Penetration Testing mailing list archives
RE: New laws in the wings
From: "Mike Denka" <mdenk () whidbey net>
Date: Thu, 27 Sep 2001 17:15:10 -0700
Keep in mind that, as far as I can see, this discussion hinges around section 306 of the ATA. 99 percent of the ATA seems to concern itself primarily with processes used to gather evidence, what evidence is or is not permissable in court, and maximum penalties allowed for terrorist activities. That said, concerning section 306, your concern is well taken. But I'm not sure that the changes to existing law as outlined in this section deviate sufficiently from current statutes to make the case that public information sharing will suddenly be taken as providing services "knowing or intending that [those] services or [that] assistance is to be used in preparing for or carrying out terrorism crimes." Existing law already states that providing "material support or resources" to terrorists is prohibited. It seems to me that existing law could already apply to sharing of information in public forums if the courts wanted to use it that way. However, if anyone believes that use of the word "intending" here suggests a new zeal in our government's desire to suffocate free speech and information sharing, let's be specific about the portion of the bill to which we object. Wouldn't it be more prudent to argue points of the bill that may be troublesome rather than to attempt to muster up blanket opposition to a bill when only a very small portion of it may be objectionable? Mike
As for the concern over the definition of "intent": first of all, where in the bill, specifically, do you find fault with the use of that term? Also, it seems to me that any intent would have to be proven, as always in our courts, beyond a reasonable doubt.
And with the example above, when you reply to the list, why do you do it?
To share your knowledge
or your insight. To help everyone. That is intent. To share your knowledge
of breaking into
systems - here, or Bugtraq. Before you reply to someone's question, either
on *or off* the list,
do you perform "some up front research on the authenticity" of the person
you are replying to?
What about where you go to get your tools? Was there any screening done
there before you were
granted access to them? I doubt a statement like, "Use at your own risk."
Or, "Proof of concept
only." comments in the header section of some source will mean much in the
end.
I would guess that many people here are like myself and rely upon the free
sharing of information
in order to do their daily jobs, be it securing systems or otherwise. I
have trouble looking at
the ATA and thinking that the tools and other things we take for granted
will not be impacted by
this. I hope they're not, but the far-reaching implications of the ATA seem
to overbear what I
hope for.
__________________________________________________ Do You Yahoo!? Listen to your Yahoo! Mail messages from any phone. http://phone.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- New laws in the wings T. Barrick (Sep 26)
- <Possible follow-ups>
- RE: New laws in the wings Gary Golomb (Sep 26)
- RE: New laws in the wings Keith.Morgan (Sep 27)
- RE: New laws in the wings Mike Denka (Sep 27)
- RE: New laws in the wings Mike Denka (Sep 28)