Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Legality of Open Source Tools

From: "Brunner, Mark" <Mark.Brunner () brookfield com>
Date: Fri, 4 Apr 2014 19:18:23 +0000
Real people can die if you move the right electrons attached to say life support systems in buildings, water treatment 
plants, hydro electric dams, and power stations.  Real people will be affected if you manipulate electrons associated 
with banking, investing and finance.

Mark



Mark Brunner
Security Architect


Brookfield Corporate Operations
eArchitecture and Enterprise Information Security
1 Adelaide Street East, Suite 1400, Toronto, ON M5C 2V9
T 416.649.8206, F 416.649.8245
Mark.Brunner () brookfield com



View important disclosures and information about our e-mail policies  http://www.brookfield.com/emaildisclaimer.

-----Original Message-----
From: Fulldisclosure [mailto:fulldisclosure-bounces () seclists org] On Behalf Of Andres Riancho
Sent: Friday, April 04, 2014 2:57 PM
To: Not EcksKaySeeDee
Cc: fulldisclosure () seclists org
Subject: Re: [FD] Legality of Open Source Tools

Software is SO different to a gun... you can't really compare them.
Real people will die in most cases when a gun is misused, only electrons are disturbed (in the great majority of cases) 
if you misuse a hacking tool.

On Fri, Apr 4, 2014 at 3:50 PM, Not EcksKaySeeDee <noteckskayseedee () gmail com> wrote:

Re: Use of a disclaimer on these sort of tools (i.e., those that can
harm and/or be used for good).

Wonder if any gun dealer applied something similar in their shop, or
for that matter, in a hardware store under the hammer section.


On Fri, Apr 4, 2014 at 2:29 PM, Andres Riancho
<andres.riancho () gmail com>
wrote:


Hi. As w3af's project leader I've not received any legal threats over
the seven years this project has been alive.

Only a couple of months ago, and just to be sure, I added this
disclaimer which users need to accept to run the tool.

DISCLAIMER = """Usage of w3af for sending any traffic to a target
without prior mutual consent is illegal. It is the end user's
responsibility to  obey all applicable local, state and federal laws.
Developers assume no liability  and are not responsible for any
misuse or damage caused by this program."""

On Fri, Apr 4, 2014 at 7:58 AM, Bryan Bickford
<bryan () unhwildhats com>
wrote:

Greetings

I am a security researcher who is working on a project in my free
time, without going into details - the project will end with a
powerful tool being publicly released.

Obviously most cyber security tools have the potential for abuse.
What sort of legal hurdles (if any) do you need to overcome to
protect yourself when releasing software along the lines of
metasploit?

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/




--
Andrés Riancho
Project Leader at w3af - http://w3af.org/ Web Application Attack and
Audit Framework
Twitter: @w3af
GPG: 0x93C344F3

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/







--
Andrés Riancho
Project Leader at w3af - http://w3af.org/ Web Application Attack and Audit Framework
Twitter: @w3af
GPG: 0x93C344F3

_______________________________________________
Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: