[Dshield] Change Thread name- Legal Disclaimers WAS RE: Ideafor dealing with ISPs that ignoreabusenotificatons was RE:The Art/Tao/Zen of Abuse e-mails(Was:[Fwd: WHY IS YOURCUSTOMER...])

Tomas L. Byrnes tomb at byrneit.net
Tue Aug 29 16:27:03 GMT 2006


"He that defends in all places, defends in none"
Sun Tzu

I'd rather focus on changing the things I can. Most IT/Security folks
have limited political capital and even more limited time and money.

Getting into fights with legal, when arguing points is exactly what
lawyers are trained to do, seems like a distinct waste of time to me.
Especially since what Security needs to do is get Legal as allies, since
many of the requirements that drive security, and thus require budget,
are legal. I'd rather make allies of them by having a dialog about what
security can do to help with regulatory compliance, than create an
adversarial relationship by telling them their disclaimer is bunk.
Maybe, in the course of that dialog, we can tell them what is and isn't
actually feasible technically, so their documents and disclaimers
reflect that.

Lawyers LOVE arguing, it's the profession of choice for debate champs.
They will take all your available time doing so. Unless there is
something about the disclaimer or that legal is pushing that has a worse
effect on your security stance than any one of the other things you need
to do, that are in your lane, I recommend focusing on those.

In any event, legal disclaimers certainly were not on topic on the
subject of how to deal with non-responsive or invalid abuse handles,
which is what my main point, and reason for the thread name change, was.




-----Original Message-----
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org] On Behalf Of
Valdis.Kletnieks at vt.edu
Sent: Tuesday, August 29, 2006 4:51 AM
To: General DShield Discussion List
Subject: Re: [Dshield] Change Thread name- Legal Disclaimers WAS RE:
Ideafor dealing with ISPs that ignoreabusenotificatons was RE:The
Art/Tao/Zen of Abuse e-mails(Was:[Fwd: WHY IS YOURCUSTOMER...])

On Mon, 28 Aug 2006 16:33:53 PDT, "Tomas L. Byrnes" said:
> I'm not sure how much this actually is relevant to network security.

It's actually more relevant than you think.  When a site is having their
policies decided by a legal team that has little or no understanding of
the technology, that *can't* be good for their security stance. If the
legal team doesn't understand the difference between an e-mail recipient
and addressee in the context of a mailing list, and doesn't understand
why stamping it 'this is confidential' (rather than the slightly less
obnoxious 'may be confidential') when posting worldwide - what are the
chances of them giving you actually sound advice when you ask them if a
given network trace of a network intruder constitutes an illegal
interception of communications, or similar *difficult* question?



More information about the list mailing list