Updated: 24.11.2002; 13:08:02 Uhr.
disLEXia
lies, laws, legal research, crime and the internet
        

Saturday, August 25, 2001

Follow-up on Oklahoma whistleblower

Sheldon Sperling , the U.S. Attorney in the Brian K. West case, has responded to various e-mail protests on his handling of the case. He claims that West was not arrested and has not been charged. However, an investigation is pending, to determine whether West "intentionally accessed a computer without authorization or exceeded authorized access (to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter), (2) whether the employee thereby obtained information from a protected computer (a computer which is used in interstate or foreign commerce or communication), and (3) whether the conduct involved an interstate communication. 18 USC 1030." [The full statement from Sperling is included in a message from Declan McCullagh, which is accessible at http://www.politechbot.com/ .]

I have noted in this space before that when there is no security in place, the alleged culprit cannot have exceeded authority when no authority is implied. As long-time RISKS readers will recall, this issue came up relating to the trial of Robert Tappan Morris: in 1988, the Internet worm never exceeded authority, because no authority was required to use the sendmail debug option, to use the .rhosts mechanism, to execute the finger daemon, or to read an unprotected encrypted password file. I wonder how if prosecutors will ever figure this out!

As long as we attempt to shoot the messenger and hide lame security behind overly broad laws, weak security will prevail, and whistleblowers will be much rarer than glassblowers. (For example, DMCA is among other things an attempt to outlaw whistleblowers.) ["Peter G. Neumann" via risks-digest Volume 21, Issue 62]
0:00 # G!

Air Force officer mails confidential information to all cadets

AP reports that an Air Force Academy officer accidentally sent confidential information about some 40 cadets to all 4400 cadets at the school. The mail in question contained details of past and pending disciplinary issues, including the identity of confidential informants in some cases. The information in question was reportedly protected by federal law, and officials subsequently ordered cadets to delete the letters.

http://www0.mercurycenter.com/breaking/docs/044576.htm [Jim Griffith via risks-digest Volume 21, Issue 62]
0:00 # G!


Maximillian Dornseif, 2002.
 
August 2001
Sun Mon Tue Wed Thu Fri Sat
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31  
Jul   Sep
Search
about this disLEXia thing
presentations
scientific publications
logner Texts
my old homepage
categories in this weblog
Subsections of this WebLog
bloging by me
german language content
hacks
computer investigations
computer incidents
going to court
events and conferences
statistics and the like
privacy
main page

Subscribe to "disLEXia" in Radio UserLand.

Click to see the XML version of this web page.

Click here to send an email to the editor of this weblog.