Security Incidents mailing list archives

Re: Korea (was Re:?)

From: stephen_winson () SNC-INC COM (Winson, Stephen)
Date: Wed, 2 Feb 2000 10:33:56 -0600


I'm not reasoning here.  I'm relating what the law says.  Reason and the law
do not have to meet halfway, though in this case I believe that they do.  I
would venture to guess that the reason that it didn't "fly" with the
attackers you're talking about because they panicked when all the lawyers
got serious with their papers and supoenas.  Lawyers bluff alot (I know a
few) and hackers have a reputation in the law enforcement community of
breaking easily under the kind of pressure that's used in law offices and
police stations today.  Nevermind the kind of panic "The Feds" inspire.

By putting your computer on a public network, you are by default allowing
access from that public network unless you inform people otherwise.  It's a
"public" network, therefore everything on it is for the use of the "public"
unless the owner makes it known that his system is for his use only.

Companies don't make a login notice mandatory because it's helpful to
possible intruders.  They do it because if they don't, their rear could get
handed to them in court, and they know it.

Stephen Winson

-----Original Message-----
From: Jose Nazario [mailto:jose () BIOCSERVER BIOC CWRU EDU]
Sent: Tuesday, February 01, 2000 8:20 PM
To: INCIDENTS () SECURITYFOCUS COM
Subject: Re: Korea (was Re:?)

On Mon, 31 Jan 2000, Winson, Stephen wrote:

If there is no legal notice at login then you can literally do anything

you

want to the machine and you are free and clear.


now hold on a second... we've seen this in use before by attackers. "but
it said 'welcome!' and there was no statement about 'don't misuse this!'"
and it didn't fly with them, so why the heck should it fly with an admin?

it doesn't. clear and simple.

this does NOT excuse admins from sites/systems in NOT setting up such a
banner that clearly states acceptable use only by authorized individuals,
prosecution, etc... it's good practice.

but your line of reasoning really fails here.

jose nazario                                    jose () biochemistry cwru edu
PGP fingerprint: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
Public key available at http://biocserver.cwru.edu/~jose/pgp-key.asc

Current thread:

Re: Korea (was Re:?) Winson, Stephen (Jan 31)
- Re: Korea (was Re:?) Jose Nazario (Feb 01)
- <Possible follow-ups>
- Re: Korea (was Re:?) Winson, Stephen (Feb 02)
- Re: Korea (was Re:?) HyunCheol, Jeong (Feb 13)