-----Original Message-----
From: rsh () idirect com [mailto:rsh () idirect com]
Sent: Wednesday, November 26, 2003 8:35 PM
To: focus-ids () securityfocus com
Subject: Re: IDS (ISS) and reverse engineering
So lets take it one step further... A Mafioso uses a program
to encrypt his files and has a totally secret key [or two]
and someone then 'cracks' the software to be able to recover
the files for the purposes of prosecuting the Mafia member.
Is that illegal as it was done to crack the software or that
was legal because it was done from a legal security perspective?
One or the other applies.
Is it based on the law as written, or on the law as it will
be interpreted in the courts. Is it intent or is it fact
that determines whether one is doing it illegally or legally?
Is it what is being cracked and for what purpose or is it
that something is being cracked, whatever the purpose.
Time will tell, but for now a pox on the law... since I am
NOT in the US or in Australia.
Incidently, we can also get into a discussion on what happens
when the copyright laws are different in two nations, as they
often are for the LENGTH of the copyright, and someone in a
nation where the copyright has expired cracks it and supplies
it to someone in the nation where the copyright has NOT
expired yet. That can happen with books, and other items
while it has yet to happen with any software recently written.
RSH
Toronto
[I am not cracking software either, but that's not the point...]
--------------------------
On Wed, 26 Nov 2003 14:02:14 -0800, "Drew Copley"
<dcopley () eeye com> wrote:
It is illegal if performed in order to crack the software,
or as they
say, "to circumvent copyright protection". It is not illegal
if it is
from a security perspective. The law is poorly worded and
will probably
be hammered out in the courts, but this kind of situation
would be very
unlikely to be taken by court as it is pretty explicit for security
research.
(Now, for an independent researcher doing this without pay, maybe a
company that feels its' holes should be hidden from the world might
make the incredibly stupid move of trying to sue the
researcher... As
has happened, and as has been far more stinging to them then if they
had just dealt with the researcher honestly and professionally.)
-----Original Message-----
From: V.O. [mailto:vosipov () tpg com au]
Sent: Wednesday, November 26, 2003 12:54 PM
To: focus-ids () securityfocus com
Subject: Fw: IDS (ISS) and reverse engineering
(re-submitted by the moderator's request - he asked not to
cross-post)
Recently I've got to listen to a marketing pitch by an ISS
guy. He was going along the lines of "our X-force
reverse-engineered Microsoft RPC libraries and created
signatures..." and "we use protocol decoding, so we
reverse-engineered various closed-source protocols in order
to create out decoders".
What struck me - isn't this kind of activity actually illegal
in the US? To which extent it is possible to disassemble
Windows code? And if it is illegal, then aren't their
customers (plus many other IDSes, with the exclusion of
Snort, probably) in danger - what if Microsoft or whoever
else sues ISS for doing this? :)
I'm puzzled.
--------------------------------------------------------------
-------------
--------------------------------------------------------------
-------------
-------------------------------------------------------------
----------
----
-------------------------------------------------------------
--------------
=====================================================
R.S.H. Toronto, ON, Canada
Copyright retained.
My opinions - no one elses...
If this is illegal where you are, do not read it!
--------------------------------------------------------------
-------------
--------------------------------------------------------------
-------------
Intro
