lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: xploitable at gmail.com (n3td3v)
Subject: If Lycos can attack spammer sites, can we all start doing it?

On Wed, 01 Dec 2004 22:22:30 -0500, KrispyKringle
<krispykringle@...il.com> wrote:
> Not being a lawyer, I still think you've missed the point.
> 
> The defense Lycos is using is NOT that these are spammers sites, so this
> is somehow legal--it would not be. Vigilantiism is never legal; you
> would never be able to defend something that would otherwise be criminal
> as legal simply because it is being done against a criminal. The defense
> they are using is that it is a fundamental principle of the Internet
> that one can visit a Web server, and that to visit the server many
> times--even at risk of denying service--is not illegal.
> 
> The Computer Fraud and Abuse Act
> (http://www.usdoj.gov/criminal/cybercrime/1030_new.html) forbids one to,
> among other things, ``knowingly cause the transmission of a program,
> information, code, or command, and as a result of such conduct,
> intentionally cause damage without authorization, to a protected
> computer,'' which pretty much covers viruses and other malware. This
> would appear to apply to the Lycos software as well, given that it
> ``causes damage without authorization to a protected computer.'' So that
> is the key point, one that has not, to my knowledge, been tested in court.
> 
> I'm actually unable to find anything more specific regarding DoS attacks
> in the Computer Fraud and Abuse Act, but I don't know much more about
> what laws govern these actions. The CFAA seems to be focussed on
> unauthorized access, not denial of service.
> 
> Of course, there's also the civil common law issues, specifically
> whether it is negligent of Lycos to distribute such a program.
> 
> IANAL.

Thought:
Hey, thanks for the insight. I can't see Lycos introducing the
screensaver without talking with legal teams first, so surely we can
presume everything is legal and above board?! Otherwise, why would
Lycos want to put themselves in a legal tangle? Unless they weighed up
the legal costs against the profit they would make from the PR stunt,
from which all I can see, is all this whole thing appears to be.

Overview:
An investment to break the law -maybe- vs making lots of money and get
lots of public attention for new e-mail signups. From which many will
signup to the premium mail services.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ