Language Selection

English French German Italian Portuguese Spanish

Security Research and Computer Crime - Where do we Draw the Line?

Filed under
Legal

This is interesting - the case of Eric McCarty, a security researcher and sysadmin charged by Federal prosecutors last month with "knowingly having transmitted a code or command to intentionally cause damage" to the University of Southern California's applicant website (I noticed the FBI press release uses the word "sequel" instead of SQL. I hope that wording didn't come from the complaint itself...).

Apparently, McCarty exploited a SQL injection flaw to access student data (which included social security numbers and dates of birth) in the database backing USC's website. He then notified SecurityFocus via email, who notified USC of the vulnerability. USC shut their site down for two weeks while it was being fixed (my guess is the "damage" comes from the fact that USC had to take their applicant website offline, since McCarty didn't do anything malicious with the information). Here is the text of the statute he is alleged to have violated (see section (5)(A)(Sleepy).

The case, and others like it, show the ethical conflict involved in some computer crime prosecutions.

Full Story.

More in Tux Machines

Open-source project promises easy-to-use encryption for email, instant messaging and more

Called "Pretty Easy Privacy" (PEP), the project's goal is to integrate the technology with existing communication tools on different desktop and mobile platforms. The development team launched a preview PEP implementation Monday for the Microsoft Outlook email client, but plans to build similar products to encrypt communications in Android, iOS, Firefox OS, Thunderbird, Apple Mail, Jabber, IRC (Internet Relay Chat), WhatsApp, Facebook Messenger, Snapchat and Twitter. Read more

Samsung Open Source Group’s Linux Kernel Updates and More from LinuxCon

This year's LinuxCon & Kernel Summit North America were notable for several reasons, not the least of which included being able to see the scenic views of downtown Chicago through the hotel lobby windows! Below, the Samsung Open Source Group will share our top highlights of the conferences, as well as look forward to what we can expect from LinuxCon Europe next month in Germany. Read more

Open source all the tasks

During the rise of Windows, I was using a desktop composed of a Conectiva Linux (now Mandriva), a window manager called Window Maker, and a Netscape browser. I connected to the Internet using my modem and PPP. Not bad for those who like alternatives. It so happens that at that time the maturity of the software we were using freely and openly was questionable. Furthermore, we didn't have a lot of options when it came to the tools we used to perform our daily tasks. Recently, I was invited to talk at the Firebird Developers Day about Firebird. Firebird is a completely mature open source database management system and is used by companies worldwide. My presentation was about the launch of the FireServer Project, previously covered on Opensource.com: Migration to open source tool inspires new Linux distributiont. It's a Linux distribution based on CentOS and dedicated exclusively to providing a high performance environment to a Firebird database server. It also boasts an ecosystem of value-added services. Read more

Petition Started for 64-bit and Linux Support on Intel Atom Bay Trail Tablets

The Intel Atom Bay Trail tablets have been out for a few months already, but none of the hardware vendors is providing 64-bit firmware builds for them, which means that you can't install any Linux distros. Read more