RE: [Full-disclosure] <Cisco Message> Mike Lynn's controversialCisco Security Presentation

From: Lyal Collins (lyal.collins_at_key2it.com.au)
Date: 07/30/05

  • Next message: Valdis.Kletnieks_at_vt.edu: "Re: [Full-disclosure] Cisco IOS Shellcode Presentation" 
    To: "'J.A. Terranson'" <measl@mfn.org>, "'Jason Coombs'" <jasonc@science.org>
Date: Sat, 30 Jul 2005 12:04:39 +1000

    Ianal, but I think jurisdictions may have issues with receiving and
    using/profiting from stolen 'property', regardless of whether that property
    is an information/intangible asset or a tangible asset.

    In practical terms the information is 'published' as in available to a broad
    range of readers.
    Available != free to use without consequences in all possible circumstances.

    As to the rights and wrongs at the centre of this thread - let the
    discussions proceed!

    Lyal

    -----Original Message-----
    From: full-disclosure-bounces@lists.grok.org.uk
    [mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of J.A.
    Terranson
    Sent: Saturday, 30 July 2005 11:51 AM
    To: Jason Coombs
    Cc: Russell Smoak; full-disclosure@lists.grok.org.uk; nanog@merit.edu;
    fergdawg@netzero.net
    Subject: Re: [Full-disclosure] <Cisco Message> Mike Lynn's
    controversialCisco Security Presentation

    On Fri, 29 Jul 2005, Jason Coombs wrote:

    <cutting to the chase>

    > Now, if RC4 had never been used to create a product and had been kept
    > as a trade secret, and that secret had been published, then it would
    > not have become, automatically, an unencumbered algorithm that could
    > be used by anyone with impunity. There being no way other than theft
    > of trade secret for a third party to come to know the algorithm, had a
    > court order been obtained to halt the spread of the secret the
    > algorithm itself could very well have been kept as protectable
    > intellectual property until such time as the company that enjoyed a
    > commercial advantage through preservation of their RC4 trade secret
    > had concluded the public distribution of a product that somebody else
    > could have reverse engineered.

    The problem here is essentially one of mass distribution. There are now
    *millions* of copies of these "secrets" in general circulation. Nobody can
    assert with a straight face that anything about Lynn's presentation is not
    completely and totally within the public view - and irretrievably so. 

    -- 
Yours,
J.A. Terranson
sysadmin@mfn.org
0xBD4A95BF
"A stock broker is someone who handles your money until its all gone." Diana
Hubbard (of Scientology fame)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
  • Next message: Valdis.Kletnieks_at_vt.edu: "Re: [Full-disclosure] Cisco IOS Shellcode Presentation"