Fwd: Gonzor / Themiddler / PEScrambler

[arch3angel at gmail.com (Arch Angel)]

I see all these point and I do think we have details to work through, but
ultimately I think the idea of protecting the safe storage of our knowledge
and tools is important.

I was thinking over some details throughout the day about these same
things.  I believe we should make every effort to contact the creator or
current rights owner of the software or documentation, and if after a
reasonable time we host the information with the disclaimer stating we made
every attempt to contact the rightful owner without resolve and that we are
not in anyway trying to take credit or ownership of the material, only
protect the material for generations to come.

Legal issues also came up in my pondering, currently in the United States I
believe the only material of this manor that's illegal is that software
which circumvents DRM or other copyrighted material.  Of the software I had
in my head this is not the case, it is however software that utilizes
publicly known vulnerabilities.  An example is Milw0rm, they display code
that allows for exploits but this is all things people have designed or
coded and given to the public.  This falls under intellectual property that
has be licensed, in essence, to the public.  If an entity states the
software or documentation is illegal then the code freely given on sites
like Milw0rm would have to also be taken down since the code could have been
a big part in the creation of said material.

I know in Germany we could not host the material within the country's
boundaries but that is not an issue. I am not sure whether or not having the
material, i.e. someone in Germany downloads a tool and stores the tool on
their hard drive.  I believe that is illegal but only illegal to the person
in Germany that has it stored on their drive.

It would be the same as nmap, backtrack, and metasploit, these are all used
by professionals throughout their endeavers but as we all know these same
tools are used for evil deeds.  The programer can not be held accountable
for the actions of those who use it.

Now, I have been thinking of how to try and regulate access to the tools and
information, in an attempt to reduce the abuse.  I was figuring that if a
person is truely a professional wanting these tools they wouldn't be too
upset in some form of registration.  Again, this was just a quick brainstorm
and I am always up for ideas :-)

As for a domain name, I remembered I had a domain im not using.  I bought it
for a business idea but ended up not going through with it.  I would be more
than happy to use the domain for this project.  Here is the domain:

armoredpackets.com

What other ideas do we have?

What would people like to have?

What type of design ideas?

Let's do this as a community, build a great wealth for security
professionals!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20081219/bb0d4fcb/attachment.htm