Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Incriminating innocent peer to peer network users

From: Jay Sulzberger <jays () panix com>
Date: Sat, 27 Sep 2003 17:53:28 -0400 (EDT)


On Sat, 27 Sep 2003, Gregory A. Gilliss wrote:


...and other than the fact that you sent this from a hushmail account, this
has *what* to do with security, exploits, vulnerabilities, etc?

I suggest alt.legal.rants =;^)

G


It is square on topic.

oo--JS.



On or about 2003.09.27 04:07:29 +0000, auto93146 () hush com (auto93146 () hush com) said:


There has been a disturbing trend recently whereby "authorities" in the
United States of America have been filing lawsuits against peer to peer
(P2P) network users for alleged copyright infringement.  The lawsuits
typically demand an outrageously large sum of money, such that the target
P2P user settles out of court for a smaller amount of money.  As a result,
 the quality of the authority's "evidence" is never called into question.

I have written a paper that explores this issue by describing just some
of the many ways in which a malicious P2P user can generate and manipulate
"evidence" in order to implicate an innocent P2P user in behaviour deemed
unacceptable to the authorities.  The paper discusses basic issues (such
as known issues with the architecture of P2P networks) as well as some
more advanced issues (such as previously unknown vulnerabilities in P2P
applications) that allow the creation and manipulation of "evidence"
of unacceptable behaviour, questioning the ability for authorities to
sue P2P network users.

The paper can be found at the following URL:
http://members.ozemail.com.au/~123456789/p2p_entrapment.pdf


--
Gregory A. Gilliss, CISSP                             Telephone: 1 650 872 2420
Computer Engineering                                   E-mail: greg () gilliss com
Computer Security                                                ICQ: 123710561
Software Development                          WWW: http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: