Re: [Full-Disclosure] If Lycos can attack spammer sites, can we all start doing it?

auto184605_at_hushmail.com
Date: 12/02/04

  • Next message: xtrecate: "RE: [Full-Disclosure] Network Sniffing"
    To: krispykringle@gmail.com, valdis.kletnieks@vt.edu
    Date: Thu,  2 Dec 2004 13:00:13 -0800
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Not to mention this discusses US LAW, not EU.

    j

    On Thu, 02 Dec 2004 09:19:02 -0800 Valdis.Kletnieks@vt.edu wrote:
    >On Wed, 01 Dec 2004 22:22:30 EST, KrispyKringle said:
    >
    >> The Computer Fraud and Abuse Act
    >> (http://www.usdoj.gov/criminal/cybercrime/1030_new.html) forbids

    >one to,
    >> among other things, ``knowingly cause the transmission of a
    >program,
    >> information, code, or command, and as a result of such conduct,
    >> intentionally cause damage without authorization, to a protected
    >> computer,'' which pretty much covers viruses and other malware.
    >This
    >> would appear to apply to the Lycos software as well, given that
    >it
    >> ``causes damage without authorization to a protected computer.''

    >So that
    >> is the key point, one that has not, to my knowledge, been tested

    >in court.
    >
    >The point that Lycos is probably betting on is the "causes
    >damage". If their
    >rate-limiting works, they're *NOT* actually causing a DDoS - if
    >the site is
    >still responding, claiming "damage to the computer" is quite the
    >reach.
    >
    >Damage to the bandwidth bill from your provider - that's something

    >else. Not
    >sure that's a criminal offense, but I'd not be at all surprised if

    >the ISP
    >left holding the bag for the unpail bill (what - you think the
    >spammer will
    >actually pay for the bandwidth? ;) might go after Lycos on the
    >"your actions
    >cost me money" theory of civil tort.
    -----BEGIN PGP SIGNATURE-----
    Note: This signature can be verified at https://www.hushtools.com/verify
    Version: Hush 2.4

    wkYEARECAAYFAkGvglkACgkQEW4lHHBvoLePFwCfcjOkZVhrzlYSLSktNZYLA5XYOdEA
    n3S6DQKTnh7BysTEyI1qqhHzDDQI
    =3iAT
    -----END PGP SIGNATURE-----

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: xtrecate: "RE: [Full-Disclosure] Network Sniffing"

    Relevant Pages

    • Re: [Full-Disclosure] If Lycos can attack spammer sites, can we all start doing it?
      ... > intentionally cause damage without authorization, ... The point that Lycos is probably betting on is the "causes damage". ... Damage to the bandwidth bill from your provider - that's something else. ...
      (Full-Disclosure)
    • Utah computer law
      ... A person who without authorization gains or attempts to gain ... program, computer data or software, and thereby causes damage to another, or ... obtains money, property, information, or a benefit for any person without ...
      (alt.internet.wireless)
    • Re: Pentester convicted..
      ... Let me list some actual damage. ... it it criminal to break into a system without authorization) didn't ... It costs lots of money to pay employees (and likely expert consultants ... You have an option to go with a managed service or an enterprise software. ...
      (Pen-Test)