Re: Give us your tired, your poor, your exploit writers yearning to breath free!

[Cedric Blancher <blancher () cartel-securite fr>]

Le lundi 30 novembre 2009 à 10:22 -0800, Michal Zalewski a écrit :
> but offering them to the highest bidder is bound to strike a chord
> with many audiences, and many societies were eager to ban or restrict
> such trade in the past

He has not been sued for *trading* exploits, but for *publishing* them.
At the time he was initially convicted, hist company was not, afaik,
selling exploits but was publishing them on frsirt.fr.

In particular, it seems that the very publication of an exploit for
MS06-001 before the patch was made available seems to have retained a
lot of attention from the court...

Finally, the final judgment, in its last lines, refers to "writings
directly visible and accessible to all from the website allowing,
computer security flaws exploitation", which does not limit to exploits
at all.


-- 
http://sid.rstack.org/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
> > Hi! I'm your friendly neighbourhood signature virus.
> > Copy me to your signature file and help me spread!
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave