Free Republic
Browse · Search
General/Chat
Topics · Post Article

To: N3WBI3
I am all for you when it comes to legally going after people who exploit without permission the systems of others (no matter what their supposed motivation).

I agree, with the exception of our military who may do such things against foreign adversaries, at the time of war or in response to hack attempts made against us.

But doing internal security research and then saying 'hey I found out there is this big error in IE7' should never be illegal. I would not go about it quite that way (I would always give the vendor a heads up but if the problem is not addressed I would feel obligated to let the public know)

Finding the holes shouldn't be illegal, but reporting them publicly without first notifying the vendor, or even worse releasing exploit code prior to the vendor having time to develop a patch, should be.

30 posted on 08/02/2006 7:54:19 AM PDT by Golden Eagle (Buy American. While you still can.)
[ Post Reply | Private Reply | To 27 | View Replies ]


To: Golden Eagle
publicly without first notifying the vendor

I would say this should not be done, but not that it should be illegal to do otherwise. Setting this up sets a precedent where a company can produce an unsafe product and when the defect is found the public is not made aware of the problem *or* how to protect themselves from harm.

Imagine if I found a serious defect in a baby car seat model and could not make it public without the OK of the manufacturer? sure my butt would be covered but that would be little comfort to someone who lost a baby in the time it took me to report it to the company and the company decided whether is was worth it to recall or take the risk of being sued.

Why should a computer system be any different? Computers run hospitals, banks, and medical research facilities. Were not just talking about the risk of losing money when a computer defect causes a problem we could be talking about lives!

32 posted on 08/02/2006 8:23:08 AM PDT by N3WBI3 ("I can kill you with my brain" - River Tam)
[ Post Reply | Private Reply | To 30 | View Replies ]

Free Republic
Browse · Search
General/Chat
Topics · Post Article


FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson