RE: Reverse Engineering: Legal or illegal?

["Ziemniak, Terrence M." <tziemn2 () searshc com>]

Shyaam,

I am certainly not a lawyer, but I think the only issues in RE would be
copyright protection.  I can't imagine a virus author fighting you on
that.

PS - When you have a legal license to use software there is law on the
books about when RE is allowed.  This link (section F) is the relevant
law: http://www.copyright.gov/title17/92chap12.html#1201

 
Terry Ziemniak, CISSP
Information Security Operations, Team Lead
Sears Holdings Corporation
v. 847-286-4679
e. TZiemn2 at Searshc.com
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Alice Bryson <abryson () bytefocus com>
Sent: Tuesday, October 31, 2006 8:56 AM
To: shyaam () gmail com
Cc: security-basics () securityfocus com
Subject: Re: Reverse Engineering: Legal or illegal?

I'm a virus analysis of a security company, as far as i know, RE is
common in security company, otherwise how we analysis virus and get
signature? ask the virus writters for source code? just kidding~

--
mailto:abryson () bytefocus com

28 Oct 2006 00:03:15 -0000, shyaam () gmail com <shyaam () gmail com>:
> I wanted to start a website that LINKS to all RE websites around the
world. This website wowuld be hosted within US but will just LINK to all
other RE Websites.
> Second question is, would it be fine if this website stores just
tutorials related to RE and not the original softwares that help on RE.
> RE has been common for a very long time within US for the AV/IDS and
IPS companies for deriving the signatures from the exploits(according to
my knowledge, which is limited). So I wanted to gather some knowledge
from the Security Focus groups if I am right and the legal points of
such things.
> PS: I am sorry if I emailed the wrong group.
> I hope that this email doesnt start an irrational argument in this
group, please do give your rude comments if any to my personal email, so
that the sanity of groups is protected.
> Kind Regards,
> Shyaam
------------------------------------------------------------------------
---
> This list is sponsored by: Norwich University
>
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The NSA has designated Norwich University a center of Academic
Excellence
> in Information Security. Our program offers unparalleled Infosec
management
> education and the case study affords you unmatched consulting
experience.
> Using interactive e-Learning technology, you can earn this esteemed
degree,
> without disrupting your career or home life.
>
> http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---
>


-- 
Have a Good Day

------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence 
in Information Security. Our program offers unparalleled Infosec
management 
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------