[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Re: Cisco's stolen code
- To: Ron DuFresne <dufresne@xxxxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxx
- Subject: Re: [Full-Disclosure] Re: Cisco's stolen code
- From: Mister Coffee <live4java@xxxxxxxxxxxxxxx>
- Date: Wed, 26 May 2004 14:39:17 -0700
On Wed, May 26, 2004 at 03:46:45PM -0500, Ron DuFresne wrote:
>
> [BIGGER SNIPPAGE]
>
> I'm trying to understand how obtaining and using stolen code, for any
> reason, is different then acquiring stolen property in any other context.
> If you know the property was obtained illegally, that would make you an
> acessory after the fact, would it not?
>
I suppose that's ultimately something for the lawyers to decide. But imagine
it this way - in keeping with the hypothetical situation we're using in the
example: Someone copies an article out of a magazine. They then leave the
photocopies out on a table at the local coffee house that's known for having
magazines and books and such out for people to read.
How have you broken the law if you pick up the copies and read them? You know
they are copies, but you don't know whether they were made with permission,
etc. You're not making copies yourself: just reading the ones you find.
My example used a publically accessible website, rather than a download. The
website and the coffeehouse serve the same purpose in the example.
There are actually two points here that are getting confused. The first is
whether or not it's legal to get/view/etc., the code - and under what
conditions. The second is whether it's ethical to publish an advisory based on
a review of that code.
While I strongly feel that simply viewing the code is not a violation of
copyright, I readily acknowledge that the legality is a complex issue. Several
people have been talking about the definition of copying, who's responsible,
etc. That's not really the point I'm concerned about. My peronal interest is
in whether it's ethical or morally correct to reveal your findings if you do
choose to read the code.
I don't want to delve into the "Legality of copy" issue. My sole purpose, and
the reason I tried to use an example where the acquisition wasn't an issue, was
the ethics of auditing.
Cheers,
L4J
>
> Thanks,
>
> Ron DuFresne
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> "Cutting the space budget really restores my faith in humanity. It
> eliminates dreams, goals, and ideals and lets us get straight to the
> business of hate, debauchery, and self-annihilation." -- Johnny Hart
> ***testing, only testing, and damn good at it too!***
>
> OK, so you're a Ph.D. Just don't touch anything.
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html