Bugtraq mailing list archives
RE: hacker copyrights was [RE: telnetd exploit code]
From: "Eric D. Williams" <eric () infobro com>
Date: Wed, 25 Jul 2001 23:40:49 -0400
On Wednesday, July 25, 2001 9:08 PM, Greg A. Woods [SMTP:woods () weird com] wrote:
[ On Wednesday, July 25, 2001 at 20:27:51 (-0400), Eric D. Williams wrote: ]Subject: RE: hacker copyrights was [RE: telnetd exploit code] With all do respect it is clear the case especially the Godwin ref. are not directly material to the issue / topic here but rather the application of the principles herein as you discussed.Well I see the Godwin article as primarily discussing whether or not crackers can get in trouble by publishing some document that they find through their (illegal) efforts, and as such only marginally applicable to the quite opposite question posed here.
I agree.
I am not clear on what your allusion to self-propagating worm is here, I believe this thread started where a question was asked whether a cracker would be protected from scrutiny by copyright.The question that opened this thread, IIRC, was asking whether or not someone publishing an analysis of a worm or virus would be violating the copyright of worm/virus author. The original question also asked if the worm/virus code could be shared.
I concur, and an additional question was posed as a hypothetical: On Tuesday, July 24, 2001 5:22 PM, Aaron Silver [SMTP:asilver () epoch net] wrote: "...I have a machine that has had some hacker code placed on it. I didn't authorize it to be placed on there... Am I to be denied investigating this code (and sharing it with others to help me investigate) because someone placed a copyright notice on the code." I broadened the hypothetical by inferring that the 'hacker code' was placed or 'created' on said machine and it was discovered subsequent to the intrusion with a copyright notice in source as in the message from this list. The anti-scrutiny argument was bolstered by the argument of one poster saying: On Tuesday, July 24, 2001 11:38 AM, Sebastian [SMTP:scut () nb in-berlin de] wrote: "...letting a confidential source code with full copyright and confidentiality header intact through a public mailing list. The Bugtraq mailing list was especially noted as example even in the header, which should not be allowed to disclose this." and, from the offending post (parts deleted or changed to protect the innocent): On Tuesday, July 24, 2001 1:59 AM, cami [SMTP:camis () mweb co za] wrote: 8<snip----- * * The contents of these coded instructions, statements and computer * programs may not be disclosed to third parties, copied or duplicated in * any form, in whole or in part, without the prior written permission of * h4x0r Security. This includes especially the Bugtraq mailing list, the * www.h4ck.co.ls website and any public exploit archive. * * (C) COPYRIGHT h4x0r Security, 2001 * All Rights Reserved * ***************************************************************************** I guess I goofed by not explaining fully my re-stating of the question. For the sake of clarity it is: If found on a system as residual data/file or deposited data/file on a system due to an intrusion, would this copyright affect the ability to re-distribute this source code for analysis. I think we concur that it would not limit a sysadmin in any way, in part do to the nature of its reception. Although it *may* technically be construed as infringement, that case probably would not stand the examination of a favorable judge if couched as an exercise of forensic examination.
Under normal circumstances, in at least many modern "Western" legal jurisdictions, copyright is implict and does not have to be registered to be valid. This means that a virus/worm author has implicitly reserved all of their rights under copyright law even if they don't include any kind of copyright licensing notice. So the original question was indeed partly on-track w.r.t. whether or not the worm/virus code could be shared. While strictly speaking it's probably not legal to make more copies of the worm/virus code to share with other analysts, that doesn't mean you can't "show" your copy to them. However as I've argued it would seem that due to the nature of worm/virus self- propagation the author must implictly relinquish his or her right to control redistribution, at least free redistribution, since nobody can prove one way or another how some second analyst might have obtained a copy of the code when all initial distribution is anonymous (and free). -- Greg A. Woods +1 416 218-0098 VE3TCP <gwoods () acm org> <woods () robohack ca> Planix, Inc. <woods () planix com>; Secrets of the Weird <woods () weird com>
Me thinks we have parity... Ciao, Eric Williams, Pres. Information Brokers, Inc. Phone: +1 202.889.4395 http://www.infobro.com/ Fax: +1 202.889.4396 mailto:eric () infobro com For More Info: info () infobro com PGP Public Key http://new.infobro.com/KeyServ/EricDWilliams.asc Finger Print: 1055 8AED 9783 2378 73EF 7B19 0544 A590 FF65 B789
Current thread:
- hacker copyrights was [RE: telnetd exploit code] Eric D. Williams (Jul 25)
- Re: hacker copyrights was [RE: telnetd exploit code] Stan Horwitz (Jul 26)
- Re: hacker copyrights was [RE: telnetd exploit code] Stanley G. Bubrouski (Jul 26)
- Re: hacker copyrights was [RE: telnetd exploit code] Timothy Lawless (Jul 26)
- 10 Big Myths about Copyright (especially as pertains to Internet Publication) Don Papp (Jul 26)
- Re: hacker copyrights was [RE: telnetd exploit code] Greg A. Woods (Jul 26)
- Re: hacker copyrights was [RE: telnetd exploit code] Joe Shaw (Jul 26)
- <Possible follow-ups>
- RE: hacker copyrights was [RE: telnetd exploit code] Eric D. Williams (Jul 26)
- RE: hacker copyrights was [RE: telnetd exploit code] Greg A. Woods (Jul 26)
- RE: hacker copyrights was [RE: telnetd exploit code] Eric D. Williams (Jul 26)
- Re: hacker copyrights was [RE: telnetd exploit code] Joe Shaw (Jul 26)