Re: [Full-disclosure] Cisco IOS Shellcode Presentation
From: bkfsec (bkfsec_at_sdf.lonestar.org)
Date: 08/02/05
- Previous message: 3APA3A: "[Full-disclosure] Microsoft ActiveSync information leak and spoofing"
- In reply to: Michael Holstein: "Re: [Full-disclosure] Cisco IOS Shellcode Presentation"
- Next in thread: bkfsec: "Re: [Full-disclosure] Cisco IOS Shellcode Presentation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 02 Aug 2005 10:44:30 -0400 To: Michael Holstein <michael.holstein@csuohio.edu>
Michael Holstein wrote:
>
> You bet! .. as it pertains to anything past their demarc at their
> properties, they're entirely free to log and review every packet that
> comes/goes.
>
> That means they can legally review your IM chats, go back and read
> your email from a month ago, whatever ...
>
> The legal precedent for this is essentially "He who onws the network,
> owns the data" (with respect to an employee/employeer relationship).
> It's a bit different for commercial ISPs.
>
(Disclaimer: I'm not a lawyer....)
Actually, it's even a bit more complicated than that. Technically, you
could copyright every e-mail sent to this list. As long as you state
that it is copyright to your legal name, it is, in fact, copyrighted.
Of course, in the case that you send that e-mail to a public mailing
list that you know is archived, it can clearly be argued that your work
was intended to be distributed with license implied for all. However,
that doesn't remove ownership and limited monopoly.
It's not just that they're commercial ISPs versus private networks...
what also matters is who's writing the material and what function
they're serving when they write that material. If you're working at XYZ
Corp and you send out an e-mail, depending on your business arangement
that e-mail is probably copyrighted to XYZ Corp by default since you're
acting as an agent of XYZ Corp.
What makes it possible for us to examine any data which comes in contact
with our networks is, essentially, fair use. If someone transmits a
copy of MS Windows XP across my network, do I own the packets that make
it up? Of course not... if that were true it would be possible to
circumvent every copyright out there. However, since that data was
transmitted across my network, it's fair use for me to analyze it as it
resides on my property. This is particularly true if transmission was
not instigated by the one doing the monitoring.
Sure, the company may own the databases that any packet captures may be
on... but the content in those packet captures may still carry copyright
requirements with it, depending on what it is and how constructable the
data is. Non-solicited transfer may be considered providing a limited
license...
What happens in the event that mass numbers of copyrighted data
including packets get misrouted? I have no idea. :)
In either case, boiler plate restriction statements on e-mail sent to
mailing lists is silly because it is almost definately unenforcable.
-Barry
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Previous message: 3APA3A: "[Full-disclosure] Microsoft ActiveSync information leak and spoofing"
- In reply to: Michael Holstein: "Re: [Full-disclosure] Cisco IOS Shellcode Presentation"
- Next in thread: bkfsec: "Re: [Full-disclosure] Cisco IOS Shellcode Presentation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
