<<< Date Index >>>     <<< Thread Index >>>

Re: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France



In-Reply-To: <81637804AB36A644BBDE3ED9DD4E73FDC94B22@xxxxxxxxxxxxxxxxxxx>

well ! this story is just a beta version of the new french liberticide law wich 
will come into effect very soon (next week).

France became a pseudo-monarchical-democracy, where the laws are made without 
requiring the opinion of the concerned people.

The article 323-3-1 of this "Law" will prohibit publication of any vuln. 
technical details, any proof of concept and any exploit. 

We can see that "searching & finding vulnerabilties" is/and will be a crime !

The legislators forgot that finding vulnerabilties and publishing exploits is 
not the cause of the problem, it's just a consequence of the insecurity.

They want to show reality as they wish it, and not as it exists ...

God bless (in)security and god bless (in)liberty !

Bekrar Chaouki - Security Consultant
http://www.k-otik.com


>Received: (qmail 11436 invoked from network); 31 Mar 2004 22:12:32 -0000
>Received: from outgoing3.securityfocus.com (205.206.231.27)
>  by mail.securityfocus.com with SMTP; 31 Mar 2004 22:12:32 -0000
>Received: from lists2.securityfocus.com (lists2.securityfocus.com 
>[205.206.231.20])
>       by outgoing3.securityfocus.com (Postfix) with QMQP
>       id 69B15A3C45; Wed, 31 Mar 2004 15:03:09 -0700 (MST)
>Mailing-List: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
>Precedence: bulk
>List-Id: <bugtraq.list-id.securityfocus.com>
>List-Post: <mailto:bugtraq@xxxxxxxxxxxxxxxxx>
>List-Help: <mailto:bugtraq-help@xxxxxxxxxxxxxxxxx>
>List-Unsubscribe: <mailto:bugtraq-unsubscribe@xxxxxxxxxxxxxxxxx>
>List-Subscribe: <mailto:bugtraq-subscribe@xxxxxxxxxxxxxxxxx>
>Delivered-To: mailing list bugtraq@xxxxxxxxxxxxxxxxx
>Delivered-To: moderator for bugtraq@xxxxxxxxxxxxxxxxx
>Received: (qmail 28325 invoked from network); 31 Mar 2004 14:06:37 -0000
>X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0
>Content-class: urn:content-classes:message
>MIME-Version: 1.0
>Content-Type: text/plain;
>       charset="us-ascii"
>Content-Transfer-Encoding: quoted-printable
>Subject: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France
>Date: Wed, 31 Mar 2004 12:20:39 -0800
>Message-ID: <81637804AB36A644BBDE3ED9DD4E73FDC94B22@xxxxxxxxxxxxxxxxxxx>
>X-MS-Has-Attach: 
>X-MS-TNEF-Correlator: 
>Thread-Topic: Bugfinder Being Indicted As Criminal ("Counterfeiter") in France
>Thread-Index: AcQXXaIuxPoBesWyT3SJ6PLz7USnzQ==
>From: "Drew Copley" <dcopley@xxxxxxxx>
>To: <bugtraq@xxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
>
>http://www.guillermito2.net/archives/2004_03_25e.html
>
>[thanks to AJ 'Effin' Reznor]
>
>[Disclaimer: I don't know who has seen this already, and I do not
>pretend to know the full facts of the case. -- Drew ]
>
>Excerpt:
>
>It's quite interesting to discover, from the inside, how the french
>justice system works. I'm back from Paris. I've just been indicted and
>charged of distributing programs that violated Intellectual Property
>rights (literally translated, it's "counterfeiting and concealment of
>counterfeiting"). Maximum punishment for these charges are two years in
>jail and a fine of 150.000 euros. I'm not yet judged guilty or innocent,
>but I already had to pay around two or three thousands dollars for two
>trips to Paris (I live in Boston, MA, USA), plane tickets, and lawyer
>fees. I already talked about my story here (in french).
>
>...
>
> In march 2002, I published on my website a long analysis about this
>software. This webpage showed how the program worked, demonstrated a few
>security flaws, and some tests with real viruses. I showed that, unlike
>the advertizing claimed, this software didn't detect and stopped "100%
>of viruses". So, nothing really extraordinary. The company first reacted
>in a weird way: they denounced me publicly as a "terrorist", probably a
>nice attempt to make me change my mind. Later on, they filed a formal
>complaint against me in a Paris tribunal.=20
>
>...
>
>
>