lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 10 Nov 2009 13:50:01 +1100
From: dramacrat <yirimyah@...il.com>
To: Paul Schmehl <pschmehl_lists@...rr.com>
Cc: full-disclosure@...ts.grok.org.uk, Glenn.Everhart@...se.com
Subject: Re: How Prosecutors Wiretap Wall Street

The only "property" in a tweet or email is intellectual property, and that
remains the property of the sender... in my jurisdiction, at least, which
isn't even a US one.

Also, this is the most pathetic nerd-fight I have seen for many a year.

2009/11/10 Paul Schmehl <pschmehl_lists@...rr.com>

> I fail to see how that applies.  The law of bailment basically means that
> you continue to own a possession, the physical possession of which you
> *temporarily* grant to another party.  (Allowing someone to drive your car,
> for example, but expecting them to return it when they're done.)
>
> When you send a twitter or email, etc., you don't have any intention of
> continuing to possess the "property".  The reason you sent the
> communication is so that someone else could *receive* it from you, not so
> they could "watch" it for you temporarily.  When you send a letter to
> someone you don't continue to possess the letter.  The recipient does.
>
> --On Monday, November 09, 2009 10:40 AM -0500 Glenn.Everhart@...se.com
> wrote:
>
> > The law of bailment applies, I would submit, to information sent on
> > wires. The act of sending something out is not handing it to the public
> > domain (though it may arrive in the public domain, depending on intent).
> > However the law of bailments seems to have been ignored by many, even
> > though it has been around for hundreds of years.
> >
> > (mind: I am not a lawyer - have just read some books - and speak for
> > myself.)
> >
> >
> > -----Original Message-----
> > From: full-disclosure-bounces@...ts.grok.org.uk
> > [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Paul
> > Schmehl
> > Sent: Saturday, November 07, 2009 8:53 PM
> > To: full-disclosure@...ts.grok.org.uk
> > Subject: Re: [Full-disclosure] How Prosecutors Wiretap Wall Street
> >
> > --On November 7, 2009 4:06:42 PM -0600 mikelitoris@...hmail.com wrote:
> >
> >>
> >>> But to gather intelligence about what terrorists are up to, even
> >> if a US citizen is involved, should not require a warrant.
> >>
> >> This is all well and good, until the definition of terrorist is
> >> changed and you become labeled a "terrorist" because your "reason"
> >> is suddenly counterproductive to someone else's "opinion".  You
> >> must apply the warrant requirement consistently.  Otherwise, when
> >> interpretation of the word "terrorist" changes, it affects the
> >> meaning of the law.
> >
> > Sure.  I agree with that.  I think it's also important that law
> > enforcement activities have much more stringent requirements than
> > military
> > intelligence has.  The former is directed toward citizens, the latter
> > toward enemies the military has to deal with.
> >
> >> And call me crazy, but I'm just not willing to
> >> assume that someone won't abuse the power of being able to surveil
> >> US citizens and do exactly what Nixon did, spy on their
> >> competition/detractors.  Surely you can admit that some people do
> >> things that they wouldn't normally do when big money and big power
> >> are involved.  After all, "Those who cannot learn from history are
> >> doomed to repeat it."  Don't be so naive to think it can't happen
> >> again.
> >>
> >
> > Of course.  I've never said they didn't.  In fact I've stated that
> > people
> > in government have the same range of motives that people not in
> > government
> > have, including the seven deadly sins, if you will.  But I've also
> > pointed
> > out that they are not totally evil either, as some seem to think.  There
> >
> > are also good people in government just as there are in every other walk
> >
> > of life.
> >
> >>> Intelligence works best in a world of secrecy.
> >>
> >> So does deception.  Significantly more so, in fact.
> >>
> >>> As I've pointed out now several times, it's analogous to people
> >> that get all hot and bothered by the fact that admins have access
> >> to the data on their computers.
> >>
> >> Yes, but that computer probably doesn't belong to me but instead to
> >> my employer.  If it belongs to me, you better have a policy that
> >> prevents me from using it at work, and/or a login disclaimer
> >> informing me of your right to monitor what I do if I connect to
> >> your network.  If not, you better damn well have a warrant if you
> >> want to take a look at my property.
> >
> > Therein lies the rub.  Whose property are the bits on the wire?  Once
> > you've clicked on send, be it email or im or twitter or whatever, does
> > that transmission still belong to you?  I would submit that it does not,
> >
> > and that the privacy laws that protect you and your house and belongings
> >
> > can no longer be sensibly applied.
> >
> > Even you send a "private" email, to whom does it belong while it's in
> > the
> > process of transmission?
> >
> >> And as far as I know, there's
> >> no login disclaimer on the interwebs that allows the government to
> >> monitor what I do on that network, nor on the telephone, or my
> >> mobile phone contract.
> >>
> >
> > Really?  To whom does your response to me belong?  What about the email
> > you send to a friend?  A stranger?  And twitter posts?  Blog comments?
> > Etc., etc.  Does it really make sense to extend your privacy rights to
> > those things that you have sent into the public domain?  And how do you
> > draw the line legally at what the government can look at without a
> > warrant
> > and what they must get a warrant for when they can't even know what's on
> >
> > the network without first connecting to it to look?  Should we forbid
> > them
> > to ever connect simply because something they could potentially see is
> > "private"?  And is it really private?
> >
> > And if they already have a warrant to monitor all communications of a
> > known terrorist, what happens when those communications include a US
> > person?  All they allowed to monitor since they already have a warrant,
> > even though they don't have one for the US person?
> >
> >>> From what I've read getting a warrant in 72 hours is almost
> >> impossible.
> >>
> >> Ahah!  Now we're on to something.  Here's an idea.  Make it easier
> >> to get that warrant when you need it.  Improve the process, so that
> >> when requested, a warrant can be turned around in hours, not days.
> >> Don't remove the requirement altogether.  That's simply inviting
> >> trouble.
> >>
> >
> > I completely agree.  I also think the definitions need to be much
> > clearer,
> > so that intelligence people understand exactly where the fences are.
> > And
> > I don't think a warrant should be required unless a US person is the
> > *target* of the monitoring.
> >
> > Paul Schmehl, If it isn't already
> > obvious, my opinions are my own
> > and not those of my employer.
> > ******************************************
> > WARNING: Check the headers before replying
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> > This transmission may contain information that is privileged,
> > confidential, legally privileged, and/or exempt from disclosure
> > under applicable law.  If you are not the intended recipient, you
> > are hereby notified that any disclosure, copying, distribution, or
> > use of the information contained herein (including any reliance
> > thereon) is STRICTLY PROHIBITED.  Although this transmission and
> > any attachments are believed to be free of any virus or other
> > defect that might affect any computer system into which it is
> > received and opened, it is the responsibility of the recipient to
> > ensure that it is virus free and no responsibility is accepted by
> > JPMorgan Chase & Co., its subsidiaries and affiliates, as
> > applicable, for any loss or damage arising in any way from its use.
> >  If you received this transmission in error, please immediately
> > contact the sender and destroy the material in its entirety,
> > whether in electronic or hard copy format. Thank you.
> >
>
>
>
> Paul Schmehl, Senior Infosec Analyst
> As if it wasn't already obvious, my opinions
> are my own and not those of my employer.
> *******************************************
> "It is as useless to argue with those who have
> renounced the use of reason as to administer
> medication to the dead." Thomas Jefferson
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ