There's a question begging to be asked here... First of all let me say that I don't know Sebastian or his motivations, so I am not infering anything here, simply that this brought up a point that is now itching my head a lot. If a hacker copyright's his code, and then releases it into the wild, what does that do for his rights under the copyright? To turn it upside down, I have a machine that has had some hacker code placed on it. I didn't authorize it to be placed on there... Am I to be denied investigating this code (and sharing it with others to help me investigate) because someone placed a copyright notice on the code. Normally the rights of the individual to swing his arms ends at the tip of another individual's nose. This issue can get a lot muddier, but I figured I'd start with a simple case. =) Aaron Silver aleph1at_private wrote: > * Sebastian (scutat_private-berlin.de) [010724 09:38]: > > I do not know who let this posting through, but I think something went > > seriously wrong here. > > > > What do the mailing list administrators do here, letting a confidential > > source code with full copyright and confidentiality header intact through a > > public mailing list. The Bugtraq mailing list was especially noted as > > example even in the header, which should not be allowed to disclose this. > > > > Although a lot of Bugtraq readers might not agree with me here, I think > > there is a right under which I can deny the disclosure of this source code. > > Call it privacy, call it copyright, I do not care about its name. > > Sebastian is correct. It was an error to approve the message given he > clearly stated in the comments he did not wish it distributed. For > that I apologize. > > That being said, it been quite obvious that for a while now that this > exploit is being shared in the underground and has been used actively > to break into systems. Better control of exploits one does not wish > to see distributed may be called for. > > > Oh, and another odd thing, there is no X-Approved-By: this time in the > > post, I wonder why. Do you know ? > > The X-Approved-By header was inserted by LISTSERV. We been using ezmlm, > which does not insert the header, for a while now. > > > ciao, > > -scut > > -- > Elias Levy > SecurityFocus.com > http://www.securityfocus.com/ > Si vis pacem, para bellum
This archive was generated by hypermail 2b30 : Tue Jul 24 2001 - 15:00:34 PDT