Brice Yokem wrote:
> I am shocked that I agree (mostly) with Mr Byrne on this matter.
>
> The same justification could be applied to warrentless wiretaps, etc.
> by contending they did not actually listen to the conversation, just
> submitted it to an AI for analysis.
Legalities exist over whether or not the disk/computer/network was
"public" or "private".  And if there was an AUP/TOS presentation
outlying any monitoring or remediation terms.

Since the disk media would be "stored communications" it would be
covered under ECPA.

If it was "in transit" such as over a network, there are two options: 
the Wiretap statute (18 USC 2510-22) or the Pen/Trap statute (18 USC
3121-27).  The laws concerning acquisition and tracking are much more
lenient with the latter, but such is only to consist of source,
destination, time, and duration.  It sounds like much of the fuss is to
declare the MD5 sum to be a portion of the pen/trap data, rather than
the explicit communications, and that has been overturned.  Interesting.

I don't know the current "exceptions list" for pen/trap data these days,
given that stateful firewalls are [optionally capable of] logging more
and more data (source, destination, duration, bytes transferred, URIs,
completion codes).

And yes, to argue the point from a security perspective, there is an
organization now (not sure if public or still NDA) that keeps an MD5
registry of all known "malware" - viruses, trojans, botnets, rootkits,
etc.  We're not "all that far" from a reputation score of an
attachment.  The debate here then becomes be what sort of reputation
we're scoring, rather than the scoring itself (or at least the reference
database).

Compiling similar libraries isn't new, NIST has been doing it (NSRL) for
years.  http://www.nsrl.nist.gov/

Jeff

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *