Re: Honeyd Censorship

["Tiffany St.Claire" <vamprcat () hotmail com>]

Disclaimer: I have not analyzed the new Michigan legislation. Having said 
that, the problem with quoting the intent of legislation is that while 
courts do sometimes consider legislative intent when applying laws, courts 
look to the plain language first before considering legislative intent.  If 
the law says "doing X to Y in Z fashion is a crime punishable by A, B, or C 
depending on the amount of M" and a person is proved to have done X to Y in 
Z fashion causing M amount of damage, the court will, in most cases, impose 
the indicated punishment.

This becomes a really big problem when laws are poorly written and include 
behavior in the plain meaning definitions that the legislature didn't 
"intend" to include.  A lot of this seems to go on in the U.S. in the area 
of information technology law. What does it mean to "illegally intercept" a 
signal? What is the difference between legally and illegaly intercepting the 
same signal? When a law leaves the question so unanswerable that the law 
might be unconstitutionally void for vagueness, the penalties for breaking 
the law are often so harsh that it is not worth the risk to challege the 
law.

Maybe the new Michigan legislature didn't intend to criminalize the use of 
security software features that monitor and log activity on one's own 
system/server, but unless they made that clear and provided exemption 
language, it may violate Michigan law.  Again, I haven't analyzed the 
Michigan law but it wouldn't be the first time that sloppy drafting of a law 
led to unintended and undesireable results.

Sorry if I sound a little cynical.

Tiffany

> From: "Byrne Ghavalas" <security () nscs uk com>
> To: <honeypots () securityfocus com>
> Subject: Re: Honeyd Censorship
> Date: Thu, 10 Apr 2003 17:46:11 +0100
>
> I took a quick look at the links provided on his page, but I'm afraid I
> can't really see how this impacts honeyd.
>
> Admittedly I am no lawyer, but from what I understand reading through
> the amendments, the aim is to prevent someone from illegally
> intercepting or monitoring 'signals' through a telecommunications
> device, or avoid paying for a service. (Amongst other things.)
>
> One is allowed to receive these 'signals' if one has been authorised to
> do so by the service provider.
>
> I cannot see how honeyd would contravene these laws... Perhaps someone
> could explain?
>
> Honeyd is merely responding to 'signals' sent down the wire that are
> destined for that network, in the same way a web server would respond to
> 'signals' it received...
>
> Have I missed something?
>
> Byrne G
>
> ----- Original Message -----
> From: "John Lyons" <john.lyons () heanet ie>
> To: <honeypots () securityfocus com>
> Sent: Thursday, April 10, 2003 4:40 PM
> Subject: Honeyd Censorship
>
>
> > Surprised it hasn't been mentioned here before but currently
> > there's a disclaimer at the top of Neils Provos' page which
> > restricts U.S. citizens from downloading a lot of his software
> > /research including honeyd :/
> >
> > Apparently new law passed in michigan (and proposed in many states)
> > restricts access to certain crypto/steganography/honeypot
> technologies.
> >
> > How will this affect progress on honeyd Neils?
> >
> > Sad times indeed.
> >
> > John
> >


_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online  
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963