mailing list archives
Re: House approves spyware legislation
From: Gregory Gilliss <ggilliss () netpublishing com>
Date: Thu, 7 Oct 2004 12:53:33 -0700
Criminal trespass affects real property. Computers and cyberspace,
contrary to popular belief, do not constitute real property. However
you could be subject to prosecution for trespass to chattels. Chattels,
for the uninitiated, is a fancy legal term (FLT) used to refer to
personal belongings. There is trespass to chattels and there conversion.
The was I understand it, trespass to chattels means I spray paint your
dog - my impact is temporary or reversable. Conversion means I throw
your dog in the microwave and turned it on. The effect is not reversable.
That's why you can't sue your veterinarian for malpractice. Dogs aren't
people. Computers aren't real property. Remember, we're talking law here,
and my only reference is the American legal system.
Liability for trespass to chattels is limited to the damage done, and
liability for conversion is limited to the cost of replacement. Needless
to say, this is ridiculous when it comes to valuations for data - the
cost of replacing your hard drive might be measurable, but the
cost of replacing your data is extremely intangible.
FWIW I do believe that hacking does not constitute criminal trespass.
There are legal concepts like consent implied in fact associated with the
act of attaching a computer to an Internet known to be populated by people
and 'bots intent on compromising your security.
On or about 2004.10.06 17:00:27 +0000, WB (cab75 () comcast net) said:
Interesting thoughts, but the fact remains hacking is illegal.
It is criminal trespass.
Look at it this way, someone breaks into your house defaces it to illustrate
how insecure you are.
Your not going to like it. Same holds true in the digital realm.
I have no problem with breaking into systems in a lab and then reporting on
the vulnerabilities. That is constructive and helps us all.
However, doing it to production systems, can depending on the systems place
lives at risk, more so then the vulnerability they exploit.
It is up to industry to fix the software mess and until we stop buying bad
software or congress overturns the EULA's that exempt the software industry
from liability, they won't.
Spyware, in most cases is about profit
Anyway enjoyed your comments.
Gregory A. Gilliss, CISSP E-mail: greg () gilliss com
Computer Security WWW: http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3
Full-Disclosure - We believe in it.
RE: House approves spyware legislation Randal, Phil (Oct 07)
House approves spyware legislation cab75 (Oct 07)
Re: House approves spyware legislation Gregory Gilliss (Oct 07)
Re: House approves spyware legislation Ron DuFresne (Oct 08)
Re: House approves spyware legislation Jason Coombs PivX Solutions (Oct 08)