Re: Interesting conviction

From: Mike Messick (mike@digitalsecurus.com)
Date: Fri Oct 07 2005 - 20:28:24 EDT

• Next message: b.hines@comcast.net: "Re: Interesting conviction"
• Previous message: arron: "Top quality Rolex Watches"
• In reply to: jay.tomas@infosecguru.com: "Interesting conviction"
• Next in thread: Rogan Dawes: "Re: Interesting conviction"
• Reply: Rogan Dawes: "Re: Interesting conviction"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

You're quite right! ;-)

Here's mine:

I think the article's editorial comments about causing problems for
security professional and penetration testing are pure crap.

True professionals don't access systems in unauthorized fashion. They
obtain contractual authorization from the owners of those systems first,
and then conduct legal penetration tests.

Most laws are written with intent in mind. That Mr. Cutbert didn't intend
to do anything bad once he got in is really immaterial - that he *intended
to gain entry in an unauthorized fashion* is what constituted the
violation and his subsequent conviction.

Just because you don't steal the TV after you crowbar the front door open
doesn't mean you won't go to prison for unlawful entry. Or not get shot
by the owner (in some states). The fact that you don't have permission to
be there in the first place is what matters (at least under current law).

Disclaimer: I'm also not a lawyer, so my opinions will not be backed up
with any more substance than what's written here. I'm only voicing my
opinion based upon my experience in this field, and upon what my legal
counsel has told me.

Mike Messick
Chief Technology Officer
Digital Securus
http://www.digitalsecurus.com

On Fri, 7 Oct 2005, jay.tomas@infosecguru.com wrote:

> Betcha a lot of folks will have some opinions on this one.
>
> http://news.zdnet.co.uk/internet/0,39020369,39226979,00.htm
>
> Jay
>
>
>

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: b.hines@comcast.net: "Re: Interesting conviction"
• Previous message: arron: "Top quality Rolex Watches"
• In reply to: jay.tomas@infosecguru.com: "Interesting conviction"
• Next in thread: Rogan Dawes: "Re: Interesting conviction"
• Reply: Rogan Dawes: "Re: Interesting conviction"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:03 EDT