[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Fwd: HBGary Mirrors?
- To: decoder <decoder@xxxxxxxxxxxx>, "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Fwd: HBGary Mirrors?
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- Date: Fri, 18 Feb 2011 19:03:58 +0000
It would ultimately come down to "intent." Technically of course, the
encrypted file is not the original file. Never will be. Can't be. They keys
are not either. Used together they can reproduce the copyright data. So
legally, there would certainly be an interesting argument about what is and
what isn't legal. But there would be plenty of cause for an injunction which
would put the kibosh on distribution until that legal decision was made. It
doesn't have to make sense, and it doesn't have to be strictly "legal" but it
is up to a judge. Recall that 9th circuit judge Kermit (I believe) ruled
against emails on an ISPs server being in scope for wiretap laws since, at the
time the ISP was reading them, they were not "in transit." Go figure.
If a judge ruled that you were purposely encrypting data and distributing keys
to get around copyright laws, he could easily rule against you anyway.
t
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of decoder
Sent: Friday, February 18, 2011 10:56 AM
To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Fwd: HBGary Mirrors?
I can't answer the question but it would be even more interesting to answer
this if you're using a One-Time-Pad (i.e. two files of equal size on two
different servers, both XORed give you the data). There exists a mathematical
proof that none of the two files leak a single bit of information of the
original data :)
Chris
On 02/18/2011 07:50 PM, Cal Leeming [Simplicity Media Ltd] wrote:
Sorry, when I say eligible, I mean "which server would they be allowed to take
down by law?".
I'm not too hot on the laws of encryption, but I'm sure there is something
which states that hosting encrypted files are not illegal, it's distributing
the key which allows you to gain access to those fails, which is actually
illegal.
*DISCLAIMER: I don't know if the above is true or not, so apologies if I got
this wrong*
On Fri, Feb 18, 2011 at 6:46 PM, ck
<c.kernstock@xxxxxxxxxxxxxx<mailto:c.kernstock@xxxxxxxxxxxxxx>> wrote:
I go with the server hosting the files since the key should be
significant smaller than the files and therefor much easier to mirror.
On Fri, Feb 18, 2011 at 7:37 PM, Cal Leeming [Simplicity Media Ltd]
<cal.leeming@xxxxxxxxxxxxxxxxxxxxxxxx<mailto:cal.leeming@xxxxxxxxxxxxxxxxxxxxxxxx>>
wrote:
> So here's a thought.
> If illegally distributed files (such as this one) were encrypted and hosted
> on one server, and the key hosted on another, which server would
> be eligible for take down?
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/