[Dailydave] Clarifying the record from EFF

Jason Crawford jason at purebsd.net
Thu Aug 30 17:23:42 EDT 2012

On 08/30/2012 04:50 PM, Justin Ferguson wrote:
> Firstly and most importantly, to me, your right to own, possess and sell
> exploits is pretty clearly protected under the 2nd amendment. I'd argue
> for that legitimacy in the same way I would your right to do the same
> with a firearm. I do however take contention with what the actual
> circumstances are though, a market where you can only sell firearms to
> your respective governments instead of an actual open and free market.

I don't normally post on these, but saying that exploits should be
regulated under the second amendment is kind of scary. Look at all the
regulations we have for possession and carrying of firearms. Do we want
to say that anyone who's in possession of illegal drugs would now do
serious hard time in a federal prison if they have exploits too? As
possessing a gun while using or possessing illegal drugs would land you
in prison. Maybe states like California that greatly restrict what kind
of firearms you can have and buy will basically chase all hackers out
now. Or in New York where owning a machine-gun is a felony, owning
CANVAS would be now too, as that's 'automatic' exploiting (greater than
one exploit fired off with a single mouse click). At one point
California was trying to pass legislation that would only let you
procure 50 bullets a month, shall we only allow people to procure 50
payloads a month? Oh, lets make sure people can only buy exploits from
federal exploit licensed dealers (except in some states that allow
private purchases maybe) and your name is now on their list that the
government can recall at any time. And of course, if you are a
registered dealer of exploits, that means the ATF can now enter your
home any time they want, and you can't stop them, since that's what they
can do with FFL's. Which also means any time you get exploits over the
internet, it must go to a federal exploit licensed dealer in your state
for them to run a background check on you. I'm sorry but regulating
exploits under the second amendment is the WRONG thing to do here.

>     > George W Bush walked into a room full of defense and intelligence
>     officials, and he pointed out to them in a dry Southern way how if they 
>     > didn't think of something better that the Isrealis were 100% going
>     to attack the Iranian nuclear program, and they were going to pull the 
>     > United States into it, and there was going to be a large serving
>     of  _extremely unpleasant_ sandwich with a small side of possible
>     nuclear   
>     > winter for everyone involved... 
>     > And looking around the room, the people who had never shot a gun,
>     who that very night would go home to play an RPG so hideously 
>     > complex it has its own government, who spent the time before the
>     meetings with high powered government officials arguing about Firefly 
>     > versus Buffy the Vampire Slayer's various scripts, people who if
>     given have a chance would expound upon deeply held personal opinons 
>     > regarding various subtleties in the licensing of Unix
>     distributions,...these people simply shrugged and said "Yeah, we got
>     this one."
> This is a bit misguided at best and I've not quite decided for myself
> whether you are delluding yourself or just trying to delude readers.
> Ignoring that the most likely candidate for how the worm ended up there
> in the first place-- a FTO, the MEK/PMOI, who exists on our lists
> because of their old habits of killing Americans and thus that
> participating in the cyber-side of things could be rightfully construed
> as material support for a terrorist organization. And ignoring that you
> decoupled operations from the targeted assassination of scientists
> aspect, as those aren't exactly thank you notes being strapped to the
> side of their cars-- isn't the correct answer when faced with this
> situation to question our ties to Israel, a country that legitimately
> serves no interest for the United States instead of doubling down by
> participating in an operation designed to help satiate their desire for
> blood?
> About a year ago I had a box compromised after I got a new twitter
> follower that was of the Tibetan NGO type who had obviously had their
> website compromised and was in turn compromising visitors to their
> website-- chrome 0day in the wild on an NGOs website. Sure, it could
> have been some random spammers or similar, but we all know that's not
> what's going on.
> What exactly do you think they do with the intel they collect from such
> operations? I just don't buy the 'hate the game not the player' argument
> here, if you sell someone an exploit that in turn ends up used to exfil
> intel that in turn ends in an extraordinary rendition or a car-bomb
> strapped to the side of a scientists car, you're hands are anything but
> bloodless and you have most certainly deployed bombs and guns unlike you
> speculate.
> But whatever, thats life and we're all spooks now. What I have issue
> with is the idea that it's a free market or anything to do with civil
> liberties when in essence if you tried to sell the same exploits to
> something like Wikileaks, you'd quickly find yourself embroiled in a
> series of legal snafu's. And of course, if I say sell to the NSA/CIA, no
> one bats an eye, but if I were to suggest selling to Wikileaks or
> telecommix or the PLF et al, that would sound insane. At least have the
> decency to call a spade a spade and instead of pretending to be
> free-agents people should at least acknowledge that they're essentially
> agents of their respective states.
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunityinc.com
> https://lists.immunityinc.com/mailman/listinfo/dailydave

More information about the Dailydave mailing list