Full Disclosure mailing list archives

Re: You shady bastards.

From: Tim <tim-security () sentinelchicken org>
Date: Wed, 6 Jun 2007 09:58:44 -0400


*IANAL*

Is this illegal? I could see reading email addressed to him being within 
the bounds of the law, but it seems like trying to download the "0day" 
link crosses the line.


It might be.  The ECPA prohibits this kind of behavior unless one of
several exceptions applies.  Typically, employers will require users to
consent to monitoring, thereby activating an exception.  However, if
this employee is no longer working there, the exception may have expired
along with their employment contracts (NDAs, non-competes, AUPs, etc).

It all depends on what this employee signed.

Oh, in addition, even if this employee is technically still consenting
to this monitoring, the administrator who is doing the monitoring must
have authorization by the company for it to be legal.  If they are going
off and doing it on their own, then they aren't covered by the
exception, from what I understand.

Illegal or not, this is still pretty damned shady.

Bastards.


Yup.

tim

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

You shady bastards. H D Moore (Jun 06)
- Re: You shady bastards. Tim (Jun 06)
- Re: You shady bastards. Stack Smasher (Jun 06)
- Re: You shady bastards. J. Oquendo (Jun 06)
  - Re: You shady bastards. Tim (Jun 06)
    - Re: You shady bastards. J. Oquendo (Jun 06)
    - Re: You shady bastards. Tim (Jun 06)
    - Re: You shady bastards. J. Oquendo (Jun 06)
    - Re: You shady bastards. Tim (Jun 06)
    - Re: You shady bastards. J. Oquendo (Jun 06)
    - Re: You shady bastards. matthew wollenweber (Jun 06)
  - Re: You shady bastards. Jay Sulzberger (Jun 06)

(Thread continues...)