Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: If Lycos can attack spammer sites, can we all start doing it?
From: <auto184605 () hushmail com>
Date: Thu, 2 Dec 2004 13:00:13 -0800

Hash: SHA1

Not to mention this discusses US LAW, not EU.


On Thu, 02 Dec 2004 09:19:02 -0800 Valdis.Kletnieks () vt edu wrote:
On Wed, 01 Dec 2004 22:22:30 EST, KrispyKringle said:

The Computer Fraud and Abuse Act
(http://www.usdoj.gov/criminal/cybercrime/1030_new.html) forbids

one to,
among other things, ``knowingly cause the transmission of a
information, code, or command, and as a result of such conduct,
intentionally cause damage without authorization, to a protected
computer,'' which pretty much covers viruses and other malware.
would appear to apply to the Lycos software as well, given that
``causes damage without authorization to a protected computer.''

So that
is the key point, one that has not, to my knowledge, been tested

in court.

The point that Lycos is probably betting on is the "causes
damage".  If their
rate-limiting works, they're *NOT* actually causing a DDoS - if
the site is
still responding, claiming "damage to the computer" is quite the

Damage to the bandwidth bill from your provider - that's something

else.  Not
sure that's a criminal offense, but I'd not be at all surprised if

the ISP
left holding the bag for the unpail bill (what - you think the
spammer will
actually pay for the bandwidth? ;) might go after Lycos on the
"your actions
cost me money" theory of civil tort.
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4


Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]