[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cybercrime treaty



> I've seen some remote buffer overflow exploits that assume that a
> small program has already been created on the target machine, which
> could conceivably allow admins to test their own systems, and
> researchers to analyze the nature of the vulnerability, without giving
> script kiddies a free shell.  The question is, would this sort of
> "exploit" be prohibited under Articles 6 and 2?

I'm not sure that's practical.  Eg consider Nessor - a scanner that
contains exploit code which I assume would be outlawed under legislation
enacting the treaty.  Organizations that routinely do large scale Nessor
scans couldn't add a program to all the target machines
cost-effectively.

It isn't very clear to me whether other scanners such as nmap would be
outlawed.

The CVE board could come up with proposed language for the treaty.  This
is the first version of the treaty, and they are seeking comments.  I
imagine the drafters do not feel themselves technically competent, and
might be quite receptive to technical input from a high-profile
community wide effort in this area.

Stuart.

--
Stuart Staniford  ---  President  ---  Silicon Defense
                   stuart@silicondefense.com
(707) 445-4355                     (707) 445-4222 (FAX)

Page Last Updated or Reviewed: May 22, 2007