Intrusion Detection Systems mailing list archives

Previous By Date Next
Previous By Thread Next

Re: legality of sacrificial host to prosecute

From: JohnNicholson () aol com (JohnNicholson () aol com)
Date: Wed, 13 Oct 1999 09:59:40 EDT


In a message dated 10/13/1999 8:04:53 AM Eastern Daylight Time, 
FMartins () pt imshealth com writes:


When we say "this is legal or this is not legal" the question is WHERE?
 If you have any practice in tracing attackers, you know that in many 
countries laws are not the same, and sometimes the attacker goes free just 
because in his own country what he did was just not even specified in his 
country laws.


You're exactly right, here, Fernando. That's why I try to be careful and 
specify that I am talking about US law. However, the logic should apply 
regardless of legal system (granted that assumes that judges and legislators 
behave rationally, which we all know is a HUGE assumption).  And your point 
about things getting a lot more complicated in court is very true.  A defense 
lawyer is going to point out that logs are just easily alterable ASCII files. 
 That's where we get into the discussion of evidence and chain of custody, 
but that's a separate topic.


 
 The best exemple i can give you without make any law research, is that "
entrapment" is not defined in portuguese laws about cybercrime.


Entrapment is not defined under US laws regarding cybercrime, either. It's a 
concept of its own and applies as a possible defense to any crime.

[Note: When I said, "As I and at least one other person have said..." I meant 
one other person on this list had posted similar language in this discussion. 
I was not citing to authority, I just wanted to point out that someone else 
was saying the same thing without seaching back through my mail file to 
figure out who posted it.]

As far as your example of the bad browser is concerned, you were using a 
browser to see whether or not you could get into that guy's server. You 
didn't make a mistake and just happen to pull a file from the wrong place. 
Granted, you thought you were doing him a favor and being a white hat because 
you didn't do any damage, but you were still intentionally trying to get 
access to his server.  From your description, it sounds like you got into a 
honeypot, instead, which is something of a vindication for the concept of 
honeypots.

John
Previous By Date Next
Previous By Thread Next

Current thread: