Okay it is time for me to exit (chicken out!!!). Sorry again, for getting
into this. I wish I could get Anthony to pour in couple Kegs of beer on his
head, no offence please Anthony, I still think you brought up an interesting
topic here. Iâm not certainly in a position to evaluate the whole discussion
âŚ
In most (british derived) laws two things are very interesting â
-
Unless one is proved guilty, (s)he is innocent.
-
Igorance of law, is presummed to be a fault of the ignorant.
Others I dont remember.
No. 1 is very enticing for layman. No 2. is very dangerous for everyone.
Now comes the experts to turn and twist indivdual cases, try to correlate
with privious case, and hundreds of hundreds of clues and others to prove
(1). But that does not preclude to start the mess. HE STARTED THE MESS, HE
MIGHT VERY WELL BE OUT ON THE FREE.
But the mess he is in might be just because of the two aboveâŚ
Iâm exiting as per James Antogniniâs logic.
-prokash
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Bill McKenzie
Sent: Thursday, August 21, 2003 10:26 AM
To: Windows System Software Developers Interest List
Subject: [ntdev] Re: Security vs. obscurity (Was: Re: Regmon(a new puz
zle))
Agreed we donât have all the facts, so itâs hard to say.
I will say this, the guyâs motivation really should have no bearing on the
facts from what I can see, but they obviously did in this court. If they
wanted to charge him with entering Tornadoâs servers without permission or
something like that okay, but charging him for whistle blowing, regardless
of any vendetta or hopes for personal gain, is not a good idea in my
opinion. Had he not told the company of the problem and given them 6 months
to fix it, then I believe it would be an entirely different matter. As it
stands, they should have fixed a known security hole faster than that and
they got what they had coming because they didnât.
But I, unlike some here, am not a lawyer. So, I will defer to those more
qualified.
â
Bill McKenzie
Compuware Corporation
Watch your IRPs/IRBs/URBs/SRBs/NDIS pkts with our free WDMSniffer tool:
http://frontline.compuware.com/nashua/patches/utility.htm
âChuck Batsonâ wrote in message news:xxxxx@ntdevâŚ
>
> > I think throwing this guy in jail for 16 months means that Tornado had
> > better lawyers than he did, because the technical grounds are weak in
> the
> > extreme. I am not clear on how he obtained the customer list, and for
> that
> > he could and probably should have prosecuted, but for letting people
> know
> > of a problem he had given his former employer AMPLE opportunity to
> > fix?? That is a really really bad precedent to set.
>
> You have to admit, in this case his particular choice of method sounds
> rather vendetta-like. I question his means. Although he may have (at
> first) been primarily concerned with the security of customersâ
> accounts, it sound like his motives for doing what he did became more
> personal toward the end. Was there not any better way for him to act in
> the best interest of the at-risk users? In any case, we donât have all
> the facts, so itâs hard to say.
>
> Chuck
>
>
>
>
â
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@vormetric.com
To unsubscribe send a blank email to xxxxx@lists.osr.com