Security Incidents mailing list archives
Re: Security Event / Customer Reporting
From: "Nick FitzGerald" <nick () virus-l demon co uk>
Date: Sat, 14 Jul 2001 10:44:34 +1200
"Tyrannis Von Nettesheim" <tyrannis () wwc com> wrote: <<some good and interesting stuff snipped>>
Stepping above the day-to-day techie mindset we're in, it's interesting to consider the question of : "Who owns a packet once it's off your network?".
I presume you mean "...off the originating machines sub-net" or something like that? Or did you mean that you "own" a packet while it transits your network, for whatever reason it may be there? If you meant the latter, the next sentence is a non sequiter, so I will assume you mean something like the former.
Current US law seems to view examining transit traffic like radio interception - a no-no, for the most part. ...
In that case, the law (as a prominent English judge once remarked) would be an ass. Using (only) radio analogies in determining legalities for "domain-style" networks means that the resulting laws and directives will be fundamentally broken. Remember, an inherent difference between "broadcast spectrum" and "routable protocol" networks is that the latter can only work by *requiring* intermediary "inspection" of (part of) the information flow across what may be loosely conceived of as "ownership boundaries" (and, worse, "media translation" (and some other services required to make our modern networks work) requires "manipulating" more of the data stream than simply the headers or delivery envelopes).
... There's also the huge issue of how to prove / maintain a chain-of-evidence, yet another slippery slope in the digital crime era. =(
Yep... Regards, Nick FitzGerald ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Security Event / Customer Reporting Tyrannis Von Nettesheim (Jul 13)
- Re: Security Event / Customer Reporting Nick FitzGerald (Jul 13)
- Re: Security Event / Customer Reporting Aaron Silver (Jul 16)
- <Possible follow-ups>
- Re: Security Event / Customer Reporting ethan preston (Jul 16)
- Re: Security Event / Customer Reporting JohnNicholson (Jul 16)