Re: Symantec wants to criminalize security info sharing

[Adam Shostack <adam () homeport org>]

On Thu, Sep 11, 2003 at 09:47:07AM -0400, Richard M. Smith wrote:
| Hi,
| 
| Here's an interesting quote from John Schwarz, the COO of Symantec, in a
| Wired.com article from today:
| 
|    Just Say No to Viruses and Worms
|    http://www.wired.com/news/infostructure/0,1377,60391,00.html
| 
|    "But perhaps the most controversial suggestion came 
|    from John Schwarz, president and COO of antivirus 
|    firm Symantec, who called for legislation to criminalize 
|    the sharing of information and tools online that can be 
|    used by malicious hackers and virus writers." 
| 
| As we all know, when it comes to discussing information about computer
| security vulnerabilities, it is difficult to separate security uses of
| this information and hacking uses of the same information.
| 
| For example, if Symantec were to get this law passed, are they prepared
| to see their employees who work on the Bugtraq email list go to jail?
| ;-)

Does anyone have the full text of what he said?

As readers of this list should know, journalists sometimes make
mistakes or mischaracterize what people say.

And if distribution of information becomes illegal, despite its real
and obvious benefit, we can send Schwartz to jail and break up
Symantec under RICO. ;)

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
                                                       -Hume


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html