hacker != cracker (Re: Swartz, Weev & radical libertarian lexicon)

rysiek rysiek at hackerspace.pl
Wed Jan 8 13:08:12 PST 2014 

Dnia środa, 8 stycznia 2014 17:03:39 Adam Back pisze:
> What you said is correct, that is what needs to happen (society and law
> needs to move out of the dark ages), and the only way for that to happen
> is brave canaries with squeaky clean reps, and sharp lawyers to blaze the
> path.

Indubitably.

> My version was just to say be aware of the risks, that you would take by
> even putting your name to a hack, with any disclosure at all.  If you dont
> want to be a canary.

Sure.

> Possibly would be advisable to use a laywer for some anonmyity insulation to
> even sell a hack to one of the disclosure service pimping sites.  (They
> probably are selling them to the NSA/Orwell 2.0 crew so taking their money
> is probably dirty money.)

Indeed.

> Independent security researcher can be risky.  Get a legal signed doc from
> the people you audit people say (yeah like they're gonna give you one for an
> unsolicited investigation).

Yeah, there's an old Soviet saying: "the more paper, the cleaner the arse."

> Weev was an independent security researcher after all, in a team even.
> Goatse security http://en.wikipedia.org/wiki/Goatse_Security.  They did find
> some interesting and news worthy hacking stuff, even won awards from Tech
> Crunch seemingly.

And that's what gets to me. For fucks' sake, people like Weev or Swartz 
discover holes left by somebody else, why are they the ones getting punished 
for it? If somebody made a faulty tool, they would pay, not the user exposing 
the problem.

Maybe it's time to try to get some vendor liability/warranty going? I shudder 
when thinking about that, as that would pose a huge problem for Free Software, 
I guess, but I think it is worth exploring anyway.

-- 
Pozdr
rysiek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 316 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20140108/a56914f8/attachment-0002.sig>

More information about the cypherpunks mailing list