, 2002-03-28
The Good Samaritan defence, invoked by hackers like Adrian Lamo, can too easily be distorted by those with less altruistic intentions.
Expand all |
Post comment
Beware the Kindness of Strangers: The Case Against Good Samaritan Hackers
2002-03-28
Anonymous (1 replies)
Anonymous (1 replies)
Beware the Kindness of Strangers: The Case Against Good Samaritan Hackers
2002-04-03
Anonymous (1 replies)
Anonymous (1 replies)
Beware the Kindness of Strangers: The Case Against Good Samaritan Hackers
2002-03-28
Anonymous (8 replies)
Anonymous (8 replies)
Beware the Kindness of Strangers: The Case Against Good Samaritan Hackers
2002-03-29
Rick Forno (1 replies)
Rick Forno (1 replies)
so next time i mistype an url...
2002-03-29
Anonymous (3 replies)
Anonymous (3 replies)
Beware the Kindness of Strangers: The Case Against Good Samaritan Hackers
2002-03-29
In Response to the Anonymous Above
In Response to the Anonymous Above
Beware the Kindness of Strangers: The Case Against Good Samaritan Hackers
2002-03-29
Anonymous (1 replies)
Anonymous (1 replies)
Beware the Kindness of Strangers: The Case Against Good Samaritan Hackers
2002-04-01
Steve (2 replies)
Steve (2 replies)
Beware the Kindness of Strangers: The Case Against Good Samaritan Hackers
2002-04-01
William W. Bishop
William W. Bishop
The question is simple, but the answer may be complicated, and becoming more so.
2002-04-01
Anonymous
Anonymous
The first four letters of analogy. . . .
2002-04-01
Ira Wing (2 replies)
Ira Wing (2 replies)
Beware the Kindness of Strangers: The Case Against Good Samaritan Hackers
2002-04-03
Andy Schmitt (kphrakNO@worldofschmittSPAM.ALLOWEDcom) (1 replies)
Andy Schmitt (kphrakNO@worldofschmittSPAM.ALLOWEDcom) (1 replies)
Beware the Kindness of Strangers: The Case Against Good Samaritan Hackers
2002-04-08
Anonymous (1 replies)
Anonymous (1 replies)
Beware the Kindness of Strangers: The Case Against Good Samaritan Hackers
2002-04-10
Anonymous (1 replies)
Anonymous (1 replies)
Beware the Kindness of Strangers: The Case Against Good Samaritan Hackers
2002-04-14
gil@ateliermobile.de
gil@ateliermobile.de
Automated vulnerability scanners may not be used.
Information found on potentially vulnerable systems/networks may never be deleted or modified. Information may be added if it is necessary to demonstrate a vulnerability, but added information should be easily identifiable as bogus.
Unless you are reasonably sure what side effects an action might cause, don't do it.
Potential security problems should be reported as soon as you are convinced they exist.
When contacting system owners/operators, use your real name and a valid method to contact you (e.g. email address).
If asked, answer all questions from the system owner/operators about the vulnerability, how you discovered it, and how to secure it (if known.) However, you do not need to educate the clueless, provide follow-up testing, or reveal any other information about yourself.
If asked, do not reveal the vulnerability to any third party, even after it has been fixed.
Never accept money, goods or services, job offers, french fries, or *anything of value* from affected system owner/operators in return for your actions.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/70/11498#11498