[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FD] Legality of Open Source Tools
- To: Andres Riancho <andres.riancho@xxxxxxxxx>
- Subject: Re: [FD] Legality of Open Source Tools
- From: Not EcksKaySeeDee <noteckskayseedee@xxxxxxxxx>
- Date: Fri, 4 Apr 2014 15:05:44 -0400
True, s/ware is different from a gun. I mostly meant it tongue in cheek.
But I can't help but wonder, what with the increase of people learning to
code (mind you, there's a diff between hobby and serious, I accept that),
and the whole Internet of Things, and the fact that most modern hardware
(nuclear reactor, medical, automotive, aeronautical...) relies on code
underneath of some form or fashion, that code has the potential to kill.
On Fri, Apr 4, 2014 at 2:56 PM, Andres Riancho <andres.riancho@xxxxxxxxx>wrote:
> Software is SO different to a gun... you can't really compare them.
> Real people will die in most cases when a gun is misused, only
> electrons are disturbed (in the great majority of cases) if you misuse
> a hacking tool.
>
> On Fri, Apr 4, 2014 at 3:50 PM, Not EcksKaySeeDee
> <noteckskayseedee@xxxxxxxxx> wrote:
> > Re: Use of a disclaimer on these sort of tools (i.e., those that can harm
> > and/or be used for good).
> >
> > Wonder if any gun dealer applied something similar in their shop, or for
> > that matter, in a hardware store under the hammer section.
> >
> >
> > On Fri, Apr 4, 2014 at 2:29 PM, Andres Riancho <andres.riancho@xxxxxxxxx
> >
> > wrote:
> >>
> >> Hi. As w3af's project leader I've not received any legal threats over
> >> the seven years this project has been alive.
> >>
> >> Only a couple of months ago, and just to be sure, I added this
> >> disclaimer which users need to accept to run the tool.
> >>
> >> DISCLAIMER = """Usage of w3af for sending any traffic to a target
> >> without prior mutual consent is illegal. It is the end user's
> >> responsibility to
> >> obey all applicable local, state and federal laws. Developers assume
> >> no liability
> >> and are not responsible for any misuse or damage caused by this
> >> program."""
> >>
> >> On Fri, Apr 4, 2014 at 7:58 AM, Bryan Bickford <bryan@xxxxxxxxxxxxxxx>
> >> wrote:
> >> > Greetings
> >> >
> >> > I am a security researcher who is working on a project in my free
> time,
> >> > without going into details - the project will end with a powerful tool
> >> > being publicly released.
> >> >
> >> > Obviously most cyber security tools have the potential for abuse. What
> >> > sort
> >> > of legal hurdles (if any) do you need to overcome to protect yourself
> >> > when
> >> > releasing software along the lines of metasploit?
> >> >
> >> > _______________________________________________
> >> > Sent through the Full Disclosure mailing list
> >> > http://nmap.org/mailman/listinfo/fulldisclosure
> >> > Web Archives & RSS: http://seclists.org/fulldisclosure/
> >>
> >>
> >>
> >> --
> >> Andrés Riancho
> >> Project Leader at w3af - http://w3af.org/
> >> Web Application Attack and Audit Framework
> >> Twitter: @w3af
> >> GPG: 0x93C344F3
> >>
> >> _______________________________________________
> >> Sent through the Full Disclosure mailing list
> >> http://nmap.org/mailman/listinfo/fulldisclosure
> >> Web Archives & RSS: http://seclists.org/fulldisclosure/
> >
> >
>
>
>
> --
> Andrés Riancho
> Project Leader at w3af - http://w3af.org/
> Web Application Attack and Audit Framework
> Twitter: @w3af
> GPG: 0x93C344F3
>
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/