Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Basics: Re: application for an employment

Re: application for an employment

From: Ansgar -59cobalt- Wiechers <bugtraq_at_planetcobalt.net>
Date: Tue, 4 Apr 2006 22:43:01 +0200

On 2006-04-04 Craig Wright wrote:
>> Bullshit. Sorry, but there's no other word for this. You can't have a
>> "contractual agreement" with the public. Who of "the public" do you
>> think agreed to it?
>
> There is a very distinguished case that all (Common Law) Law students
> doing contracts learn. Carbolic Smoke Ball (even Wikipedia has this
> case).
> [Carlill v Carbolic Smoke Ball Company [1893] 1 QB 256 ]
>
> I suggest that you read it. Carbolic Smoke Ball Company (Hereafter
> CSBC) argued as has been done on the list that it is not possible to
> treat nor hold an enforceable contract on the basis. The court held
> that a "unilateral contract" was created between CSBC and anyone who
> satisfied the terms of the offer (as listed in the ad).
>
> This has evolved into the law of unilateral offers (which is a part of
> the law of obligations). There is no requirement for a contract to be
> in writing. In fact most people mix the idea of a contract and deed. A
> Deed is required to be made in writing etc. A contract is an
> enforceable promise made of:
> 1 Offer
> 2 Acceptance of the offer
> 3 Consideration, where consideration does not need to be adequate
> but only of some value (including a benefit etc).

My comment on this was too brief and thus inaccurate. My bad.

Of course one can have unilateral offers and even unilateral contracts.
However, a unilateral contract can NEVER contain any stipulation or
limitations for a second party in any way, so a contract specifying
acceptable use of something can NEVER be unilateral. At least not
according to german law.

It is also true, that a contract can be accepted by action. However, a
precondition for acceptance to be assumed is, that the second party had
at least had the possibility to take notice of the terms of that
contract. For a portscan this is generally not the case, so portscanning
cannot be forbidden by such a contract, though the terms of use for e.g.
a website may be subject to such a contract.

> Where the "Statute of Frauds" is in place in a jurisdiction, there may
> be a requirement for certain types of contract to be formed in writing -
> eg land registration. This does not make contracts in general invalid
> as they are not in writing.

I didn't mean to imply that a contract had to be written to become
valid.

>> The fact that there is no law prohibiting an action does make it
>> legal.
>
> Sorry, but this is wrong. There are numerous cases of illegal acts
> without code or statute. Criminal is a separate matter. Many civil
> actions do not have defined law per se.

That's hard to believe since "illegal" means "against the law". How can
something be against the law if there is no law codifying this? I would
like to see a single case of something that is illegal without a law.

>>> This means that the act is not to be treated as criminal. This does
>>> not make the act unactionable as a civil violation or and
>>> administrative offence. This is that it is still illegal, but only
>>> actionable if there is resultant damage.
>>
>> So you finally agree that the cybercrime convention does not apply to
>> the matter we were discussing. Thank you so much. Why did you bring
>> it into the discussion anyway?
>
> No, I do not agree this nor have I stated this. I have stated the
> entire time that the action (port scanning without authorisation) is
> illegal but unactionable without damage. These are not the same
> things.

Then I entirely fail to understand why you brought the cybercrime
convention into this discussion in the first place.

Regards
Ansgar Wiechers 

-- 
"Der Computer ist da, um zu rechnen, nicht um Ausreden wie 'Kann nicht
durch Null teilen' auf den Bildschirm zu schreiben."
--Marco Haschka in de.org.ccc
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Received on Apr 05 2006
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos