[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [WEB SECURITY] [Off Topic] Judge Orders YouTube to Give All User Histories to Viacom

From: Rafal Los <rafal@xxxxxxxxxxxxxxxx>
Subject: RE: [WEB SECURITY] [Off Topic] Judge Orders YouTube to Give All User Histories to Viacom
Date: Thu, 3 Jul 2008 20:29:21 +0000

--_589fe29c-29d1-4bc1-9972-b79409246c96_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable


Joe=2C
    Viacom's rediculous requests (source code=2C etc=2C etc=2C etc) should =
have been a good sign to the judge that this was clearly a case of "throw e=
verything against the wall and see what sticks".  I'm not sure that I would=
 really argue the point on the merits of legal law (as I'm clearly not a la=
wyer) but ... the part that troubles me is that Viacom has been granted the=
 request that "Google will have to turn over data about how often each priv=
ate video has been watched and by how many persons" - that's a fishing net =
cast awful wide.  What if they find some very unsavory information on there=
=2C are they then going to feel obligated to contact authorities=2C other c=
ompanies in order to sue or throw people in jail!?  I'm just worried this w=
ill set a precedent that nothing is sacred=2C and you can be tracked and as=
ked to give up your secrets if you "put it on the 'net"... which bugs the h=
ell out of me.

Cheers.


 Rafal (Ralph) M. Los
IT Security - Response | Mitigation | Strategy
E-mail:  rafal-no-spam-at-ishackingyou.com
 - gPGP:    0xFFC63B33
 - Blog:    http://preachsecurity.blogspot.com
 - LinkedIn:http://www.linkedin.com/in/rmlos


> Date: Thu=2C 3 Jul 2008 11:54:55 -0700
> From: joe@cyberlocksmith.com
> To: websecurity@webappsec.org
> Subject: [WEB SECURITY] [Off Topic] Judge Orders YouTube to Give All User=
 Histories to Viacom
>=20
> I recognize that this is likely off-topic for the list but a healthy
> sense of paranoia often times accompanies an "out of the box" security
> mindset.  =3D)
>=20
> http://blog.wired.com/27bstroke6/2008/07/judge-orders-yo.html
>=20
> A link to the court ruling is included in the article referenced above
> and I encourage you to take a moment to read it if you have the time.
>=20
> The way I see it=2C at the end of the day=2C web application security
> professionals ultimately work to build confidence and a sense of both
> trust and integrity for the end user experience.  Without confidence=2C
> trust and integrity then the Internet as we know it falls away and we
> are likely left without an outlet for our passion.
>=20
> Many pieces of this court ruling troubled me and I wanted to share it
> with the list in case others on the list had missed it.
>=20
> If end users ever get to the point that they fear visiting public and
> otherwise respected sites then that seems to do us all a disservice.
> Does this not encourage the further development of a DarkNet that
> shields end users from unforeseen liability and if so=2C does this not
> also complicate efforts to secure and protect web applications by
> security professionals?
>=20
> Sure=2C maybe I am overreacting but in a world based upon precedents=2C
> this one troubles me more than others.
>=20
> As always=2C I'd be very curious to get other thoughts and opinions on th=
is.
>=20
> thanks=2C
> joe
>=20
> <<<>>>
>=20
> -------------------------------------------------------------------------=
---
> Join us on IRC: irc.freenode.net #webappsec
>=20
> Have a question? Search The Web Security Mailing List Archives:=20
> http://www.webappsec.org/lists/websecurity/archive/
>=20
> Subscribe via RSS:=20
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>=20
> Join WASC on LinkedIn
> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>=20

_________________________________________________________________
Windows Live Hotmail is giving away Zunes. Enter for your chance to win.
http://www.windowslive-hotmail.com/ZuneADay/?locale=3Den-US&ocid=3DTXT_TAGL=
M_Mobile_Zune_V3=

--_589fe29c-29d1-4bc1-9972-b79409246c96_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<html>
<head>
<style>
.hmmessage P
{
margin:0px=3B
padding:0px
}
body.hmmessage
{
FONT-SIZE: 10pt=3B
FONT-FAMILY:Tahoma
}
</style>
</head>
<body class=3D'hmmessage'>
Joe=2C<br>&nbsp=3B&nbsp=3B&nbsp=3B Viacom's rediculous requests (source cod=
e=2C etc=2C etc=2C etc) should have been a good sign to the judge that this=
 was clearly a case of "throw everything against the wall and see what stic=
ks".&nbsp=3B I'm not sure that I would really argue the point on the merits=
 of legal law (as I'm clearly not a lawyer) but ... the part that troubles =
me is that Viacom has been granted the request that "Google will have to tu=
rn over data about how often each private video has been watched and by how=
 many persons" - that's a fishing net cast awful wide.&nbsp=3B What if they=
 find some very unsavory information on there=2C are they then going to fee=
l obligated to contact authorities=2C other companies in order to sue or th=
row people in jail!?&nbsp=3B I'm just worried this will set a precedent tha=
t nothing is sacred=2C and you can be tracked and asked to give up your sec=
rets if you "put it on the 'net"... which bugs the hell out of me.<br><br>C=
heers.<br><br><hr id=3D"EC_EC_[object]">
 <strong><font color=3D"#000080">Rafal (Ralph) M. Los</font></strong><br><f=
ont color=3D"#800000">IT Security - Response | Mitigation | Strategy</font>=
<br><strong>E-mail</strong>:&nbsp=3B <a href=3D"mailto:rafal@ishackingyou.c=
om">rafal-no-spam-at-ishackingyou.com</a><br><strong></strong> - <strong>gP=
GP</strong>:&nbsp=3B&nbsp=3B&nbsp=3B 0xFFC63B33<br>&nbsp=3B- <strong>Blog</=
strong>:&nbsp=3B&nbsp=3B&nbsp=3B <a href=3D"http://preachsecurity.blogspot.=
com/" target=3D"_blank">http://preachsecurity.blogspot.com</a><br> - <stron=
g>LinkedIn</strong>:http://www.linkedin.com/in/rmlos<br><br><br>&gt=3B Date=
: Thu=2C 3 Jul 2008 11:54:55 -0700<br>&gt=3B From: joe@cyberlocksmith.com<b=
r>&gt=3B To: websecurity@webappsec.org<br>&gt=3B Subject: [WEB SECURITY] [O=
ff Topic] Judge Orders YouTube to Give All User Histories to Viacom<br>&gt=
=3B <br>&gt=3B I recognize that this is likely off-topic for the list but a=
 healthy<br>&gt=3B sense of paranoia often times accompanies an "out of the=
 box" security<br>&gt=3B mindset.  =3D)<br>&gt=3B <br>&gt=3B http://blog.wi=
red.com/27bstroke6/2008/07/judge-orders-yo.html<br>&gt=3B <br>&gt=3B A link=
 to the court ruling is included in the article referenced above<br>&gt=3B =
and I encourage you to take a moment to read it if you have the time.<br>&g=
t=3B <br>&gt=3B The way I see it=2C at the end of the day=2C web applicatio=
n security<br>&gt=3B professionals ultimately work to build confidence and =
a sense of both<br>&gt=3B trust and integrity for the end user experience. =
 Without confidence=2C<br>&gt=3B trust and integrity then the Internet as w=
e know it falls away and we<br>&gt=3B are likely left without an outlet for=
 our passion.<br>&gt=3B <br>&gt=3B Many pieces of this court ruling trouble=
d me and I wanted to share it<br>&gt=3B with the list in case others on the=
 list had missed it.<br>&gt=3B <br>&gt=3B If end users ever get to the poin=
t that they fear visiting public and<br>&gt=3B otherwise respected sites th=
en that seems to do us all a disservice.<br>&gt=3B Does this not encourage =
the further development of a DarkNet that<br>&gt=3B shields end users from =
unforeseen liability and if so=2C does this not<br>&gt=3B also complicate e=
fforts to secure and protect web applications by<br>&gt=3B security profess=
ionals?<br>&gt=3B <br>&gt=3B Sure=2C maybe I am overreacting but in a world=
 based upon precedents=2C<br>&gt=3B this one troubles me more than others.<=
br>&gt=3B <br>&gt=3B As always=2C I'd be very curious to get other thoughts=
 and opinions on this.<br>&gt=3B <br>&gt=3B thanks=2C<br>&gt=3B joe<br>&gt=
=3B <br>&gt=3B &lt=3B&lt=3B&lt=3B&gt=3B&gt=3B&gt=3B<br>&gt=3B <br>&gt=3B --=
--------------------------------------------------------------------------<=
br>&gt=3B Join us on IRC: irc.freenode.net #webappsec<br>&gt=3B <br>&gt=3B =
Have a question? Search The Web Security Mailing List Archives: <br>&gt=3B =
http://www.webappsec.org/lists/websecurity/archive/<br>&gt=3B <br>&gt=3B Su=
bscribe via RSS: <br>&gt=3B http://www.webappsec.org/rss/websecurity.rss [R=
SS Feed]<br>&gt=3B <br>&gt=3B Join WASC on LinkedIn<br>&gt=3B http://www.li=
nkedin.com/e/gis/83336/4B20E4374DBA<br>&gt=3B <br><br /><hr />Windows Live =
Hotmail is giving away Zunes. Enter for your chance to win. <a href=3D'http=
://www.windowslive-hotmail.com/ZuneADay/?locale=3Den-US&ocid=3DTXT_TAGLM_Mo=
bile_Zune_V3' target=3D'_new'>Enter Now!</a></body>
</html>=

--_589fe29c-29d1-4bc1-9972-b79409246c96_--

References:
- [WEB SECURITY] [Off Topic] Judge Orders YouTube to Give All User Histories to Viacom
  - From: Joe White

Prev by Date: [WEB SECURITY] Re: [Webappsec] Comparisons of Web Application Firewalls
Next by Date: RE: [WEB SECURITY] Re: [Webappsec] Comparisons of Web Application Firewalls
Previous by thread: [WEB SECURITY] [Off Topic] Judge Orders YouTube to Give All User Histories to Viacom
Next by thread: Re: [WEB SECURITY] [Off Topic] Judge Orders YouTube to Give All User Histories to Viacom
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site