| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20041007195333.GB61821@netpublishing.com> From: ggilliss at netpublishing.com (Gregory Gilliss) Subject: House approves spyware legislation IANAL. Criminal trespass affects real property. Computers and cyberspace, contrary to popular belief, do not constitute real property. However you could be subject to prosecution for trespass to chattels. Chattels, for the uninitiated, is a fancy legal term (FLT) used to refer to personal belongings. There is trespass to chattels and there conversion. The was I understand it, trespass to chattels means I spray paint your dog - my impact is temporary or reversable. Conversion means I throw your dog in the microwave and turned it on. The effect is not reversable. That's why you can't sue your veterinarian for malpractice. Dogs aren't people. Computers aren't real property. Remember, we're talking law here, and my only reference is the American legal system. Liability for trespass to chattels is limited to the damage done, and liability for conversion is limited to the cost of replacement. Needless to say, this is ridiculous when it comes to valuations for data - the cost of replacing your hard drive might be measurable, but the cost of replacing your data is extremely intangible. FWIW I do believe that hacking does not constitute criminal trespass. There are legal concepts like consent implied in fact associated with the act of attaching a computer to an Internet known to be populated by people and 'bots intent on compromising your security. -- Greg On or about 2004.10.06 17:00:27 +0000, WB (cab75@...cast.net) said: > > Interesting thoughts, but the fact remains hacking is illegal. > > It is criminal trespass. > > Look at it this way, someone breaks into your house defaces it to illustrate > how insecure you are. > > Your not going to like it. Same holds true in the digital realm. > > I have no problem with breaking into systems in a lab and then reporting on > the vulnerabilities. That is constructive and helps us all. > > However, doing it to production systems, can depending on the systems place > lives at risk, more so then the vulnerability they exploit. > > It is up to industry to fix the software mess and until we stop buying bad > software or congress overturns the EULA's that exempt the software industry > from liability, they won't. > > Spyware, in most cases is about profit > > Anyway enjoyed your comments. > > UH > -- Gregory A. Gilliss, CISSP E-mail: greg@...liss.com Computer Security WWW: http://www.gilliss.com/greg/ PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3
Powered by blists - more mailing lists