|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Jose Nazario (jose_at_monkey.org)
Date: Fri Sep 13 2002 - 09:12:20 CDT
On Fri, 13 Sep 2002, Lance Spitzner wrote:
> Privacy is where things can get complicated, especially for high
> interaction honeypots that capture emails and conversations in real
> time. I'm not even going to try to document all those issues, I leave
> that to greater minds then I :)
it strikes me as obvious that the privacy of third parties can be broken
via a honeypot (or really any compromised system, but you are most likely
to monitor and examine a compromised honeypot). the basic premise is that
information (passwords, financial information, personal information)
stolen by hackers and discussed or stored on a honeypot can be viewed and
disclosed, breaking that privacy. ok, an obvious no-no.
hoever, i'm interested in hearing from a legal professional (on this list,
i think a lot of us would like to hear this) if attackers have a
reasonable legal expectation of privacy when they compromise a sytsem and
use it for discussions or information distribution. this includes irc
clients or servers, stored information, contact info (ie trading info with
other attackers), or similaar information about the attacker or their
activities. i am guessing no, they dont have such a legal expectation, but
i'm not a lawyer.
thanks, lance, you're right, privacy is an often overlooked issue in
honeypots.
___________________________
jose nazario, ph.d. jose
monkey.org
http://www.monkey.org/~jose/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]