Hi,

it is important to notice this.
The mentioned german law comes after the similar french law called lcLEN
(aka Fontaines's law).
In 2003-2004, a petition was done against this law, with around 15,000
signatories...
http://www.iris.sgdg.org/actions/len/petition.html

for nothing...

"A new anti-security law was voted yesterday in France, this law called
LEN (loi pour la confiance dans l'économie numérique)":
http://www.securityfocus.com/archive/1/359969

And after that we had the Guillermito's story
"Hacker Indicted In France For Publishing Exploits":
http://slashdot.org/article.pl?sid=04/03/31/1543248
http://constitutionalcode.blogspot.com/2005/01/guillermito-reverse-engin
eering.html

Good luck to our neighbours from Deutschland...
I salute you!
/JA

Steven M. Christey a écrit :
> The n.runs-SA-2007.027 advisory claims code execution through a UPX
> file. This claim is inconsistent with the vendor's statement that
> it's only a "theoretical" DoS:
>
> http://www.sophos.com/support/knowledgebase/article/28407.html
>
> "A corrupt UPX file causes the virus engine to crash and Sophos
> Anti-Virus to return 'unrecoverable error. leading to scanning being
> terminated. It should not be a security threat although repeated
> files could cause a denial of service."
>
> It is unfortunate that Germany's legal landscape prevents n.runs from
> providing conclusive evidence of their claim. This directly affects
> Sophos customers who want to know whether it's "just a DoS" or not.
> Many in the research community know about n.runs and might believe
> their claim, but the typical customer does not know who they are
> (which is one reason why I think the Pwnies were a good idea). So,
> many customers would be more likely to believe the vendor. If the
> n.runs claim is true, then many customers might be less protected than
> they would if German laws did not have the chilling effect they are
> demonstrating.
>
> It should be noted that in 2000, a veritable Who's Who of computer
> security - including Bruce Schneier, Gene Spafford, Matt Bishop, Elias
> Levy, Alan Paller, and other well-known security professionals -
> published a statement of concern about the Council of Europe draft
> treaty on Crime in Cyberspace, which I believe was the predecessor to
> the legal changes that have been happening in Germany:
>
> http://homes.cerias.purdue.edu/~spaf/coe/TREATY_LETTER.html
>
> Amongst many other things, this letter said:
>
> "Signatory states passing legislation to implement the treaty may
> endanger the security of their computer systems, because computer
> users in those countries will not be able to adequately protect
> their computer systems... legislation that criminalizes security
> software development, distribution, and use is counter to that goal,
> as it would adversely impact security practitioners, researchers,
> and educators."
>
> If I recall correctly, we were assured by representatives that such an
> outcome would not occur.
>
> - Steve
0? *?H?÷

 ?0?

10 +0? *?H?÷


 ? 0?ä0?M 
´®?ÖQÀ*x?«XÔ×Ú0
 *?H?÷


0b10 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA0
070618204805Z
080617204805Z0G10UThawte Freemail Member1$0" *?H?÷


jerome.athias (at) free (dot) fr0 [email concealed]?
"0
 *?H?÷



?
0?

?

·»ÈéT?}¯4RõÔ°?{ÊÌ)BÍEbµðP'mW+$!"¨;P`Z?
×æ[éÑs¨"é ?êºHÑ»¥[`ëE?t¼Ú?hû?Wûµõ娢ÛX§ÜÍ­4g"¼úísç?.R(ç3;×Í?z÷,?°<w??»Ñ¼nó¤î?b¢\
6ÃÀ¯ée$^Ôw=Hr
Sò´Þfê%\H´?´Þ쨧??E2jÉ$ÁúeØ{4â¦A6?~k?·??¢?e"i ýÇñ9[? Cö̳ÿʹ¯Àö®ªÊ?{áÃå??5ÍYÌ÷³z·MÉ3

£2000 U0jerome.athias (at) free (dot) fr0 [email concealed]U

ÿ00
 *?H?÷


¼!­?R¢K
é£?6ñ²t4T?Âx×?d?½w܍§ç?VL??¬ÇD+|XÊÃÿ·îú?bÐÕ
fí_ÁÁE
,?à? ­Ó?¶ÝÓ;}ù?w³ßè!)ÃÝbFÔ´Ð
?s?¸0dÍ#bV¬ÒC6æ¸MoF}ùKïêó¥áÐG0?ä0?M 

´®?ÖQÀ*x?«XÔ×Ú0
 *?H?÷


0b10 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA0
070618204805Z
080617204805Z0G10UThawte Freemail Member1$0" *?H?÷


jerome.athias (at) free (dot) fr0 [email concealed]?
"0
 *?H?÷



?
0?

?

·»ÈéT?}¯4RõÔ°?{ÊÌ)BÍEbµðP'mW+$!"¨;P`Z?
×æ[éÑs¨"é ?êºHÑ»¥[`ëE?t¼Ú?hû?Wûµõ娢ÛX§ÜÍ­4g"¼úísç?.R(ç3;×Í?z÷,?°<w??»Ñ¼nó¤î?b¢\
6ÃÀ¯ée$^Ôw=Hr
Sò´Þfê%\H´?´Þ쨧??E2jÉ$ÁúeØ{4â¦A6?~k?·??¢?e"i ýÇñ9[? Cö̳ÿʹ¯Àö®ªÊ?{áÃå??5ÍYÌ÷³z·MÉ3

£2000 U0jerome.athias (at) free (dot) fr0 [email concealed]U

ÿ00
 *?H?÷


¼!­?R¢K
é£?6ñ²t4T?Âx×?d?½w܍§ç?VL??¬ÇD+|XÊÃÿ·îú?bÐÕ
fí_ÁÁE
,?à? ­Ó?¶ÝÓ;}ù?w³ßè!)ÃÝbFÔ´Ð
?s?¸0dÍ#bV¬ÒC6æ¸MoF}ùKïêó¥áÐG0??0?¨ 



0
 *?H?÷


0Ñ10 UZA10UWestern Cape10U Cape Town10U
Thawte Consulting1(0&UCertification Services Division1$0"UThawte Personal Freemail CA1+0) *?H?÷


personal-freemail (at) thawte (dot) com0 [email concealed]
030717000000Z
130716235959Z0b10 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA0?0
 *?H?÷



0?Ä¦<UsUûN¹Ê?ZhÀupßéÿ£ì½Íõ[òv½:aò¿QÎ
ÔåP
0×cZ,?p?ÝÉð+?Zª?qV˯<çñ?6$*Ï+Õó?w=¾+þ»>¿@?dק¦»?eÑÅ*T?H§¶Ñ<
a@dr`·û

£?0?0U

ÿ0

ÿ
0CU<0:08 6 4?2http://crl.tha
wte.com/ThawtePersonalFreemailCA.crl0U
0)U"0 ¤010UPrivateLabel2-1380
 *?H?÷


H?ÑP?ê.Ì
£f¬g¯¬¾Â¡C??L!¸ø6ª-?6/ÀôP ?p<ý­áabÃÙ:~?±?Å?t?%P?bÇÛ'qW%Ý©?9?? Oe_?Ú÷÷?ÖÆN®öê4å[5MwãV!x?Ü!5Þ$±ÓFÿ]_eO1?d0?`

0v0b10 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA´®?ÖQÀ*x?«XÔ×Ú0 + ?
Ã0 *?H?÷

1 *?H?÷


0 *?H?÷

1
070828184338Z0# *?H?÷

1Ñ\
A¤?;ÙÃ@/ ^ÜA* ù0R *?H?÷

1E0C0
*?H?÷
0*?H?÷
?0
*?H?÷

@0+0
*?H?÷

(0? +

?71x0v0b10 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA´®?ÖQÀ*x?«XÔ×Ú0?*?H?÷

1x v0b10 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA´®?ÖQÀ*x?«XÔ×Ú0
 *?H?÷



?
$û«¦]'lQã؍xø7êâJE??ã???÷ʸz¦Q¹á?n?î§~ݬ.Qu?¿tèp5oç¹Ï'
Ë(ÓVA½9?$ô®þo"?ÜÖN:,º<ÊØ?ÕÕhiBµ#àFs·ó9B0?ú?[2 Äî@»S|píÝ¢#?JM%5Òe%>©À»M£Ýö?=)jFïÜZ¨?N"?·ÕE?ü4VöʶÍÁpi7°L>Ô??*
Ú9îāGõf-üØ?R_?keWg'ðb?ÚV;'^8_>ë5º%"}à[÷?\HW²Æ?c
¹Õ?YÀ¼äî?

[ reply ]