Honeypots mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Jail Time for Honeypots?

From: "yannick san" <yannicksan () free fr>
Date: Mon, 21 Apr 2003 22:30:45 +0200
I was thinking about that too.
Having an hidden camera, like the one you could see when you go (for
exemple) to any bank,  is restricted by the law in some countries... this is
true in France. Any camera must have been declared and everybody must know
that there are beeing watched when they come in. This is usually written
somewhere on the main door... and of course the camera must only take
pictures of customers coming in the bank... But the main problem is not
taking pictures but watching the pictures taken... According to some
security rules, the pictures are watched only when a security event is
reported. So it's forbidden to watch security films just for fun.
The problems with an honeypot is that, firstly, for security reasons and
evidence, it must not be known as an honeypot... The second problem is that
you often have to look at its reports... I wonder if it could be considered
as a not legal issue to look at some reports or logs where you can't clearly
identify the users... I mean, if the security engineer in charge of
analysing the reports is not the same as the engineer in charge of  knowing
who has received IPs, and if we need a special clearance for having more
information about an IP reported in a log... Do you think that having an
honeypot could be considered as a non legal issue ? ... Because in that
case, analysing reports will not permit you to identify people without
valuable reasons.
I think that the companie who can prouve that they have written such
security policies can reduce their problems in case of conflict.
I think this way of thinking also works for personnal honeypots.... just
because, by default , we will only have IPs in our reports and the one who's
got all information is our ISP...

Yannick'san

----- Original Message -----
From: "Fernando Martins" <fernando.martins () esoterica pt>
To: <honeypots () securityfocus com>
Sent: Monday, April 21, 2003 4:32 PM
Subject: Re: Jail Time for Honeypots?



Be sure that the camera at the door will only see who is in your door and
not everybody that is crossing the street ... in some countries that can

be

a legal issue :)
Another example in cctv systems is that you can only see the recorded

images

only if there is a crime, and not any time you want ...
Or that you can only have recorded images for 30 days ...
May be honeypots must/should respect the same kind of restrictions ...

FM

----- Original Message -----
From: "Octavian POPESCU" <sigquit () netbastards org>
To: <honeypots () securityfocus com>
Sent: Monday, April 21, 2003 12:38 PM
Subject: Re: Jail Time for Honeypots?



ok now, so which would be the next step? to put me in jail for

installing

surveillance cameras in my apartment?
should I notify the burlgar via written signs that my apartment is
monitored?
this is plain stupid.
Previous By Date Next
Previous By Thread Next

Current thread: