[ cc: FD ] On Thursday 27 May 2004 15:18, you wrote: > Maarten - > This letter I wrote is relevant to your point also. It offers a > scenario in which the code is acquired legally. > > To be sure I am not really that concerned with Cisco's code one way > or the other. I AM concerned with police prosecuting folks who they > find with other forbidden content on their PCs and who are unaware > (perhaps willfully so) of the possibility that this content might > be there due to someone's action other than the machine owner (or > perhaps family thereof).
Yes, I know. There was a slashdot article on that topic a few weeks back. > I'd have thought security folks would know very well that content can > be placed on your box due to mistake, due to worms, due to channels > like usenet or p2p...but the discussion here seems to reenforce the > police perception that content only gets somewhere because the owner > did something to put it there. Every time my mail agent opens a spam > picture (they don't give us freedom to choose decent mail agents > here and I've tried to turn off html mail without any luck so far), > I worry this might happen. Yet we have police complaining that these > considerations make it hard to prosecute people. (They apparently > would prefer never to bring up the possibility.) Yeah... difficult subject indeed. My guess is, it will eventually lead to a "better world" as legislative forces and consumers and softwaremakers will wake up what consequences use of dubious (in all possible aspects) software can have on their lives / sales / bottom line. For now, I just worry about my own problems. I take all possible precautions, so I do sleep fine. Note that if you came into possession of something but there is no evidence of a worm uploading that stuff, you'd probably still be screwed. Let's say they find you have all manuscipts of Stephen King in your possession. Would you be successful in argueing that you got that through spyware ? I think not. Meanwhile, your point tends to get a little offtopic, if only for the fact that the OP asked for [a place to find] the code. Whatever happens after that, if he later receives the code 'by miracle' he will still be unable to convince a court he did not actively sollicit it. It's akin to asking around for poison: from then on you better pray your wife doesn't suddenly die. Cause if she does, you'd be prime suspect number One, with sugar on top... Anyway, why are we discussing this off-list ? It's not like its highly sensitive, or uninteresting or something...? > By pointing out that this assumption is false I have been hoping to do > my bit for civil liberties. I'm ambiguous. I certainly do not want somebody falsely convicted, but it would not be pleasant either if every collector of kiddieporn could get away with "Yes your Honor, spyware did this to me. It put 60 GB of junk on my system unbeknownst to me, sorted and renamed it and started Nero to burn CDroms of it. It also sent email in my name and chatted on IRC, it was obviously highly intelligent neural net type stuff. I wasn't aware of any of this until you guys came knocking down my door. Please, your honor..." Oh well. It's not like people do not get away with murder sometimes, or get convicted innocent. And I guess the digital world is no exception... Just a last remark on the Cisco code thingy: Where I live (the Netherlands) there is someting like "a reasonable suspicion of stolen goods". It works something like this. If you buy a laptop off of someone -let's say a spanking brand new Dell or so- for just 100 euros, you _know_ in your heart that it must have been stolen cause it's way too cheap. A Dutch court then WILL convict you for fencing. In other words, you don't have to know for a fact that something is stolen. If something is too good to be true, it is enough evidence for the courts to convict you. That's an eyeopener, huh ? I guess your legal system works differently, but just be aware that not all courts in the world are naive when it comes down to proving stuff. So, in case a dutch resident was found in possession of the Cisco code, they would try to find proof you knew it was stolen (media, online, etc.) If they can prove that you knew, (and prove that you knew you had it) you're fscked. Greetings, Maarten -- Yes of course I'm sure it's the red cable. I guarante[^%!/+)F#0c|'NO CARRIER _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html