RE: What to do with a vulerability?

From: Oliver Lavery (oliver.lavery@sympatico.ca)
Date: 01/24/03

  • Next message: Blue Boar: "Re: What to do with a vulerability?"
    From: "Oliver Lavery" <oliver.lavery@sympatico.ca>
    To: <jasonc@science.org>, "'Blue Boar'" <BlueBoar@thievco.com>
    Date: Thu, 23 Jan 2003 19:47:46 -0500
    
    

    >We all know code and knowledge we release will be used to do harm if it is
    possible for it to do
    >so. If I were the prosecutor, I'd bring charges against anyone who releases
    any code, and some who
    >release knowledge, on the basis that there was specific foreknowledge as to
    harmful uses. The
    >Patriot Act, DMCA, and Computer Fraud and Abuse Act would give me legal
    grounds to do so, and as
    >prosecutor it's my job to exploit the law not interpret or judge it.

            I do think you have to be careful when tossing about phrases like
    'foreknowledge of harmful use'. If your correct in assuming that the DMCA
    and PATRIOT take this into consideration, they must have a very specific
    definition of 'harmful use'. A compiler has many potential 'harmful uses'
    including and not limited to producing the binary form of pretty much all
    the malware out there (meaning compiler in a broad sense, including
    assemblers and interpreters). Yet Borland and Microsoft are hardly shaking
    in their booties. More philosophically, hammers have a multitude of harmful
    uses yet we don't generally prosecute their manufacturers.

            Blue Boar's suggestion is akin to both of these examples; it's
    creating a piece of code which can be used for malevolent purposes (making
    nasty viruses, rootkits and the like), but explicitly can be used for
    benevolent purposes (protectingg people from said viruses and rootkits).

            Of course, this is more an objection to the laws. I don't get the
    impression Jason agrees with them either.

            Incidentally, yeah, I do assume that code which demonstrates how to
    hide stuff your computer is doing/storing will not have very many positive
    applications.

    Cheers,
    ~ol

    -----Original Message-----
    From: Blue Boar [mailto:BlueBoar@thievco.com]
    Sent: Thursday, January 23, 2003 12:58 PM
    To: jasonc@science.org
    Cc: The Blueberry; oliver.lavery@sympatico.ca; vuln-dev@securityfocus.com
    Subject: Re: What to do with a vulerability?

    Jason Coombs wrote:
    > Viral vs. non-viral is an unimportant distinction -- if you choose to
    engage
    > in this business, be sure you can document your good intentions and
    > your legal forensic procedures because they are your only legal
    > defense against prosecution.
    >
    > Persecution, on the other hand, is a given.

    Oh, I dunno. I think it would be a lot harder to make a case for innocent
    intentions if the code were written in viral/worm form. In this instance,
    what *appears* to be under discussion is a technique for process hiding.
    That's not even an exploit per se. On the whole spectrum of programs that
    someone might take offense to, that's not too bad. I think that the
    question of viruses and worms came up only because the person who made the
    discovery assumes that malicious code would be the main consumer of such a
    technique.

    I wish I could simply roll my eyes at your statement that releasing an
    exploit or technique might make one an accessory to a crime, but sadly I
    fear your concern now has a basis, and I can't dismiss it outright anymore.

                                                    BB



    Relevant Pages

    • Re: HELP
      ... > free download, and is it harmful to the computer ... run your pre-installed anti-virus scanner. ... You have several viruses that need to be cleaned up. ...
      (microsoft.public.windows.inetexplorer.ie6.browser)
    • security message in office
      ... "Some files can contain viruses or otherwise be harmful to your computer. ... How can i cancle this message? ... Prev by Date: ...
      (microsoft.public.access.security)
    • Access form buttons with hyperlinks
      ... Some files can contain viruses or otherwise be harmful to ... is from a trustworthy source. ... Thanks Scott ...
      (microsoft.public.windowsxp.general)
    • Re: Excel 2003: Turning off virus message
      ... Dave Hawley wrote: ... "Some files can contain viruses or otherwise be harmful to your ... Dick ...
      (microsoft.public.excel)