• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

The Department of Justice Revised the Computer Fraud and Abuse Act to Permit Good-Faith Computer Security Research

cageymaru

cageymaru

Fully [H]
2FA
Joined
Apr 10, 2003
Messages
22,827
The Department of Justice has formally acknowledged the role that computer security researchers play in testing the safety of networks, devices, and online services. The DOJ has announced that the Computer Fraud and Abuse Act (CFAA) has been revised to recognize the importance of good-faith computer security research. Courts were confused as to the difference between malicious hacking and computer security research which seeks to discover vulnerabilities and report them for the purpose of better cyber-security. This change in the law does not give carte blanche authority to malicious hackers who would extort companies and then claim they were acting in good-faith. I think this is a great change that clarifies what is acceptable for courts to pursue.

“Computer security research is a key driver of improved cybersecurity,” said Deputy Attorney General Lisa O. Monaco. “The department has never been interested in prosecuting good-faith computer security research as a crime, and today’s announcement promotes cybersecurity by providing clarity for good-faith security researchers who root out vulnerabilities for the common good.”

Accordingly, the policy clarifies that hypothetical CFAA violations that have concerned some courts and commentators are not to be charged. Embellishing an online dating profile contrary to the terms of service of the dating website; creating fictional accounts on hiring, housing, or rental websites; using a pseudonym on a social networking site that prohibits them; checking sports scores at work; paying bills at work; or violating an access restriction contained in a term of service are not themselves sufficient to warrant federal criminal charges. The policy focuses the department’s resources on cases where a defendant is either not authorized at all to access a computer or was authorized to access one part of a computer — such as one email account — and, despite knowing about that restriction, accessed a part of the computer to which his authorized access did not extend, such as other users’ emails.
 
Doesn't affect state-level charges, but still good. Can't help but feel this was in response to that Missouri governor threatening to charge a reporter for exposing a basic website flaw — sorry, sir, but you can't level hacking charges against someone who was actually doing you a favor.
 
Aurelius said:
Doesn't affect state-level charges, but still good. Can't help but feel this was in response to that Missouri governor threatening to charge a reporter for exposing a basic website flaw — sorry, sir, but you can't level hacking charges against someone who was actually doing you a favor.
Click to expand...
Well that, and if it’s the story I’m thinking of, looking at the code that’s from the site isn’t even hacking anyway. The schmuck didn’t even know about “view html”; available in literally all browsers.

Edit: this one: https://arstechnica.com/tech-policy...t-illegal-or-hacking-prof-tells-missouri-gov/
 
Last edited:
Aurelius said:
Precisely. "View Page Source" is not a hacking tool.
Click to expand...
This is where it would be nice to see some representation in our republic that has at least a rudimentary understanding of the legislation they enact or the laws they are responsible to uphold - or people that are not so arrogant as to believe that they know all things without accepting input from those with more knowledge.
 
MrCaffeineX said:
This is where it would be nice to see some representation in our republic that has at least a rudimentary understanding of the legislation they enact or the laws they are responsible to uphold - or people that are not so arrogant as to believe that they know all things without accepting input from those with more knowledge.
Click to expand...
I feel like this is applicable to most situations these days unfortunately.
 
UnknownSouljer said:
Well that, and if it’s the story I’m thinking of, looking at the code that’s from the site isn’t even hacking anyway. The schmuck didn’t even know about “view html”; available in literally all browsers.

Edit: this one: https://arstechnica.com/tech-policy...t-illegal-or-hacking-prof-tells-missouri-gov/
Click to expand...

Apparently Governer Parson is still doubling down on his accusations despite his own departments whom he tasked to investigate finding no hacking occurred. His own advisors apparently told him they wanted to thank rather than investigate these people. The guy is on a power trip.
 
A regulatory agency cannot "revise" legislation. That requires new legislation. A court decision can invalidate or establish a precedent for the application of legislation.

A regulatory agency can only change their interpretaion of legislation. The problem with that is that they can change it again or "selectively enforce" depending on who runs the agency.
 
MrCaffeineX said:
This is where it would be nice to see some representation in our republic that has at least a rudimentary understanding of the legislation they enact or the laws they are responsible to uphold - or people that are not so arrogant as to believe that they know all things without accepting input from those with more knowledge.
Click to expand...
We're in a "post-truth" nation where whatever you believe 'is the truth'. Or more to the point, whatever you can convince others is the truth is just as valid as the truth. Truth is about popularity not definitions or about what in fact happened.
tl;dr: he's just operating like every other politician, and politicians aren't particularly interested in anything that doesn't meet their agenda.

Tsumi said:
Apparently Governer Parson is still doubling down on his accusations despite his own departments whom he tasked to investigate finding no hacking occurred. His own advisors apparently told him they wanted to thank rather than investigate these people. The guy is on a power trip.
Click to expand...
I hope he takes them to court so the judge can laugh in his face for the frivolous lawsuit.
 
Last edited:
UnknownSouljer said:
We're in a "post-truth" nation where whatever you believe 'is the truth'. Or more to the point, whatever you can convince others is the truth is just as valid as the truth. Truth is about popularity not definitions or about what in fact happened.
tl;dr: he's just operating like every other politician, and politicians aren't particularly interested in anything that doesn't meet their agenda.


I hope he takes them to court so the judge can laugh in his face for the frivolous lawsuit.
Click to expand...

I hope the researcher and journalist go through with a defamation lawsuit against him and win.
 
Tsumi said:
I hope the researcher and journalist go through with a defamation lawsuit against him and win.
Click to expand...
Are they going against him personally? Or the position he holds? if it's the later it's just a matter of funneling tax payer money from regular citizens to him and his lawyer(s), if it's the former... well they'll probably also try to get the tax payers to pay for it in some way.

Either way if politicians would just admit they were wrong every now and then we wouldn't be into issues like this.
 
You must log in or register to reply here.
Back
Top