lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20090313205312.6AB9C20040@smtp.hushmail.com>
Date: Fri, 13 Mar 2009 16:53:02 -0400
From: "Elazar Broad" <elazar@...hmail.com>
To: acastigliola@...m.com, tbiehn@...il.com
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: BBC cybercrime probe backfires

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I am inclined to agree, except that you still have issues with the
electronic equivalent of breaking and entering. Case in point,
there is a good chance you would be arrested and prosecuted if you
opened the door to another persons dwelling which did not have a
lock installed, and installed a lock and left him/her the key,
simply because you entered their property without permission. From
a ethics perspective, most people would judge you a good Samaritan,
you helped someone else protect their property, however the law
doesn't see it that way, primarily because of the fact that, if you
don't have permission to be there, chances are you are not wanted
there, no matter what your intentions may be.

As far as hijacking bot nets, one who steals from a thief may be a
thief, but one who stops one in the act is a hero. Bot nets are
always "in the act"...

On Fri, 13 Mar 2009 14:00:47 -0400 T Biehn <tbiehn@...il.com> wrote:
>More people should hijack machines and push updates to them if
>their
>users are unable or unwilling.
>
>First an Analogy:
>If someone's letting money launders use their bank account to
>launder
>money out of INACTION that's still illegal, the same SHOULD be
>true of
>people who leave their systems unpatched.
>
>These machines are negligently left open to be used in 'nefarious
>criminal activity.'
>
>Plan of Action:
>It's your civic duty to write worms, hijack botnets and patch
>machines
>with or without user consent.
>This is absolutely moral holding to the various tests (is it self
>defeating if -everyone- does it etc etc)
>Just don't get caught doing it.
>
>I'm disgusted by the imposition that you'd decry their actions for
>being illegal when they were clearly moral and represent a net
>benefit
>for society. Haven't you heard of this guy called Gandhi who
>didn't
>subscribe to the arbitrary superficial morality provided by the
>word
>of the law and only acted on what he knew to be moral?
>
>It's time to elevate yourself out of your own mind-slime and into
>2009.
>We all still have a long way to go.
>
>-Travis
>
>On Fri, Mar 13, 2009 at 9:00 AM, Castigliola, Angelo
><ACastigliola@...m.com> wrote:
>> Very unorthodox and unethical.
>>
>>
>>
>> Angelo Castigliola III
>> EISRM - Application Security Architecture
>>
>> Unum
>>
>> acastigliola@...m.com
>>
>>
>>
>> Disclaimer: The opinions expressed are my own personal opinions
>and do not
>> represent my employer's view in any way.
>>
>> ________________________________
>>
>> From: full-disclosure-bounces@...ts.grok.org.uk
>> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of
>James
>> Matthews
>> Sent: Friday, March 13, 2009 8:10 AM
>> To: Ivan .
>> Cc: full-disclosure
>> Subject: Re: [Full-disclosure] BBC cybercrime probe backfires
>>
>>
>>
>> I agree! Why can't another people hack into computers to
>show.... This is
>> such BS and the BBC should be hit hard by what they did.
>>
>> On Fri, Mar 13, 2009 at 7:18 AM, Ivan . <ivanhec@...il.com>
>wrote:
>>> The BBC hacked into 22,000 computers as part of an
>investigation into
>>> cybercrime but the move quickly backfired, with legal experts
>claiming
>>> the broadcaster broke the law and security gurus saying the
>experiment
>>> went too far.
>>>
>>>
>>> http://www.smh.com.au/news/technology/security/bbc-cybercrime-
>probe-backfires/2009/03/13/1236447465056.html
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>>
>> --
>> http://www.astorandblack.com/
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQECAAYFAkm6x64ACgkQi04xwClgpZhBnQP9Gyf79ajWHLQWT/qwpcTlXRRo2Aev
RPy7fqKDezxbdW6Wj4+NF01jJKnN1hxvzO6y7UJu8nZb/8MjFjQpptX8cDEOXkSS/eL2
6BQk6awvUVE3bDaGnSGtKxzRoB/9QacSWIY2aesUei3SO+nLvDY6yDSTgluY297qecO2
5IDsLvU=
=uFrf
-----END PGP SIGNATURE-----

--
Easy-to-use, advanced features, flexible phone systems.  Click here for more info.
 http://tagline.hushmail.com/fc/BLSrjkqmC5s2cecqKfSSclHfpTNNeiKm5PudF1bmQuvHeBlZWDiL7es1xba/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ