InfoSec sleuths beware, Microsoft's attorneys may be knocking at your door

["Bernie, CTA" <cta () hcsin net>]

I see that in a recent article published by eWeek claim legal 
experts say individuals examining the leaked Windows code could 
face charges of trade-secret violations and infringement of 
software patents.

http://www.eweek.com/print_article/0,3048,a=119396,00.asp

Could Microsoft's attorneys go after sleuths who are, have been 
disclosing vulnerabilities in Microsoft's software and allege 
that the individual had discovered the vulnerability because 
they downloaded the code and examined it? Good tactic to impede 
pen testing, security research, or disclosure of security 
threats, which in the past have cast a ominous shadow on MS, is 
it not?  

It may be wise for security sleuths to fully document their 
vulnerability / exploit discovery process, when, how, what, why. 
I'm sure Microsoft's attorneys will be serving production of 
documents request upon a select group. Note that under US 
Federal law, limited discovery to perpetuate testimony regarding 
any matter can be performed before a lawsuit is actually filed.

--

--
****************************************************
Bernie / cta () hcsin net
Chief Technology Architect / Chief Security Officer
Euclidean Systems, Inc.
*******************************************************
// "There is no expedient to which a man will not go 
//    to avoid the pure labor of honest thinking."   
//     Honest thought, the real business capital.    
//      Observe> Think> Plan> Think> Do> Think>      
*******************************************************


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html