[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [FD] Legal Threats and Investigation
From:       Trey Ford <trey () desonnaille ! com>
Date:       2014-07-31 22:54:26
Message-ID: CAKG5KgxJVT-RELrVky1y1oEpig8nJ8-3aoD5MRoMimwoJ6jBTQ () mail ! gmail ! com
[Download RAW message or body]

Hey FD-List,

I'm writing with a slightly unorthodox request. I'm looking for security
researchers that have had a brush with the CFAA (Computer Fraud and Abuse
Act). I'm confident that many of you have faced legal threats at some point
or another in your work and play – and I'd like to hear about it.

More specifically, threats made under CFAA and other hacking related laws
can carry civil or criminal terms. (
http://litigation.findlaw.com/filing-a-lawsuit/civil-cases-vs-criminal-cases-key-differences.html)
In my time at Black Hat I heard more about civil threats than criminal –
and now I'm interested in learning more about people that have faced
prosecution or investigation on the criminal side.

What is obvious to our community is that legal threats of almost any kind
force us to ask the question, "Is this work really worth doing?" I don't
know too many of my industry friends that I think would fare well in the
clink.

It is experiences like this that highlight the lack of understanding around
the work we do as an industry, and the value of security research. It also
brings focus to a lack of consistency and transparency in what people
consider "bona fide" research.  I am confident that learning more about
examples that were considered worth investigating will help us challenge
assumptions and highlight the value of those research efforts.

If you have a story, we want to hear it… and if you would prefer to stay
anonymous, that's completely fine.

Please – respond to me directly via email.

Warmly,
~trey ford

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic