Full Disclosure mailing list archives
Re: Cisco's stolen code
From: VX Dude <vxdude2003 () yahoo com>
Date: Tue, 25 May 2004 14:26:55 -0700 (PDT)
--- madsaxon <madsaxon () direcway com> wrote:
At 10:45 AM 5/25/2004 -0700, Harlan Carvey wrote:Valdis, I sincerely hope that you do not presume to speakforeveryone...He's not offering an opinion, merely stating a fact: if whitehats are security researchers who don't break the law, then they don't audit code the possession of which is illegal. The only debatable point here is the definition of "whitehat," but that's really just a matter of semantics. This code is the proprietary property of Cisco. Anyone who knowingly examines it or even possesses it without Cisco's permission is in violation of the law in most countries, and therefore not, by definition, acting as a "whitehat." m5x _______________________________________________ Full-Disclosure - We're afriad to back it up
Which law? Does this mean whitehats will start recognizing EULAs pertaining to proprietary property? True it may not be source, but its still property! Are whitehats going to limit themselves to just sourceforge projects (hell iDefense already does)? White hats are starting to sound as holy as the Knights Templar, and they also seem to picking up the Templar's ethics of attacking in the "grey areas" of the law. I agree that whitehats should only audit and/or "find" security holes in software in which they are invited or allowed to do so. But isnt the whole point of the word full in full-disclosure to expose flaws that the owners of the property dont want known. Sounds like a greyhat/blackhat mailing list to me. Challenging the corporations and not the law doesnt make you a whitehat, it just makes you weak. __________________________________ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Cisco's stolen code, (continued)
- Re: Cisco's stolen code Seth Alan Woolley (May 26)
- Re: Cisco's stolen code roman . kunz (May 26)
- Re: Cisco's stolen code Tobias Weisserth (May 26)
- Re: Cisco's stolen code Dave Horsfall (May 26)
- Re: Cisco's stolen code ktabic (May 26)
- Re: Cisco's stolen code Azerail (May 27)
- Re: Cisco's stolen code Valdis . Kletnieks (May 25)
- Re: Cisco's stolen code Harlan Carvey (May 25)
- Re: Cisco's stolen code madsaxon (May 25)
- Re: Cisco's stolen code Harlan Carvey (May 25)
- Re: Cisco's stolen code VX Dude (May 25)
- Re: Cisco's stolen code Valdis . Kletnieks (May 26)
- Re: Cisco's stolen code Valdis . Kletnieks (May 25)