RE: CRIME EarthLink Password Security Story

From: Tom Tintera (Tom_Tintera@private)
Date: Fri Jun 21 2002 - 14:32:11 PDT

  • Next message: SCRIMSHER,JOHN (HP-Corvallis,ex1): "RE: CRIME EarthLink Password Security Story"

    Knowingly refers to the intent to access or attempt to access a computer.
    
    > ----------
    > From: 	T. Kenji Sugahara[SMTP:sugahara@private]
    > Sent: 	Friday, June 21, 2002 1:58 PM
    > To: 	Tom Tintera
    > Cc: 	Seth Arnold; Lyle Leavitt; 'Phil Hochstetler'; CRIME
    > Subject: 	Re: CRIME EarthLink Password Security Story
    > 
    > Tom,
    > 
    > Does the intent element deal with the actual intent to access or does it 
    > deal with knowingly committing an act which results in access?  e.g. 
    > where you would still be found liable if you didn't intend to commit the 
    > culpable act but intended the action which resulted in act?  This may be 
    > splitting legal hairs, but if a person commits an act where they didn't 
    > mean to access a computer, but intended to use the software which 
    > resulted in access, the person could still be found liable.
    > 
    > 
    > On Friday, June 21, 2002, at 10:37  AM, Tom Tintera wrote:
    > 
    > > Randal did use one of the passwords to copy a larger password file and 
    > > also
    > > installed a back door through Intel's firewall.
    > > However, ORS 164.377 states that:4) Any person who knowingly and without
    > > authorization uses, accesses or attempts to access any computer, 
    > > computer
    > > system, computer network, or any computer software, program, 
    > > documentation
    > > or data contained in such computer, computer system or computer network,
    > > commits computer crime. Class A misdemeanor.
    > >
    > > Caution is advised if there is no authorization.
    > >
    > > Tom Tintera
    > > Senior Deputy District Attorney
    > > Washington County District Attorney
    > > Hillsboro, Oregon
    > > 503 846-3462
    > > tom_tintera@private
    > >
    > >
    > >
    > >> ----------
    > >>
    > >> I don't know how people on this list feel about the Randal Schwartz
    > >> trial, but I think the facts are a bit different than "he didn't even
    > >> try any of them".   He did use them and his intent was to bypass the
    > >> system administrators attempts to enforce their policy.  You can read
    > >> more lots of places.  For example:
    > >>
    > >>
    > http://www.cs.uidaho.edu/~frincke/research/security/articles/schwartz3.t
    > >> xt
    > >>
    > >> BTW, I knew randal in the early 80's when he worked at Sequent.
    > >> --phil
    > >>
    > >>
    > >>
    > >
    > >
    > T. Kenji Sugahara
    > Chief Operating Officer
    > counterclaim
    > Phone:  541-484-9235
    > Fax:  541-484-9193
    > 
    



    This archive was generated by hypermail 2b30 : Fri Jun 21 2002 - 15:14:49 PDT