my book, is a murderer. Someone falsely accusing someone else of "terrorism", therefore, is essentially falsely accusing them of murder. And, by my book, that is as bad as murder.

In no way do I approve of such a despicable act.


> -----Original Message-----
> From: Drew Copley 
> Sent: Thursday, April 01, 2004 11:07 AM
> To: full-disclosure@...ts.netsys.com {unsecure}
> Subject: RE: [Full-Disclosure] Bugfinder Being Indicted As 
> Criminal in France
> 
>  
> 
> > -----Original Message-----
> > From: Paul Schmehl [mailto:pauls@...allas.edu] 
> > Sent: Wednesday, March 31, 2004 7:24 PM
> > To: Drew Copley; full-disclosure@...ts.netsys.com
> > Subject: Re: [Full-Disclosure] Bugfinder Being Indicted As 
> > Criminal ("Counterfeiter") in France
> > 
> > --On Wednesday, March 31, 2004 12:20 PM -0800 Drew Copley 
> > <dcopley@...e.com> wrote:
> > 
> > > http://www.guillermito2.net/archives/2004_03_25e.html
> > >
> > Just one more reason not to travel to France.....
> > 
> > I'm becoming convinced that the EU bureaucrats are determined 
> > to stiffle 
> > the world to death.
> 
> Are you trying to charm your EU counterparts?
> 
> There is much positive and negative to say about each side of 
> the pond, but that wouldn't be very productive on a computer 
> security mailing list.
> 
> What is productive is to remember -- we don't know the full 
> facts of the case. Very often we become convinced a suspect 
> is guilty or innocent... but then we discover we did not see 
> all of the facts.
> 
> I have seen a friend [thierry of tlsecurity] in France be 
> prosecuted unfairly before for computer crimes - he was 
> innocent and let go - but went through some bad times just 
> for the questioning. But, the same thing could happen anywhere. 
> 
> Let's fight it wherever it happens. We may all have great 
> national sentiments - I definitely do - but ultimately this 
> is a global economy and a global society.
> 
> ...
> 
> I have seen some evidence that this individual is a virus 
> releaser since writing this. Off list. Virus writers - full 
> disclosure - virus releasers... 
> 
> the difference between someone making a gun and using a gun 
> to kill someone with.
> 
> ...
> 
> But, I wouldn't convict him yet, either.
> 
> Wait until the court case goes through... though, it would be 
> nice if our French readers could pick up some more 
> information on this company.
> 
> 
> > 
> > Paul Schmehl (pauls@...allas.edu)
> > Adjunct Information Security Officer
> > The University of Texas at Dallas
> > AVIEN Founding Member
> > http://www.utdallas.edu
> > 
> >

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ