lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 18 Jul 2006 17:31:16 -0400
From:	Valdis.Kletnieks@...edu
To:	Jesper Juhl <jesper.juhl@...il.com>
Cc:	Thomas Tuttle <thinkinginbinary@...il.com>, richard.dent@....net,
	linux-kernel@...r.kernel.org
Subject: Re: [OT] Vacation message heckling (Was: Re: Richard Dent - Annual Leave)

On Tue, 18 Jul 2006 22:30:04 +0200, Jesper Juhl said:

> Claiming anything send by email is confidential seems completely
> rediculous to me.

There actually *is* a valid usage case for these disclaimers in *some* cases.

If there *is* in fact material covered by lawyer-client or similar privilege,
having the disclaimer on *those items alone* can do some good when the other
side's legal eagles subpoena all e-mails with the phrase 'Project Wombat'
in them - it puts the other side on notice that they shouldn't be looking
at that item and it should be returned.

It's the same legal theory as subpoenaing all the paper documents, and finding
in the 53 boxes, a sheet stamped 'Privileged and Confidential' that
accidentally got into box 27 - there's strict rules about what happens then.

Of course, paper documents are stamped on the TOP so you stop reading, and
not all of them are stamped... :)

(And I actually did at one time have dealings with a lawyer who Actually Got
It. E-mails re: scheduling and other administrivia didn't have a disclaimer,
stuff that was actually sensitive had a very short one at the *top*...)

> Perhaps if the email was encrypted I could attach some weight to a
> disclaimer like thatt, but sending unencrypted email is like writing on
> the back of a postcard - it can be read by a huge number of people in
> transit - admins managing the mail servers where it is stored along
> the way, people sniffing traffic on the lines it passes through,

At least in the US, the law says otherwise.  18 USC 2511 basically says
that the admins aren't allowed to blab, and the traffic sniffers are
committing a crime already.

http://www.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00002511----000-.html

And if you catch them at it, 18 USC 2520 says you can sue them for damages:

http://www.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00002520----000-.html



Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ