RE: Wireless Security
From: David Gillett (gillettdavid_at_fhda.edu)
Date: 10/21/05
- Previous message: Rod: "NeWT Scan"
- In reply to: Herman Frederick Ebeling, Jr.: "RE: Wireless Security"
- Next in thread: Drumm, Daniel: "RE: Wireless Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <hfebelingjr@lycos.com>, "'Austin Murkland'" <amurkland@merydion.com>, <security-basics@securityfocus.com> Date: Fri, 21 Oct 2005 08:47:13 -0700
> > > > The same is true with a wireless connection. If you
> > > > explicitly give someone permission to use the wireless
> > > > connection, and then they use it for nefarious purposes,
> > > > then you could be held liable.
> > >
> > > On this one too, I'd have to think that we'll have to
> > > again, disagree. That's like saying that someone who
> > > has say an account with NetZero and they d/l "tons" of
> > > kiddie porn. Does that make NetZero "guilty" as well???
> > > I don't think so, and I think that their lawyers would
> > > agree with me. Or that'd be like saying just because
> > > the criminals use the roads conduct their illegal
> > > activities that those who built the roads are also
> > > somehow "guilty" because of it.
> >
> > NetZero and similar services have indemnity clauses that
> > you sign/agree to before using the service to protect it
> > from EXACTLY what you mentioned.
>
> Granted, I'm no lawyer either, but I always thought that an
> absence to agree was not to be taken as an agreement.
In US law, "common carriers" (i.e. phone companies) have been
pretty much exempt from responsibility for content. There has
been political wrangling for at least fifteen years about whether
this should extend to ISPs or not. [One of the little-reported
provisions of the 1996 Communications Decency Act (RIP) was that
it said that ISPs were NOT common carriers and could NEVER become
common carriers....] Even if ISPs were granted that status, it
would not necessarily be automatically inherited by everyone who
shares their broadband connection, whether deliberately or
negligently.
That brings up an interesting point. I don't think negligence
is sufficient for *criminal* consequences, but it could be the
basis of civil litigation.... Deliberate action, though, invokes
criminal terms such as "accessory".
So a lot could hinge on trying to prove that, in setting up
your wireless service such that it was wide open to the world,
you were merely incompetent, and not deliberately inviting random
strangers to exploit and abuse it.
David Gillett
- Previous message: Rod: "NeWT Scan"
- In reply to: Herman Frederick Ebeling, Jr.: "RE: Wireless Security"
- Next in thread: Drumm, Daniel: "RE: Wireless Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
