Re: RPAT - Realtime Proxy Abuse Triangulation

[Syzop <syz () dds nl>]

Rob Shein wrote:
> This is fundamentally flawed logic.  To cite a physical-world
> equivalent, [..]

The problem is that (currently) you can't compare these things...
The Internet is a public network where many computers are running public
services... so if you (accidently, or not) share your whole C drive...

-- snip, quote from Gary Flynn --
>>I'd say they're making it as
> > accessible as an anonymous ftp server, Microsoft C$ file 
> > share with no Administrator 
> > password,
> > Kazaa share of entire hard drive, or telnet server with an account of 
> > "root" and no
> > password. I would think it would be hard to prosecute someone 
> > in such a case when the service was made publicly available.

Exactly, this is also completely legal (or at least) in the Netherlands.
Because, you have to do one of these things to commit a crime[1]:
- break some kind of security (even if its weak)
OR..
- by some technical means:
  - using false signals OR..
  - using a false key OR..
  - using a false identity

At 15-11-2002 a dutch higher(?) court decided[2] that the police legally
obtained evidence in such a case:
someone logged in on a share without password on the suspect and found
kidp*rn, he then contacted the police which also logged in anonymously
on the share (again: no password, no security at all).
Because there wasn't any security in place, it was completely legal
to do this.

Cya,

        Bram Matthys (Syzop).

[1] Dutch law... artikel 138a, "computervredebreuk"
[2] http://www.automatiseringsgids.nl/news/default.asp?nwsId=19687 (in 
dutch)


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com