Full Disclosure mailing list archives
Re: Publishing exploit code ruled illegal in France?
From: "securitynews" <securitynews () wanadoo fr>
Date: Fri, 11 Mar 2005 16:01:04 +0100
Hi , so , in France , since three years , the laws are very hard , by default , alls security researchers community are criminals !you don't have the right to have or use a security tool , you don't have the right to have a copy of a virus for studing , you don't have the right to publish some technical details about a vulnerability or provide an exploit, until a judge after many years of justice tell you are not a criminal. see the last LEN/LCEN laws.("Le fait d'importer , de detenir,d'offrir ou de mettre a disposition un instrument ou programme informatique" art.323-3-1,...) Currently , this law is not really apply (like many other laws in france) but it's in the laws and maybe one day , policemens can knock at your door in order to arrest you because you are doing your job !
for reverse engineering case , according to me ,you only have the right to reverse sofware for compatibility ,
of course you need to have a valid license for this software.so , for tena case , it's not only because he didn't have a valid license , it's the tree that hide the forest , the main
reason is because he bothered viguard business . Stephane. ps: sorry for my poor english...----- Original Message ----- From: "Burnes, James" <james.burnes () gwl com> To: "jean-philippe Gaulier" <jean-philippe.gaulier () unilim fr>; <full-disclosure () lists grok org uk>
Sent: Thursday, March 10, 2005 5:59 PMSubject: RE: [Full-disclosure] Publishing exploit code ruled illegal in France?
So, in France, which of the following statements are true? 1. You must literally own the software in question before reverse engineering it? A normal user license is not good enough. In other words, only Microsoft may reverse engineer its own software. Pointless, but whatever... 2. You may reverse engineer a copy that you have licensed. 3. You may reverse engineer a copy that a license owner has given you permission to examine. 4. You must have formal permission of a license owner in hand and notarized before you may examine such a piece of software. Any comments from our friends in France? JB -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of jean-philippe Gaulier Sent: Thursday, March 10, 2005 1:40 AM To: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Publishing exploit code ruled illegal in France? On Wed, 09 Mar 2005 15:40:46 +0100 sec-list () nolog org wrote: Hi,
in France some strange things happen: http://www.zdnet.com.au/news/security/0,2000061744,39183862,00.htm
I disagree with this article. I'm french, I know Guillaume and don't like Viguard, so I think that I could chat about that a little more. Guillaume was convicted not for his publication, but because he used first a "pseudo" illegal copy of tegam viguard, and disassemble not for compatibility The decision of the court is defined as "really friendly" for the researcher community. This point of view is explained by a french lawyer there : http://maitre.eolas.free.fr/journal/index.php?2005/03/08/87-guillermito- condamne-mais-tres-legerement See ya. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/ -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.7.1 - Release Date: 09/03/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.308 / Virus Database: 266.7.1 - Release Date: 09/03/2005 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- Publishing exploit code ruled illegal in France? sec-list (Mar 09)
- Re: Publishing exploit code ruled illegal in France? Gregh (Mar 09)
- Re: Publishing exploit code ruled illegal in France? Vincent Archer (Mar 10)
- Re: Publishing exploit code ruled illegal in France? jean-philippe Gaulier (Mar 10)
- Re: Publishing exploit code ruled illegal in France? Liu Die Yu (Mar 11)
- Re: Publishing exploit code ruled illegal in France? class 101 (Mar 11)
- Re: Publishing exploit code ruled illegal in France? Liu Die Yu (Mar 11)
- Re: Publishing exploit code ruled illegal in France? Georgi Guninski (Mar 10)
- <Possible follow-ups>
- RE: Publishing exploit code ruled illegal in France? Burnes, James (Mar 10)
- Re: Publishing exploit code ruled illegal in France? Vincent Archer (Mar 11)
- Re: Publishing exploit code ruled illegal in France? securitynews (Mar 11)
- RE: Publishing exploit code ruled illegal in France? class 101 (Mar 11)
- Re: Publishing exploit code ruled illegal in France? Gregh (Mar 09)