Re: Re: Cisco's stolen code

[Ron DuFresne <dufresne () winternet com>]

        [SNIP]

> I see you are in the "Don't touch it!  It's stolen!" camp.  No worries.  We've got different opinions on the matter.  
> However, I still don't see how _not_ looking at source code does the community a favor.  Note, I am not condoning the 
> theft, or the intrusion that acquired it.  However, there are legitimate ways to see the code that don't involve 
> theft or other illegal acts.
>
> Staying completely hands off would certainly benefit the company (any company really) who's code's been leaked, but 
> it won't encourage them to fix the holes that exist.  If only the bad guys are looking at it, then the first sign of 
> trouble will be an exploit in the wild.  One that could possibly have been prevented by the good guys taking a look 
> at the code.
>
> You're argument that having embarassing code leaked will encourage them to fix the problem doesn't follow.  If "Good 
> Guys (r)" aren't looking at the code, no one's going to tell the company "Guys, this is a Bad Thing (tm)", so they 
> never get embarrassed - at least until the exploits come out, when it will be too late.

        [BIGGER SNIPPAGE]

I'm trying to understand how obtaining and using stolen code, for any
reason, is different then acquiring stolen property in any other context.
If you know the property was obtained illegally, that would make you an
acessory after the fact, would it not?


Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html