Honeypots mailing list archives
Re: Honeyd Censorship
From: "Tiffany St.Claire" <vamprcat () hotmail com>
Date: Sat, 12 Apr 2003 20:28:42 +0000
Disclaimer: I have not analyzed the new Michigan legislation. Having said that, the problem with quoting the intent of legislation is that while courts do sometimes consider legislative intent when applying laws, courts look to the plain language first before considering legislative intent. If the law says "doing X to Y in Z fashion is a crime punishable by A, B, or C depending on the amount of M" and a person is proved to have done X to Y in Z fashion causing M amount of damage, the court will, in most cases, impose the indicated punishment.
This becomes a really big problem when laws are poorly written and include behavior in the plain meaning definitions that the legislature didn't "intend" to include. A lot of this seems to go on in the U.S. in the area of information technology law. What does it mean to "illegally intercept" a signal? What is the difference between legally and illegaly intercepting the same signal? When a law leaves the question so unanswerable that the law might be unconstitutionally void for vagueness, the penalties for breaking the law are often so harsh that it is not worth the risk to challege the law.
Maybe the new Michigan legislature didn't intend to criminalize the use of security software features that monitor and log activity on one's own system/server, but unless they made that clear and provided exemption language, it may violate Michigan law. Again, I haven't analyzed the Michigan law but it wouldn't be the first time that sloppy drafting of a law led to unintended and undesireable results.
Sorry if I sound a little cynical. Tiffany
From: "Byrne Ghavalas" <security () nscs uk com> To: <honeypots () securityfocus com> Subject: Re: Honeyd Censorship Date: Thu, 10 Apr 2003 17:46:11 +0100 I took a quick look at the links provided on his page, but I'm afraid I can't really see how this impacts honeyd. Admittedly I am no lawyer, but from what I understand reading through the amendments, the aim is to prevent someone from illegally intercepting or monitoring 'signals' through a telecommunications device, or avoid paying for a service. (Amongst other things.) One is allowed to receive these 'signals' if one has been authorised to do so by the service provider. I cannot see how honeyd would contravene these laws... Perhaps someone could explain? Honeyd is merely responding to 'signals' sent down the wire that are destined for that network, in the same way a web server would respond to 'signals' it received... Have I missed something? Byrne G ----- Original Message ----- From: "John Lyons" <john.lyons () heanet ie> To: <honeypots () securityfocus com> Sent: Thursday, April 10, 2003 4:40 PM Subject: Honeyd Censorship > Surprised it hasn't been mentioned here before but currently > there's a disclaimer at the top of Neils Provos' page which > restricts U.S. citizens from downloading a lot of his software > /research including honeyd :/ > > Apparently new law passed in michigan (and proposed in many states) > restricts access to certain crypto/steganography/honeypot technologies. > > How will this affect progress on honeyd Neils? > > Sad times indeed. > > John >
_________________________________________________________________Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
Current thread:
- Re: Jail Time for Honeypots?, (continued)
- Re: Jail Time for Honeypots? Kevin Saenz (Apr 21)
- Re: Jail Time for Honeypots? Jimi Thompson (Apr 21)
- Re: Jail Time for Honeypots? InformationSecurity (Apr 22)
- Re: Jail Time for Honeypots? Fernando Martins (Apr 22)
- Re: Jail Time for Honeypots? yannick san (Apr 24)
- Re: Jail Time for Honeypots? Jimi Thompson (Apr 24)
- Re: Jail Time for Honeypots? yannick san (Apr 24)
- RE: Jail Time for Honeypots? dave (Apr 22)
- Re: Jail Time for Honeypots? Jim Geovedi (Apr 21)
- Re: Honeyd Censorship Marcel (Apr 12)
- Michigan Super DMCA Richard Rager (Apr 13)