lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <FC9848E2D9FFBA4F8449C273BCF69C25054568F5@swilntb886.jpmchase.net>
Date: Tue, 10 Nov 2009 07:49:53 -0500
From: <Glenn.Everhart@...se.com>
To: <yirimyah@...il.com>, <pschmehl_lists@...rr.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: How Prosecutors Wiretap Wall Street

It’s a bailment if I give a package to an agent to deliver somewhere too, but in that case the bailment

Ends when delivery occurs.

 

From: syr@...awberrycupcak.es [mailto:syr@...awberrycupcak.es] On Behalf Of dramacrat
Sent: Monday, November 09, 2009 9:50 PM
To: Paul Schmehl
Cc: Everhart, Glenn (Card Services); full-disclosure@...ts.grok.org.uk
Subject: Re: [Full-disclosure] How Prosecutors Wiretap Wall Street

 

The only "property" in a tweet or email is intellectual property, and that remains the property of the sender... in my jurisdiction, at least, which isn't even a US one.

Also, this is the most pathetic nerd-fight I have seen for many a year.

2009/11/10 Paul Schmehl <pschmehl_lists@...rr.com>

I fail to see how that applies.  The law of bailment basically means that
you continue to own a possession, the physical possession of which you
*temporarily* grant to another party.  (Allowing someone to drive your car,
for example, but expecting them to return it when they're done.)

When you send a twitter or email, etc., you don't have any intention of
continuing to possess the "property".  The reason you sent the
communication is so that someone else could *receive* it from you, not so
they could "watch" it for you temporarily.  When you send a letter to
someone you don't continue to possess the letter.  The recipient does.

--On Monday, November 09, 2009 10:40 AM -0500 Glenn.Everhart@...se.com
wrote:


> The law of bailment applies, I would submit, to information sent on
> wires. The act of sending something out is not handing it to the public
> domain (though it may arrive in the public domain, depending on intent).
> However the law of bailments seems to have been ignored by many, even
> though it has been around for hundreds of years.
>
> (mind: I am not a lawyer - have just read some books - and speak for
> myself.)
>
>
> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk
> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Paul
> Schmehl
> Sent: Saturday, November 07, 2009 8:53 PM
> To: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] How Prosecutors Wiretap Wall Street
>
> --On November 7, 2009 4:06:42 PM -0600 mikelitoris@...hmail.com wrote:
>
>>
>>> But to gather intelligence about what terrorists are up to, even
>> if a US citizen is involved, should not require a warrant.
>>
>> This is all well and good, until the definition of terrorist is
>> changed and you become labeled a "terrorist" because your "reason"
>> is suddenly counterproductive to someone else's "opinion".  You
>> must apply the warrant requirement consistently.  Otherwise, when
>> interpretation of the word "terrorist" changes, it affects the
>> meaning of the law.
>
> Sure.  I agree with that.  I think it's also important that law
> enforcement activities have much more stringent requirements than
> military
> intelligence has.  The former is directed toward citizens, the latter
> toward enemies the military has to deal with.
>
>> And call me crazy, but I'm just not willing to
>> assume that someone won't abuse the power of being able to surveil
>> US citizens and do exactly what Nixon did, spy on their
>> competition/detractors.  Surely you can admit that some people do
>> things that they wouldn't normally do when big money and big power
>> are involved.  After all, "Those who cannot learn from history are
>> doomed to repeat it."  Don't be so naive to think it can't happen
>> again.
>>
>
> Of course.  I've never said they didn't.  In fact I've stated that
> people
> in government have the same range of motives that people not in
> government
> have, including the seven deadly sins, if you will.  But I've also
> pointed
> out that they are not totally evil either, as some seem to think.  There
>
> are also good people in government just as there are in every other walk
>
> of life.
>
>>> Intelligence works best in a world of secrecy.
>>
>> So does deception.  Significantly more so, in fact.
>>
>>> As I've pointed out now several times, it's analogous to people
>> that get all hot and bothered by the fact that admins have access
>> to the data on their computers.
>>
>> Yes, but that computer probably doesn't belong to me but instead to
>> my employer.  If it belongs to me, you better have a policy that
>> prevents me from using it at work, and/or a login disclaimer
>> informing me of your right to monitor what I do if I connect to
>> your network.  If not, you better damn well have a warrant if you
>> want to take a look at my property.
>
> Therein lies the rub.  Whose property are the bits on the wire?  Once
> you've clicked on send, be it email or im or twitter or whatever, does
> that transmission still belong to you?  I would submit that it does not,
>
> and that the privacy laws that protect you and your house and belongings
>
> can no longer be sensibly applied.
>
> Even you send a "private" email, to whom does it belong while it's in
> the
> process of transmission?
>
>> And as far as I know, there's
>> no login disclaimer on the interwebs that allows the government to
>> monitor what I do on that network, nor on the telephone, or my
>> mobile phone contract.
>>
>
> Really?  To whom does your response to me belong?  What about the email
> you send to a friend?  A stranger?  And twitter posts?  Blog comments?
> Etc., etc.  Does it really make sense to extend your privacy rights to
> those things that you have sent into the public domain?  And how do you
> draw the line legally at what the government can look at without a
> warrant
> and what they must get a warrant for when they can't even know what's on
>
> the network without first connecting to it to look?  Should we forbid
> them
> to ever connect simply because something they could potentially see is
> "private"?  And is it really private?
>
> And if they already have a warrant to monitor all communications of a
> known terrorist, what happens when those communications include a US
> person?  All they allowed to monitor since they already have a warrant,
> even though they don't have one for the US person?
>
>>> From what I've read getting a warrant in 72 hours is almost
>> impossible.
>>
>> Ahah!  Now we're on to something.  Here's an idea.  Make it easier
>> to get that warrant when you need it.  Improve the process, so that
>> when requested, a warrant can be turned around in hours, not days.
>> Don't remove the requirement altogether.  That's simply inviting
>> trouble.
>>
>
> I completely agree.  I also think the definitions need to be much
> clearer,
> so that intelligence people understand exactly where the fences are.
> And
> I don't think a warrant should be required unless a US person is the
> *target* of the monitoring.
>
> Paul Schmehl, If it isn't already
> obvious, my opinions are my own
> and not those of my employer.
> ******************************************
> WARNING: Check the headers before replying
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> This transmission may contain information that is privileged,
> confidential, legally privileged, and/or exempt from disclosure
> under applicable law.  If you are not the intended recipient, you
> are hereby notified that any disclosure, copying, distribution, or
> use of the information contained herein (including any reliance
> thereon) is STRICTLY PROHIBITED.  Although this transmission and
> any attachments are believed to be free of any virus or other
> defect that might affect any computer system into which it is
> received and opened, it is the responsibility of the recipient to
> ensure that it is virus free and no responsibility is accepted by
> JPMorgan Chase & Co., its subsidiaries and affiliates, as
> applicable, for any loss or damage arising in any way from its use.
>  If you received this transmission in error, please immediately
> contact the sender and destroy the material in its entirety,
> whether in electronic or hard copy format. Thank you.
>




Paul Schmehl, Senior Infosec Analyst

As if it wasn't already obvious, my opinions

are my own and not those of my employer.

*******************************************

"It is as useless to argue with those who have

renounced the use of reason as to administer
medication to the dead." Thomas Jefferson

_______________________________________________

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

 


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ