Tech Support banner

Status
Not open for further replies.
1 - 5 of 5 Posts

·
Registered
Joined
·
1,481 Posts
Discussion Starter #1
Bush Advisor Tells Hackers to Have a go at Hacking Software



By
Wednesday, July 31 @ 20:26:22 PDT


An adviser to President Bush encouraged top computer security professionals and hackers Wednesday to try to break computer programs, offering to support and protect good-faith researchers from the legal wrath of software makers.

RICHARD CLARK, Bush’s computer security adviser, told hackers at the Black Hat conference that most security holes in software are not found by the software makers but by independent users.

“Until we have a better, proven track record with the wireless (networks), we all should shut them off until the technology gets better,” Clarke said.

http://www.msnbc.com/news/788216.asp?0dm=C16LT


and check out
http://www.netstumbler.com/
 

·
Registered
Joined
·
1,481 Posts
Discussion Starter #2
HP hasnt read the above post

HP threatens to enforce DMCA

This week, Hewlett-Packard threatened to take legal action against a group of security researchers who found and reported a very serious security hole in Tru64, HP's 64-bit version of UNIX.

The hole is a doozy: a buffer overflow vulnerability in the critical "su" command, which allows users to assume "superuser" privileges. According to the researchers, it is quite easy for any user of HP's operating system to gain administrative privileges in a flash. They demonstrated just how easy it was for any user to take control of the system via a tiny snippet of code less than one typewritten page in length.

Alas, instead of responding with thanks and rushing to disseminate a patch, HP threatened to sue the researchers for violation of the Digital Millennium Copyright Act, or DMCA. It is unclear whether this highly controversial law, which prohibits defeating copy protection, was actually violated. However, the company's threat to use the law as a club against consumer disclosure -- and to bring criminal charges against researchers for sounding a much needed alarm bell -- provoked much anger in the computer security community. HP, contacted by ExtremeTech regarding its threat, refused to state whether it would pursue a policy of threatening security researchers in the future. "It is company policy policy [sic] not to comment on potential litigation," wrote HP spokesperson Elizabeth Phillips.

This incident is not the only one in which Hewlett-Packard has voiced support for the DMCA -- a law which is claimed by civil libertarians and others to suppress free speech and destroy the public's right to fair use of digital content. (The same law used by the record industry to threaten Princeton University researcher Edward Felten when he was too successful at solving their "Secure Digital Music Initiative" (SDMI) copy-protection challenge.) HP employee Bruce Perens, an advocate of open source software, was recently prohibited by HP from demonstrating the use of a region-free DVD player -- an act which is technically a violation of the DMCA even though millions do it daily. (Several countries outside the US, including Australia, have condemned region locking of DVDs as unlawful restraint of trade and/or a method of price fixing.) While he might simply have given the demonstration on his own time, making it clear that he was not acting as a representative of HP, the company cowed the normally outspoken Perens, who often claims that he works for HP but does not necessarily represent the corporation's viewpoints, into dropping his plans. One lawyer (see last link below) has gone as far as to claim that the organizers of the conference at which Perens spoke could have been subject to criminal penalties if Perens had attempted to exercise his right to free speech by giving the demonstration.

FOR FURTHER READING
http://www.extremetech.com/article2/0,3973,429551,00.asp

HP's threatening letter (Politechbot)
HP uses DMCA club to thwap computer security researchers (Politechbot)
An explanation of the bug (Securityfocus)
A demonstration of the vulnerability (SnoSoft)
HP invokes DMCA to quash Tru64 bug report (The Register)
Music industry threats stifle research presentation (USA Today)
Flak Over Hack Hushes Talk (Wired)
 

·
STILL Stuck in a treestand....
Joined
·
929 Posts
Bush Advisor Tells Hackers to Have a go at Hacking Software

I'll bet anyone from this board that there's more than likely some 13 year old out there that has beet them to the punch line on this one.
Bush better watch out that 13 year old might know more than his advisors.:D
 

·
Premium Member
Joined
·
598 Posts
Okay. let me get this straight. A group of researchers finds a major security problem in Tru64. HP does not send their thanks but their lawyer. Good job HP. :rolleyes: I would serve HP right if they were "hacked"
 

·
Registered
Joined
·
1,691 Posts
Bush better watch out that 13 year old
I agree partially with that, while it is usually the young ones causing all the destruction and getting the headlines you have note where they got the program they used to do their damage...chances are they didn't write it themselves or do any real work, they just downloaded the program from a legitimate hacker site and went to work with it.

"Script Kiddies" I cannot stand them:upset: they only know how to download someones else's work and research and use that hard work to cause destruction at another location.

A person with the initials K.M. got busted a long while back, he was nothing but a glorified script kiddie, didn't even know the "basic" programing language but still got the news media coverage because of all the destruction he caused. :knob:

The difference between hackers and script kiddies is knowledge and respect for the system. Hackers have both script kiddies have neither.
 
1 - 5 of 5 Posts
Status
Not open for further replies.
Top