Re: The legal / illegal line?

From: Chris Travers (chris@verkiel.metatrontech.com)
Date: Mon Mar 05 2007 - 13:56:47 EST

• Next message: Dunn, Kevin: "RE: Proof of concept - Segregation of developers"
• Previous message: Craig Wright: "RE: The legal / illegal line?"
• In reply to: Barry Fawthrop: "Re: The legal / illegal line?"
• Next in thread: Security Guy: "Re: The legal / illegal line?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Barry Fawthrop wrote:
> Thanks All
>
> I agree totally, that it is a line that should be kept away from
> But then how do you "prove" to someone that their system isn't as secure
> as they "feel"/assume it is?
>
Tell them what you an do and ask their permission to proceed. Often
people who are overly confident in the security of their systems are
just as interested in proving you wrong. Once they give you permission,
as long as you stay within the scope agreed upon, I would think it would
be hard to call it trespassing. I generally try to get such permission
in written form (at least email).

IANAL though.

Best Wishes,
Chris Travers

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• text/x-vcard attachment: chris.vcf

• Next message: Dunn, Kevin: "RE: Proof of concept - Segregation of developers"
• Previous message: Craig Wright: "RE: The legal / illegal line?"
• In reply to: Barry Fawthrop: "Re: The legal / illegal line?"
• Next in thread: Security Guy: "Re: The legal / illegal line?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:38 EDT