+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 34
How do you do....it? Thread, Hackers, Crackers and other wise little Slackers... in Technical; Well, the Head of Year responsible for the student is (hopefully) going to give the student in question a good ...
  1. #16

    tmcd35's Avatar
    Join Date
    Jul 2005
    Location
    Norfolk
    Posts
    5,614
    Thank Post
    845
    Thanked 880 Times in 730 Posts
    Blog Entries
    9
    Rep Power
    326
    Well, the Head of Year responsible for the student is (hopefully) going to give the student in question a good scare. I've printed off the relevant sections of the Police and Justice Act 2006 and given them to him. Section 37 of Chapter 47 is the most interesting. It's an offense just to obtain the software with intent of using it on a network without permission let alone actually plug the HD in to the school network and boot it up!

    I've got a meeting with my line manager in the next few minutes were the subject will come up. I'm still toying with the idea of some after school activity for those interested after Christmas.

    Now for a more interesting question, are the developers of Back Track 3 in breach of section 37, chapter 48 of the Police and Justice Act 2006 for making this software available for download?

  2. #17
    somabc's Avatar
    Join Date
    Oct 2007
    Location
    London
    Posts
    2,337
    Thank Post
    83
    Thanked 388 Times in 258 Posts
    Rep Power
    111
    Quote Originally Posted by tmcd35 View Post
    Now for a more interesting question, are the developers of Back Track 3 in breach of section 37, chapter 48 of the Police and Justice Act 2006 for making this software available for download?
    As they are not in the UK I think they won't care if they are.

  3. #18

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,616
    Thank Post
    514
    Thanked 2,441 Times in 1,889 Posts
    Blog Entries
    24
    Rep Power
    831
    Quote Originally Posted by tmcd35 View Post
    Now for a more interesting question, are the developers of Back Track 3 in breach of section 37, chapter 48 of the Police and Justice Act 2006 for making this software available for download?
    Back Track is released as a security suite - not a hacking suite. Just because it can be used for bad things, doesn't mean it always will be...

  4. #19

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,512
    Thank Post
    1,320
    Thanked 469 Times in 306 Posts
    Blog Entries
    6
    Rep Power
    199
    did some law not just get passed here that using security tools is now illegal? Im sure I read that somewhere, I will have a look for the source.

  5. #20

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,512
    Thank Post
    1,320
    Thanked 469 Times in 306 Posts
    Blog Entries
    6
    Rep Power
    199

  6. #21

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,616
    Thank Post
    514
    Thanked 2,441 Times in 1,889 Posts
    Blog Entries
    24
    Rep Power
    831
    I think that that law is suitably vague as to allow for people to use the defense of them being legitimate network security tools. For example, Nmap, Ping or even simply Windows XP could be said to fall within the remit of that law, so a judge would be forced to draw a line as to what would actually be the purpose of the law.

    If a court case ended up causing issues, it can always end up referring back to Hansard, where the intent is clearly outlined.

  7. #22

    Join Date
    Mar 2008
    Location
    Surrey
    Posts
    2,168
    Thank Post
    98
    Thanked 319 Times in 261 Posts
    Blog Entries
    4
    Rep Power
    112
    Its all about the intent, otherwise they'd no longer be able to run CEH courses in this country and penetration testing would be illegal itself.

  8. #23

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,616
    Thank Post
    514
    Thanked 2,441 Times in 1,889 Posts
    Blog Entries
    24
    Rep Power
    831
    Quote Originally Posted by jamesb View Post
    Its all about the intent, otherwise they'd no longer be able to run CEH courses in this country and penetration testing would be illegal itself.
    'Intent' under the eyes of the law doesn't mean the same as normal usage though... Intent in law means 'knowing, or likely to know that the action could be, or would be, used for' whatever that particular law is referring to (this was told to me by various legal professionals, including a solicitor, barrister and a magistrate).

    So, really, it is one giant grey area - as with much of the law in the UK.

  9. #24

    tmcd35's Avatar
    Join Date
    Jul 2005
    Location
    Norfolk
    Posts
    5,614
    Thank Post
    845
    Thanked 880 Times in 730 Posts
    Blog Entries
    9
    Rep Power
    326
    Back Track is released as a security suite - not a hacking suite. Just because it can be used for bad things, doesn't mean it always will be...
    With a url of 'remote-exploit.org' and a previous release name of 'WHAX'. I can't help get the feeling of being released under the guise of a security suite. Just because it's designed for bad things, doesn't mean it can't be used for good?

    As they are not in the UK I think they won't care if they are.
    My understanding is the penalty was set at two years so offenders could be liable for extradition? Don't know how that could play out though...

    'Intent' under the eyes of the law doesn't mean the same as normal usage though... Intent in law means 'knowing, or likely to know that the action could be, or would be, used for' whatever that particular law is referring to
    And this is why I think it's an interesting question. My reading of the law in question is that they are making this distribution freely available knowing that it could be used to commit acts under previous sections of the Act. Thus they fall fail of the law. If it is supposed to be a security package rather than a hacking tool should they not provide some kind of control as to who can download the software?


    It just struck me when I was researching the law in this area, to pass the correct details to the head for this case, that it's easy for a group of individuals - such as those maintaining this release - to unwittingly commit an offense under that section of the law.

    Could it be argued that by making the software freely available and easily downloadable from the net that authors of such software as 'ping' are now committing an offense?

  10. #25

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,616
    Thank Post
    514
    Thanked 2,441 Times in 1,889 Posts
    Blog Entries
    24
    Rep Power
    831
    Quote Originally Posted by tmcd35 View Post
    Could it be argued that by making the software freely available and easily downloadable from the net that authors of such software as 'ping' are now committing an offense?
    But where do you draw the line? Microsoft release Windows knowing it can and will be used for criminal acts. Do they fall foul of the law too?

  11. #26

    tmcd35's Avatar
    Join Date
    Jul 2005
    Location
    Norfolk
    Posts
    5,614
    Thank Post
    845
    Thanked 880 Times in 730 Posts
    Blog Entries
    9
    Rep Power
    326
    This is what makes british law such an interesting area! The fact is, until there are a few test cases to clarify the intent of the law it's open to argument. The great thing with our legal system is that ultimately it comes down to how to opposing lawyers, 12 individuals (possibly) and a judge interprets parliaments intent when the bill was passed.

    Most laws are written in a language that means you and I can argue till the cows come home over opposing interpretations of any given Act.

    But to answer your question...Yes! MicroSoft are guilty! If only because releasing Windows is a criminal act in itself

  12. #27

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,328
    Thank Post
    622
    Thanked 1,578 Times in 1,415 Posts
    Rep Power
    413
    I missed the mention of BackTrack3 in the thread earlier but I just downloaded the iso of it yesterday after seeing some video of it and it's awesome.

    If anyone you know runs wep which I hope is not the case get them to change it

    Ben

  13. #28

    Theblacksheep's Avatar
    Join Date
    Feb 2008
    Location
    In a house.
    Posts
    1,931
    Thank Post
    138
    Thanked 290 Times in 210 Posts
    Rep Power
    193
    Quote Originally Posted by plexer View Post
    If anyone you know runs wep which I hope is not the case get them to change it
    Powerfull stuff.

    At the Kent E-Safety conference (waste of time a money) at the Kent police Academy, the police were talking about security and I noticed their wireless was WEP!

  14. #29
    mrcrazy04's Avatar
    Join Date
    Nov 2006
    Location
    Bedfordshire/Cheltenham, UK
    Posts
    258
    Thank Post
    2
    Thanked 11 Times in 11 Posts
    Rep Power
    17
    With regard to alternative methods - Pete Wood from First Base Technologies is a pretty good speaker on Penetration Testing - the stories he can tell! Not sure how much he charges though.
    First Base Technologies
    I'd also look at getting someone from the police in - not sure if you'd find anybody with enough of a technical background to answer some questions or give a good talk on it - and somebody who wasn't too sure on what they were talking about could have a negative effect.
    Forces are supposed to have an e-crime unit though.

  15. #30

    Join Date
    Mar 2008
    Location
    Surrey
    Posts
    2,168
    Thank Post
    98
    Thanked 319 Times in 261 Posts
    Blog Entries
    4
    Rep Power
    112
    Quote Originally Posted by plexer View Post
    I missed the mention of BackTrack3 in the thread earlier but I just downloaded the iso of it yesterday after seeing some video of it and it's awesome.

    If anyone you know runs wep which I hope is not the case get them to change it

    Ben
    If you really want to see it at its best, get one of the original EEE PCs with the seven inch screen, load it onto an SD card and boot. Get it set up however you want, then make the boot partition read-only. Absolutely beautiful to play with.Fifteen second boot, decent speeds, and all in a package that can fit in your coat pocket (mine anyway, you may have smaller coats).

SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. chinese hackers
    By maark in forum Wireless Networks
    Replies: 1
    Last Post: 5th January 2009, 05:05 PM
  2. Sherston World Wise
    By the_one_that_cant in forum Educational Software
    Replies: 0
    Last Post: 2nd December 2008, 11:20 AM
  3. Help me using WISE Please
    By Athlona in forum General Chat
    Replies: 4
    Last Post: 6th March 2008, 02:06 PM
  4. Which version of wise package studio?
    By nicholab in forum Educational Software
    Replies: 2
    Last Post: 28th November 2007, 09:07 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •