Language Selection

English French German Italian Portuguese Spanish

Security Research and Computer Crime - Where do we Draw the Line?

Filed under
Legal

This is interesting - the case of Eric McCarty, a security researcher and sysadmin charged by Federal prosecutors last month with "knowingly having transmitted a code or command to intentionally cause damage" to the University of Southern California's applicant website (I noticed the FBI press release uses the word "sequel" instead of SQL. I hope that wording didn't come from the complaint itself...).

Apparently, McCarty exploited a SQL injection flaw to access student data (which included social security numbers and dates of birth) in the database backing USC's website. He then notified SecurityFocus via email, who notified USC of the vulnerability. USC shut their site down for two weeks while it was being fixed (my guess is the "damage" comes from the fact that USC had to take their applicant website offline, since McCarty didn't do anything malicious with the information). Here is the text of the statute he is alleged to have violated (see section (5)(A)(Sleepy).

The case, and others like it, show the ethical conflict involved in some computer crime prosecutions.

Full Story.

More in Tux Machines

Linux 4.8.14

Turns out I'm going to be on a very long flight early tomorrow morning, so I figured it would be good to get this kernel out now, instead of delaying it by an extra day. So, I'm announcing the release of the 4.8.14 kernel. All users of the 4.8 kernel series must upgrade. The updated 4.8.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.8.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-st... Read more Also: Linux 4.4.38 Linux Kernel 4.8.14 Hits the Streets with Numerous Networking Improvements, More

An Everyday Linux User Review Of Zorin 12

This version of Zorin is a great step forward. It has a renewed sense of purpose and stands out in its own right as a decent Linux distribution. I think Zorin should follow Mint's lead and stick with aligning itself to the Ubuntu LTS release. This gives the developers more time to push it along at their own pace. All in all a decent alternative to Linux Mint and Ubuntu. Read more