[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clarification of My Post RE: [Full-Disclosure] Bugfinder Being Indicted As Criminal in France

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Clarification of My Post RE: [Full-Disclosure] Bugfinder Being Indicted As Criminal in France
From: "Drew Copley" <dcopley@xxxxxxxx>
Date: Mon, 5 Apr 2004 12:05:50 -0700

The below email was misunderstood by some and I wish to make an explanation and 
some clarifications.

My only point of bringing this up was that I did not want to see the whole 
country of France being improperly accused, as we have not seen all details of 
the case yet.

This is an extremely hurtful case and some have felt that I should not have 
noted I heard "some" evidence that he may have been a virus writer from old. 

I did note, however, that:
  a. "I wouldn't convict him yet, either."
  b. "I saw some evidence", as opposed to "I saw evidence", or "I saw 
conclusive evidence" [in context, it should be further noted that I did not 
claim to have heard evidence directly pertaining to the case but to previous 
misdeeds -- which very well may be entirelly irrelevant to the case]
  c.  "What is productive is to remember -- we don't know the full facts of the 
case. Very often we become convinced a suspect is guilty or innocent... but 
then we discover we did not see all of the facts."
  d. "I have seen a friend [thierry of tlsecurity] in France be prosecuted 
unfairly before for computer crimes - he was innocent and let go - but went 
through some bad times just for the questioning. But, the same thing could 
happen anywhere."

I am extremely careful about what I say in these situations.

However, it is a very hurtful situation as the company has reportedly made some 
atrocious claims about the individual such as "he is a terrorist". That kind of 
statement is extremely uncalled for and is entirely despicable. A "terrorist", 
by my book, is a murderer. Someone falsely accusing someone else of 
"terrorism", therefore, is essentially falsely accusing them of murder. And, by 
my book, that is as bad as murder.

In no way do I approve of such a despicable act.

> -----Original Message-----
> From: Drew Copley 
> Sent: Thursday, April 01, 2004 11:07 AM
> To: full-disclosure@xxxxxxxxxxxxxxxx {unsecure}
> Subject: RE: [Full-Disclosure] Bugfinder Being Indicted As 
> Criminal in France
> 
>  
> 
> > -----Original Message-----
> > From: Paul Schmehl [mailto:pauls@xxxxxxxxxxxx] 
> > Sent: Wednesday, March 31, 2004 7:24 PM
> > To: Drew Copley; full-disclosure@xxxxxxxxxxxxxxxx
> > Subject: Re: [Full-Disclosure] Bugfinder Being Indicted As 
> > Criminal ("Counterfeiter") in France
> > 
> > --On Wednesday, March 31, 2004 12:20 PM -0800 Drew Copley 
> > <dcopley@xxxxxxxx> wrote:
> > 
> > > http://www.guillermito2.net/archives/2004_03_25e.html
> > >
> > Just one more reason not to travel to France.....
> > 
> > I'm becoming convinced that the EU bureaucrats are determined 
> > to stiffle 
> > the world to death.
> 
> Are you trying to charm your EU counterparts?
> 
> There is much positive and negative to say about each side of 
> the pond, but that wouldn't be very productive on a computer 
> security mailing list.
> 
> What is productive is to remember -- we don't know the full 
> facts of the case. Very often we become convinced a suspect 
> is guilty or innocent... but then we discover we did not see 
> all of the facts.
> 
> I have seen a friend [thierry of tlsecurity] in France be 
> prosecuted unfairly before for computer crimes - he was 
> innocent and let go - but went through some bad times just 
> for the questioning. But, the same thing could happen anywhere. 
> 
> Let's fight it wherever it happens. We may all have great 
> national sentiments - I definitely do - but ultimately this 
> is a global economy and a global society.
> 
> ...
> 
> I have seen some evidence that this individual is a virus 
> releaser since writing this. Off list. Virus writers - full 
> disclosure - virus releasers... 
> 
> the difference between someone making a gun and using a gun 
> to kill someone with.
> 
> ...
> 
> But, I wouldn't convict him yet, either.
> 
> Wait until the court case goes through... though, it would be 
> nice if our French readers could pick up some more 
> information on this company.
> 
> 
> > 
> > Paul Schmehl (pauls@xxxxxxxxxxxx)
> > Adjunct Information Security Officer
> > The University of Texas at Dallas
> > AVIEN Founding Member
> > http://www.utdallas.edu
> > 
> > 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] A sucker is born every day
Next by Date: Re: [Full-Disclosure] IE exploit going around on irc
Previous by thread: RE: [Full-Disclosure] A sucker is born every day
Next by thread: [Full-Disclosure] Format string bug in IGI 2: Covert Strike 1.3
Index(es):
- Date
- Thread