funsec mailing list archives
Spot a Software Bug, Go to Jail?
From: "Fergie" <fergdawg () netzero net>
Date: Wed, 10 May 2006 15:20:46 GMT
This has got to be one of the most asinine things I've ever heard of. Via Wired News. [snip] A new federal prosecution again raises the issue of whether computer security experts must fear prison time for investigating and reporting vulnerabilities. On April 28, 2006, Eric McCarty was arraigned in U.S. District Court in Los Angeles. McCarty is a professional computer security consultant who noticed that there was a problem with the way the University of Southern California had constructed its web page for online applications. A database programming error allowed outsiders to obtain applicants' personal information, including Social Security numbers. For proof, the man copied seven applicants' personal records and anonymously sent them to a reporter for SecurityFocus. The journalist notified the school, the school fixed the problem, and the reporter wrote an article about it. The incident might have ended there, but didn't. [snip] More here: http://www.wired.com/news/columns/circuitcourt/0,70857-0.html - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Spot a Software Bug, Go to Jail? Fergie (May 10)
- Re: Spot a Software Bug, Go to Jail? Valdis . Kletnieks (May 10)
- Re: Spot a Software Bug, Go to Jail? Dude VanWinkle (May 10)
- <Possible follow-ups>
- RE: Spot a Software Bug, Go to Jail? Alex Eckelberry (May 10)
- Re: Spot a Software Bug, Go to Jail? Valdis . Kletnieks (May 10)