Breaking new laws by quarantining infected (l)users

J. Oquendo sil at infiltrated.net
Tue Jun 19 17:08:16 UTC 2007


Douglas Otis wrote:

> Complacency permitting, and at times even promoting use of known 
> defective products must end.  The era of combining scripts and active 
> code along with every piece of information conveyed must end.  Unless 
> the Internet industry responds effectively, legislators will likely to 
> react in their own futile way.
>

According to a recent article on Wired:

/* SNIP */
It would make it unlawful for anyone to:

"...engage in unfair or deceptive acts or practices in connection
with specified conduct, including: (1) taking unsolicited control
of the computer; (2) modifying computer settings; (3) collecting
personally identifiable information [incl. using keystroke
loggers]; (4) inducing the owner or authorized user to disclose
personally identifiable information; (5) inducing the unsolicited
installation of computer software; and (6) removing or disabling
a security, anti-spyware, or anti-virus technology."

http://blog.wired.com/27bstroke6/2007/06/house_passes_an.html
http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=110_cong_bills&docid=f:h964eh.txt.pdf
/* END SNIP */


Which leaves me wondering... Sometimes in order for someone to
actually install something helpful, one might at times have to
disable certain programs then re-enable them. Looking at the
broad term "modifying computer settings" and "disabling a
security..." one has to wonder whether an overzealous office
running politician would use such a broad law for political
purposes.

Politics aside, reality is reality. This law is beyond broad
in fact taken at face value, any ISP seeking to mitigate a
problem on their network may somewhere down the line break a
law. How can one argue they never were "induced the authorized
owner to disclose their information" to someone say mitigating
security when that person threw them on a "cleanroom vlan".

Trollishness aside, laws are almost always taken at face value
black and white until someone falls victim to an insanely dumb
law and fights back. I'd hate to be scapegoated as an individual
and would hate to see the business I'm working for get a bad
rap for some congressperson's lack of understanding and zeal to
gain higher power.

-- 
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
echo infiltrated.net|sed 's/^/[email protected]/g' 

"Wise men talk because they have something to say;
fools, because they have to say something." -- Plato


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5157 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20070619/f8440634/attachment.bin>


More information about the NANOG mailing list