* Posts by Sara Peters

4 publicly visible posts • joined 15 Apr 2008

Computer Misuse Act changes are delayed further

Sara Peters

@ Chris Branch

You're right that the law says you have to intend to gain unauthorized access. So be awfully darn careful--don't do any little knocks on the door, any scanning to see if the site's got security. Even if you find vulnerabilities and responsibly disclose them to the site owner, you're still technically breaking the law and are at the mercy of the site owner. Check out more about the Daniel Cuthbert case from 2005 and you'll still be a bit worried about the CMA.

Microsoft: Finding flaws on our website is OK

Sara Peters

I'm pink from all the tickling.

I'm delighted. I've been scratching my head and others' heads about this this Web research/ disclosure law thing ever since Daniel Cuthbert's conviction in 2005. It's nice to see some progress being made.

Has anyone seen Microsoft's actual policy in writing, though? Is it on MS's site somewhere?

It's all well and good to say "we won't sue you," but I'm sure MS's legal machine won't have allowed itself to write a policy that would weaken the company's case in court in the event that they DO decide to sue you.

DNS lords expose netizens to 'poisoning'

Sara Peters

Brett's right...

DNSSEC does qualify as IETF "doing" something.

I just wish I knew of the root servers and TLDs doing something with DNSSEC. Or perhaps doing something that takes active baby steps toward DNSSEC.

Is there something I don't know about? Inquiring me wants to know.

Sara Peters

IETF isn't getting it

If the underlying DNS infrastructure is ever going to change, the Internet Engineering Task Force (IETF) has got to do to more research, create more secure technology and spread the word about it. Then ICANN and IETF both need to force the issue onto the operators of the root servers and top-level domain servers.

IETF does have a working group just to TALK about security (http://www.ietf.org/html.charters/wg-dir.html#Security%20Area), but unfortunately they don't seem to be DOING anything.

It makes a girl want to start breaking kneecaps.