RE: IDS (ISS) and reverse engineering

["Rob Shein" <shoten () starpower net>]

Neither applies.  Mafia data isn't copyrighted.  The DMCA doesn't forbid
reverse-engineering, nor does it forbid circumvention, EXCEPT for the
purpose of someone gaining in some fashion from defeating technical means of
copyright protection.

> -----Original Message-----
> From: rsh () idirect com [mailto:rsh () idirect com] 
> Sent: Wednesday, November 26, 2003 8:35 PM
> To: focus-ids () securityfocus com
> Subject: Re: IDS (ISS) and reverse engineering
>
>
> So lets take it one step further... A Mafioso uses a program 
> to encrypt his files and has a totally secret key [or two] 
> and someone then 'cracks' the software to be able to recover 
> the files for the purposes of prosecuting the Mafia member.
>
> Is that illegal as it was done to crack the software or that 
> was legal because it was done from a legal security perspective?
>
> One or the other applies.
>
> Is it based on the law as written, or on the law as it will 
> be interpreted in the courts.  Is it intent or is it fact 
> that determines whether one is doing it illegally or legally? 
>  Is it what is being cracked and for what purpose or is it 
> that something is being cracked, whatever the purpose.
>
> Time will tell, but for now a pox on the law... since I am 
> NOT in the US or in Australia.
>
> Incidently, we can also get into a discussion on what happens 
> when the copyright laws are different in two nations, as they 
> often are for the LENGTH of the copyright, and someone in a 
> nation where the copyright has expired cracks it and supplies 
> it to someone in the nation where the copyright has NOT 
> expired yet.  That can happen with books, and other items 
> while it has yet to happen with any software recently written.
>
> RSH
> Toronto
>
> [I am not cracking software either, but that's not the point...]
> --------------------------
> On Wed, 26 Nov 2003 14:02:14 -0800, "Drew Copley" 
> <dcopley () eeye com> wrote:
>
> > It is illegal if performed in order to crack the software, 
> or as they 
> > say, "to circumvent copyright protection". It is not illegal 
> if it is 
> > from a security perspective. The law is poorly worded and 
> will probably 
> > be hammered out in the courts, but this kind of situation 
> would be very 
> > unlikely to be taken by court as it is pretty explicit for security 
> > research.
> >
> > (Now, for an independent researcher doing this without pay, maybe a 
> > company that feels its' holes should be hidden from the world might 
> > make the incredibly stupid move of trying to sue the 
> researcher... As 
> > has happened, and as has been far more stinging to them then if they 
> > had just dealt with the researcher honestly and professionally.)
> >
> > > -----Original Message-----
> > > From: V.O. [mailto:vosipov () tpg com au]
> > > Sent: Wednesday, November 26, 2003 12:54 PM
> > > To: focus-ids () securityfocus com
> > > Subject: Fw: IDS (ISS) and reverse engineering
> > >
> > >
> > > (re-submitted by the moderator's request - he asked not to 
> > > cross-post)
> > >
> > > Recently I've got to listen to a marketing pitch by an ISS
> > > guy. He was going along the lines of "our X-force 
> > > reverse-engineered Microsoft RPC libraries and created 
> > > signatures..." and "we use protocol decoding, so we 
> > > reverse-engineered various closed-source protocols in order 
> > > to create out decoders".
> > >
> > > What struck me - isn't this kind of activity actually illegal
> > > in the US? To which extent it is possible to disassemble 
> > > Windows code? And if it is illegal, then aren't their 
> > > customers (plus many other IDSes, with the exclusion of 
> > > Snort, probably) in danger - what if Microsoft or whoever 
> > > else sues ISS for doing this? :)
> > >
> > > I'm puzzled.
> > >
> > >
> > > --------------------------------------------------------------
> > > -------------
> > > --------------------------------------------------------------
> > > -------------
> >
> > -------------------------------------------------------------
> ----------
> > ----
> > -------------------------------------------------------------
> --------------
> >
>
> =====================================================
> R.S.H.                            Toronto, ON, Canada
>
>                  Copyright retained.
>              My opinions - no one elses...
>  If this is illegal where you are, do not read it!
>
> --------------------------------------------------------------
> -------------
> --------------------------------------------------------------
> -------------


---------------------------------------------------------------------------
---------------------------------------------------------------------------