Language Selection

English French German Italian Portuguese Spanish

Security Research and Computer Crime - Where do we Draw the Line?

Filed under
Legal

This is interesting - the case of Eric McCarty, a security researcher and sysadmin charged by Federal prosecutors last month with "knowingly having transmitted a code or command to intentionally cause damage" to the University of Southern California's applicant website (I noticed the FBI press release uses the word "sequel" instead of SQL. I hope that wording didn't come from the complaint itself...).

Apparently, McCarty exploited a SQL injection flaw to access student data (which included social security numbers and dates of birth) in the database backing USC's website. He then notified SecurityFocus via email, who notified USC of the vulnerability. USC shut their site down for two weeks while it was being fixed (my guess is the "damage" comes from the fact that USC had to take their applicant website offline, since McCarty didn't do anything malicious with the information). Here is the text of the statute he is alleged to have violated (see section (5)(A)(Sleepy).

The case, and others like it, show the ethical conflict involved in some computer crime prosecutions.

Full Story.

More in Tux Machines

Leftovers: Gaming

today's howtos

Leftovers: Software

Intel Beignet Is Working Out Surprisingly Well For OpenCL On Linux

Beignet is the project out of Intel's Open-Source Technology Center for exposing GPGPU/compute capabilities out of Ivy Bridge hardware and newer when using a fully open-source Linux stack. While Beignet differs greatly from Gallium3D's Clover state tracker, this Intel-specific open-source OpenCL implementation is working out quite well for Ubuntu Linux. While I've been writing about Intel's Beignet project since early 2013, it's probably been about a year now since I tried out the code, which is developed by Intel's OTC graphics team in China. This weekend I tried out Beignet v0.9.2 as trying out the newest Intel OpenCL code has been on my TODO list for a while and it's been working out rather well in my initial tests. Read more