Full Disclosure mailing list archives
Re: Full-Disclosure Digest, Vol 83, Issue 21
From: Valdis.Kletnieks () vt edu
Date: Tue, 17 Jan 2012 12:28:11 -0500
On Tue, 17 Jan 2012 11:08:02 EST, "Mikhail A. Utin" said:
So far it has been very interesting discussion, but nevertheless nobody went to the Source, which is the Law,
18 USC 1030 is the governing Federal statute in the US. In addition, many of the states have their own legislation. http://www.law.cornell.edu/uscode/html/uscode18/usc_sec_18_00001030----000-.html "having knowingly accessed a computer without authorization or exceeding authorized access, and by means of such conduct having obtained information..." Note that "protected computer" doesn't mean "secured" - it means "protected under the terms of this law", which includes any system: "which is used in or affecting interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States;" which is basically *any* system on the Internet. Basically, you use a flaw to extract secret info from a "protected computer", and you aren't an authorized pen tester with a signed "get out of jail free" card from the owner of the computer, you just bought yourself a felony rap. That's part of why CISO's don't want to hire the kiddies that whacked them - if they come forward they're basically copping to a felony.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Full-Disclosure Digest, Vol 83, Issue 21 Mikhail A. Utin (Jan 17)
- Re: Full-Disclosure Digest, Vol 83, Issue 21 Valdis . Kletnieks (Jan 17)
- Re: Full-Disclosure Digest, Vol 83, Issue 21 Benjamin Kreuter (Jan 17)
- Re: Full-Disclosure Digest, Vol 83, Issue 21 Valdis . Kletnieks (Jan 17)
- Re: Full-Disclosure Digest, Vol 83, Issue 21 BMF (Jan 17)
- Re: Full-Disclosure Digest, Vol 83, Issue 21 Nick FitzGerald (Jan 18)
- Re: Full-Disclosure Digest, Vol 83, Issue 21 metasansana (Jan 18)
- Re: Full-Disclosure Digest, Vol 83, Issue 21 Valdis . Kletnieks (Jan 18)
- Re: Full-Disclosure Digest, Vol 83, Issue 21 Benjamin Kreuter (Jan 17)
- Re: Full-Disclosure Digest, Vol 83, Issue 21 Valdis . Kletnieks (Jan 17)