Bugtraq mailing list archives

Re: Vulnerabilites in new laws on computer hacking

From: Glynn Clements <glynn () gclements plus com>
Date: Thu, 16 Feb 2006 02:55:17 +0000


self-destruction () itsbest com wrote:

New generations of teenagers will be scared of doing online
exploration. I'm not talking about damaging other companies' computer
systems. I'm talking about accessing them illegally *without*
revealing private information to the public or harming any data that
has been accessed.


Even if rootkits aren't actually installed and information isn't
actually revealed, the victim cannot be sure of that. Once they
discover that unauthorised access has occurred, they have to act
accordingly (e.g. notify customers, issue new cards, re-install the
system etc).

Anyone who manages to obtain unauthorised access may have already done
harm, regardless of what (if anything) they do with that access
thereafter.

Regarding new "hacking" laws, a more serious threat to overall
security is the idea of criminalising the posession of "hacking
tools", which will make even legitimate pen-testing difficult. It may
not be possible to simply outsource pen-testing to a country where
such tools are legal (e.g. due to laws restricting the transfer of
sensitive data abroad).

-- 
Glynn Clements <glynn () gclements plus com>

Current thread:

Re: Vulnerabilites in new laws on computer hacking, (continued)
- Re: Vulnerabilites in new laws on computer hacking Paul Schmehl (Feb 16)
  - Re: Vulnerabilites in new laws on computer hacking Max Ashton (Feb 18)
  - Re: Vulnerabilites in new laws on computer hacking Sysmin Sys73m47ic (Feb 18)
  - Re: Vulnerabilites in new laws on computer hacking Ansgar -59cobalt- Wiechers (Feb 18)
    - Re: Vulnerabilites in new laws on computer hacking Radoslav Dejanović (Feb 21)
    - Re: Vulnerabilites in new laws on computer hacking Crispin Cowan (Feb 21)
    - Re: Vulnerabilites in new laws on computer hacking Casper . Dik (Feb 24)
    - Re: Vulnerabilites in new laws on computer hacking Ansgar -59cobalt- Wiechers (Feb 24)
    - Message not available
    - Re: Vulnerabilites in new laws on computer hacking Ansgar -59cobalt- Wiechers (Feb 21)
- Re: Vulnerabilites in new laws on computer hacking Radoslav Dejanović (Feb 16)
- Re: Vulnerabilites in new laws on computer hacking Glynn Clements (Feb 16)
- Re: Vulnerabilites in new laws on computer hacking Jon Gucinski (Feb 18)
  - Re: Vulnerabilites in new laws on computer hacking ArkanoiD (Feb 21)
- RE: Vulnerabilites in new laws on computer hacking Craig Wright (Feb 16)
  - Message not available
    - RE: Vulnerabilites in new laws on computer hacking Marcus J. Ranum (Feb 16)
    - Re: Vulnerabilites in new laws on computer hacking dave (Feb 18)
    - Re: Vulnerabilites in new laws on computer hacking Seth Breidbart (Feb 18)
    - Re: Vulnerabilites in new laws on computer hacking ArkanoiD (Feb 21)
  - Re: Vulnerabilites in new laws on computer hacking ArkanoiD (Feb 18)
- RE: Vulnerabilites in new laws on computer hacking Anthony Cicalla (Feb 18)
  - RE: Vulnerabilites in new laws on computer hacking Bigby Findrake (Feb 21)

(Thread continues...)