Security Basics mailing list archives
RE: Reverse Engineering: Legal or illegal?
From: "Craig Wright" <cwright () bdosyd com au>
Date: Thu, 2 Nov 2006 07:56:48 +1100
It all depends on where you are, what you are reversing and how good the other sides lawyers are. In the US the DMCA covers a large amount of issues with reversing software. This is valid software mind you. As for the initial part of the post, a virus writer has no recourse. The act of writing a virus is in itself illegal and you can not initiate an action to protect an illegal act. So there is no downside to reversing a virus. Though it is technically still illegal, it is not criminal and there is no civil recourse against you. Regards Craig -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of evb Sent: Wednesday, 1 November 2006 7:10 AM To: security-basics () securityfocus com Subject: RE: Reverse Engineering: Legal or illegal? IAAL, and consider the following site a good place to start to think about the problem: http://www.chillingeffects.org/reverse/faq.cgi Eric :-----Original Message----- :From: listbounce () securityfocus com :[mailto:listbounce () securityfocus com] On Behalf Of Ziemniak, :Terrence M. :Sent: Tuesday, October 31, 2006 8:53 AM :To: shyaam () gmail com :Cc: security-basics () securityfocus com :Subject: RE: Reverse Engineering: Legal or illegal? : :Shyaam, : :I am certainly not a lawyer, but I think the only issues in RE :would be copyright protection. I can't imagine a virus author :fighting you on that. : :PS - When you have a legal license to use software there is :law on the books about when RE is allowed. This link (section :F) is the relevant :law: http://www.copyright.gov/title17/92chap12.html#1201 : : :Terry Ziemniak, CISSP :Information Security Operations, Team Lead Sears Holdings :Corporation v. 847-286-4679 e. TZiemn2 at Searshc.com :-----Original Message----- :From: listbounce () securityfocus com :[mailto:listbounce () securityfocus com] :On Behalf Of Alice Bryson <abryson () bytefocus com> :Sent: Tuesday, October 31, 2006 8:56 AM :To: shyaam () gmail com :Cc: security-basics () securityfocus com :Subject: Re: Reverse Engineering: Legal or illegal? : :I'm a virus analysis of a security company, as far as i know, :RE is common in security company, otherwise how we analysis :virus and get signature? ask the virus writters for source :code? just kidding~ : :-- :mailto:abryson () bytefocus com : :28 Oct 2006 00:03:15 -0000, shyaam () gmail com <shyaam () gmail com>: :> I wanted to start a website that LINKS to all RE websites around the :world. This website wowuld be hosted within US but will just :LINK to all other RE Websites. :> :> Second question is, would it be fine if this website stores just :tutorials related to RE and not the original softwares that help on RE. :> :> RE has been common for a very long time within US for the AV/IDS and :IPS companies for deriving the signatures from the :exploits(according to my knowledge, which is limited). So I :wanted to gather some knowledge from the Security Focus groups :if I am right and the legal points of such things. :> :> PS: I am sorry if I emailed the wrong group. :> I hope that this email doesnt start an irrational argument in this :group, please do give your rude comments if any to my personal :email, so that the sanity of groups is protected. :> :> Kind Regards, :> Shyaam :> Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within those States and Territories of Australia where such legislation exists. DISCLAIMER The information contained in this email and any attachments is confidential. If you are not the intended recipient, you must not use or disclose the information. If you have received this email in error, please inform us promptly by reply email or by telephoning +61 2 9286 5555. Please delete the email and destroy any printed copy. Any views expressed in this message are those of the individual sender. You may not rely on this message as advice unless it has been electronically signed by a Partner of BDO or it is subsequently confirmed by letter or fax signed by a Partner of BDO. BDO accepts no liability for any damage caused by this email or its attachments due to viruses, interference, interception, corruption or unauthorised access. --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- RE: Reverse Engineering: Legal or illegal? evb (Nov 01)
- RE: Reverse Engineering: Legal or illegal? Rockit (Nov 03)
- <Possible follow-ups>
- RE: Reverse Engineering: Legal or illegal? Craig Wright (Nov 01)