[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] InfoSec sleuths beware, Microsoft's attorneys may be knocking at your door
- To: full-disclosure@lists.netsys.com
- Subject: [Full-Disclosure] InfoSec sleuths beware, Microsoft's attorneys may be knocking at your door
- From: "Bernie, CTA" <cta@hcsin.net>
- Date: Wed, 18 Feb 2004 15:00:09 -0500
I see that in a recent article published by eWeek claim legal
experts say individuals examining the leaked Windows code could
face charges of trade-secret violations and infringement of
software patents.
http://www.eweek.com/print_article/0,3048,a=119396,00.asp
Could Microsoft's attorneys go after sleuths who are, have been
disclosing vulnerabilities in Microsoft's software and allege
that the individual had discovered the vulnerability because
they downloaded the code and examined it? Good tactic to impede
pen testing, security research, or disclosure of security
threats, which in the past have cast a ominous shadow on MS, is
it not?
It may be wise for security sleuths to fully document their
vulnerability / exploit discovery process, when, how, what, why.
I'm sure Microsoft's attorneys will be serving production of
documents request upon a select group. Note that under US
Federal law, limited discovery to perpetuate testimony regarding
any matter can be performed before a lawsuit is actually filed.
--
--
****************************************************
Bernie / cta@hcsin.net
Chief Technology Architect / Chief Security Officer
Euclidean Systems, Inc.
*******************************************************
// "There is no expedient to which a man will not go
// to avoid the pure labor of honest thinking."
// Honest thought, the real business capital.
// Observe> Think> Plan> Think> Do> Think>
*******************************************************
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html