Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Intrusion Detection Systems: Re: implications of recent legal trends

Re: implications of recent legal trends

From: <JohnNicholson_at_aol.com>
Date: Tue, 18 Apr 2000 15:54:33 EDT

Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
UNSUBSCRIBE: email "unsubscribe ids" to majordomo_at_uow.edu.au
Off the cuff response. I'll give this some thought and if I think I need to
elaborate or correct something, I'll post another reply later.

I'm not sure this is that big an issue as far as the development of security
tools is concerned. As I understand it, Mattel argued that cphack violated
Mattel's copyright by displaying a list of websites that CyberPatrol blocks.
Mattel argued that the list of sites constituted their intellectual property,
and that by republishing it without a license, cphack was violating copyright
law. Copyright law does (and should) protect the assembly of information
into databases (i.e. the Yellow Pages), otherwise there wouldn't be an
incentive for anyone to invest the time and resources necessary to be the
first one to develop a database, since everyone else could just copy yours.
The Mattel claim is a pretty specific argument, and probably only works
because cphack discloses the list of sites.

IMHO, there are a couple of possible reasons why Mattel wants to prevent the
list of sites blocked by CyberPatrol from being public knowledge - first,
Mattel presumably spent a lot of money to research the sites that CP blocks.
If anyone else can copy the list, then Mattel has paid to develop a product
on which other blocking software vendors can use cphack, copy the CP list,
add it to their own and immediately have an advantage over CP. Second,
currently, if you want to know whether CP blocks your site, you have to buy a
copy from Mattel. If cphack makes the list public, then Mattel will sell a
lot fewer copies of CP. Third, various blocking softwares have gotten bad PR
because they block sites that demonstrate that the vendor has a particular
political agenda because of the sites that are blocked. Mattel may want to
prevent such a PR issue.

For hacking tools in general, unless the hacking tool somehow violates the
copyright of the developer of an IDS, firewall, auditing tool, etc., the
vendor who developed such a tool would not be able to make the same kind of
argument. Hacking tools, in general, explore for and exploit known
weaknesses in a software, rather than publicizing specific lists or other
data included in the software.

However, if, for example, someone wrote a virus that somehow got into an
anti-virus package and listed out all of the signatures used by that AV
package and posted that list on a web page, that might qualify as a similar
situation where the AV vendor would need to take legal action to protect one
of the things that supposedly makes that vendor's AV package better than
others.

John Nicholson
Received on Apr 18 2000

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos