|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: Short note on new Laws
ICMan (shane
tor.securecomputing.com)
Fri, 3 Jul 1998 19:22:39 -0400
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Ivan Arce: "UPDATE: SSH insertion attack"
- Previous message: ICMan: "RE: Proxy 2.0 secure?"
Looking over the bill, it does appear at first glance that security tools
and such would be suspect. However, I thought I saw a clause about the
limitation of liability if the manufacture, use, blah, blah of such
technology was required for livelihood. Also, the manufacture of such
products, if used personally, and only for the purposes of working
contracts where the data owner (Copyright Holder) has requested the service
and is willing to pay for said service should provide a legal loophole big
enough to drive a truck through. If you make the tool yourself, and only
use it on people who request the service, then the tool is not for
circumventing copy protection. There is no copy protection on information
you have been asked to copy.
Also, only cryptanalysis tools seem to fit the category. A hacking tool is
for liberating information that is on public sites. Although the
information there is protected, it is not COPY protected per se. A
different set of rules should apply with scanning tools. (Although a good
prosecutor may be able to make this rule stick. You'd need a good defense
attourny.)
The biggest problem of this bill is that it does not take into account
tools created for the express purpose of TESTING copy protection
technology. Are they restricted? They amount to the same thing. Perhaps
this is the loophole. "Er... your Honour, the tool in question was NOT
made for the purpose of circumventing copy protection technology, it was
made to test the effectiveness of such technology. Yeah, and I would like
to call my first witness... my wife. Morgan Fairchild. Yeah."
The legal system may eventually figure out how to make all this stuff work,
but there will be many Kevin Mitnick's before the dust settles.
ICMan
-----Original Message-----
From: Rick Smith [SMTP:rick_smithsecurecomputing.com]
Sent: Monday, 29 June, 1998 1:55 PM
To: Stout, Bill; Firewall-wizards
Subject: Re: Short note on new Laws
At 08:11 PM 6/26/98 -0400, Stout, Bill wrote:
>You legal types on this security list tell me if this is true:
>
>---Digital Millennium Act of 1998 ---
>(Passed Senate, in House for review) see http://thomas.loc.gov/, search
>for 'Digital Millennium Act'.
>
>Makes many security tools, services or discussions (even this list)
>illegal ...
So this would make "Internet Cryptography" an illegal book, I suppose.
Personally I doubt they could make it stick in court. However, this might
force the issue of whether or not software is protected speech or something
else. This has interesting implications on export controls.
I'd be interested to know how this relates to the legal notion of "burglary
tools," which are things you buy at the hardware store, and apparently are
only illegal when used under suspicious circumstances (whatever that
means).
>Makes firewalls (or firewall at ISPs) illegal ...
It sounds like the law is trying to turn ISPs into arms-length carriers of
bits. I wonder if this would make it illegal to an ISP to selectively offer
newsgroups, or if it obligates them to carry all of USENET or none of it.
Law is such a ham-handed way of doing these things.
Rick.
smithsecurecomputing.com
- Next message: Ivan Arce: "UPDATE: SSH insertion attack"
- Previous message: ICMan: "RE: Proxy 2.0 secure?"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:11:31 CDT