lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <200610020052.k920qWCT010437@turing-police.cc.vt.edu>
Date: Sun, 01 Oct 2006 20:52:32 -0400
From: Valdis.Kletnieks@...edu
To: "J. Oquendo" <sil@...iltrated.net>
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Truths in "Truth in Caller ID Act"

On Sun, 01 Oct 2006 13:41:56 CDT, "J. Oquendo" said:
> "It shall be unlawful for any person within the United States, in connection 
> with any telecommunications service or VOIP service..."

> 1) Teleco/VoIP service is out of bounds here. 2) The User who initiated the
> command is logged from an address somewhere over the rainbow (Tor+Privoxy). 3)
> "within the United States" which? The person, or the telco/VoIP provider? Does
> it have to be both - person and provider. Sounds broad to me.

No, you're intentionally reading it other than what the legal guys will do.

The prosecutor can charge *each and every person involved* who is both

a) within the US and
b) took an identifiable action which lead to the event.

The person who made the request obviously took an action that lead to
the event, and if they're inside the US, they may have a problem.

The provider took an action (by providing the service) and if they're inside
the US, they may want to find a lawyer that can create a good theory of
why they aren't culpable as well.

>  2) Me being the provider, I didn't initiate the spoof, I provided a service.
> Should I be held accountable for upholding the right to privacy?

You took an action which caused the forged caller ID to be sent.  Better hope
that the Congressman doesn't have friends over at Dept of Justice who can
make your life miserable.

Also, please note that you're arguing the wrong right - the "right to privacy"
would be applicable if you were trying to protect the person from a Congressman
who was trying to prove the person slept with a political rival or similar.
What you *wanted* to be supporting was the First Amendment right to
anonymous free speech.

> Let's take the case of someone blowing the whistle on government corruption. 
> History has shown their life will be ruined.

Sucks to be a whistleblower.

Content of type "application/pgp-signature" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ