funsec mailing list archives

Re: Spot a Software Bug, Go to Jail?

From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Wed, 10 May 2006 22:37:58 -0400

On 5/10/06, Valdis.Kletnieks () vt edu <Valdis.Kletnieks () vt edu> wrote:

On Wed, 10 May 2006 15:20:46 -0000, Fergie said:

> For proof, the man copied seven applicants' personal records and anonymously
> sent them to a reporter for SecurityFocus.

Really bad choice of proof there... Doing that sort of data extraction
without a prior written "get out of jail free" card is Bad. Real Bad.

And that's why you want something written before you do a pen test, even
against your own systems... Ask Randal Schwartz, he'll back me up on that one.. :)



I see your schwartz is as big as mine!

Seriously though, we hear ever day about the good guys getting
screwed, at least now you would be able to quote previous legislation
in your defense next time fergies put on trial....

...whoops!
=P

-JP

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Spot a Software Bug, Go to Jail? Fergie (May 10)
- Re: Spot a Software Bug, Go to Jail? Valdis . Kletnieks (May 10)
  - Re: Spot a Software Bug, Go to Jail? Dude VanWinkle (May 10)
- <Possible follow-ups>
- RE: Spot a Software Bug, Go to Jail? Alex Eckelberry (May 10)