IDS mailing list archives
RE: IDS (ISS) and reverse engineering
From: "Rob Shein" <shoten () starpower net>
Date: Thu, 27 Nov 2003 13:41:24 -0500
Neither applies. Mafia data isn't copyrighted. The DMCA doesn't forbid reverse-engineering, nor does it forbid circumvention, EXCEPT for the purpose of someone gaining in some fashion from defeating technical means of copyright protection.
-----Original Message----- From: rsh () idirect com [mailto:rsh () idirect com] Sent: Wednesday, November 26, 2003 8:35 PM To: focus-ids () securityfocus com Subject: Re: IDS (ISS) and reverse engineering So lets take it one step further... A Mafioso uses a program to encrypt his files and has a totally secret key [or two] and someone then 'cracks' the software to be able to recover the files for the purposes of prosecuting the Mafia member. Is that illegal as it was done to crack the software or that was legal because it was done from a legal security perspective? One or the other applies. Is it based on the law as written, or on the law as it will be interpreted in the courts. Is it intent or is it fact that determines whether one is doing it illegally or legally? Is it what is being cracked and for what purpose or is it that something is being cracked, whatever the purpose. Time will tell, but for now a pox on the law... since I am NOT in the US or in Australia. Incidently, we can also get into a discussion on what happens when the copyright laws are different in two nations, as they often are for the LENGTH of the copyright, and someone in a nation where the copyright has expired cracks it and supplies it to someone in the nation where the copyright has NOT expired yet. That can happen with books, and other items while it has yet to happen with any software recently written. RSH Toronto [I am not cracking software either, but that's not the point...] -------------------------- On Wed, 26 Nov 2003 14:02:14 -0800, "Drew Copley" <dcopley () eeye com> wrote:It is illegal if performed in order to crack the software,or as theysay, "to circumvent copyright protection". It is not illegalif it isfrom a security perspective. The law is poorly worded andwill probablybe hammered out in the courts, but this kind of situationwould be veryunlikely to be taken by court as it is pretty explicit for security research. (Now, for an independent researcher doing this without pay, maybe a company that feels its' holes should be hidden from the world might make the incredibly stupid move of trying to sue theresearcher... Ashas happened, and as has been far more stinging to them then if they had just dealt with the researcher honestly and professionally.)-----Original Message----- From: V.O. [mailto:vosipov () tpg com au] Sent: Wednesday, November 26, 2003 12:54 PM To: focus-ids () securityfocus com Subject: Fw: IDS (ISS) and reverse engineering (re-submitted by the moderator's request - he asked not to cross-post) Recently I've got to listen to a marketing pitch by an ISS guy. He was going along the lines of "our X-force reverse-engineered Microsoft RPC libraries and created signatures..." and "we use protocol decoding, so we reverse-engineered various closed-source protocols in order to create out decoders". What struck me - isn't this kind of activity actually illegal in the US? To which extent it is possible to disassemble Windows code? And if it is illegal, then aren't their customers (plus many other IDSes, with the exclusion of Snort, probably) in danger - what if Microsoft or whoever else sues ISS for doing this? :) I'm puzzled. -------------------------------------------------------------- ------------- -------------------------------------------------------------- ---------------------------------------------------------------------------------------- ---------------------------------------------------------------------------===================================================== R.S.H. Toronto, ON, Canada Copyright retained. My opinions - no one elses... If this is illegal where you are, do not read it! -------------------------------------------------------------- ------------- -------------------------------------------------------------- -------------
--------------------------------------------------------------------------- ---------------------------------------------------------------------------
Current thread:
- RE: IDS (ISS) and reverse engineering Rob Shein (Dec 01)