Justifiably evil, or just wrong?

What is right? Is there right? Are you right?

Justifiably evil, or just wrong?

Post by Cryptovirus on Wed Aug 25, 2010 8:12 am
([msg=44278]see Justifiably evil, or just wrong?[/msg])

I'm going to put myself on the scale here, albeit a little reluctantly.

So, over the past few months, I've been discovering and disclosing vulnerabilities in IP.Board. So much so, that the president of the company offered me a complimentary license to do my testing. Obviously, with the source in hand, I was able to find many more problems than I would've otherwise.

Where the dilemma comes in - I have a forum based around security which is pretty new and has the need for publicity and members. To this end, I would release the aforementioned vulnerabilities to the public mere hours after they were fixed in the latest revision. (my forum is powered by vBulletin - I wouldn't find vulnerabilities in IPB if I was using it, because I'd be too lazy to update manually and too paranoid to wait for patches)

While it led to an increase in traffic, the new people rarely register. :evil:

Anyhow, IPS is aware and hasn't complained about this and I still hold the complimentary license.

My question is, should I continue to search for vulnerabilities using the complimentary license, as well as giving out tutorials on how to pwn this very software. And whether there would be a viable case against me in a court of law.
Last edited by Cryptovirus on Wed Aug 25, 2010 10:00 am, edited 1 time in total.
Cryptovirus
New User
New User
 
Posts: 21
Joined: Wed Aug 25, 2010 7:37 am
Blog: View Blog (0)


Re: Justifiably evil, or just wrong?

Post by fashizzlepop on Wed Aug 25, 2010 9:58 am
([msg=44283]see Re: Justifiably evil, or just wrong?[/msg])

Asphinctersayswhat?

Yeah, I don't get your question.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Justifiably evil, or just wrong?

Post by tremor77 on Wed Aug 25, 2010 9:58 am
([msg=44284]see Re: Justifiably evil, or just wrong?[/msg])

When you say you have a forum based around security.. you have an actual forum using the IP board software? or you have a competing forum software that you feel is more secure? Just having a little trouble deciphering the post there... not really sure what your question is.
Image
User avatar
tremor77
Contributor
Contributor
 
Posts: 884
Joined: Wed Mar 31, 2010 12:00 pm
Location: New York
Blog: View Blog (0)


Re: Justifiably evil, or just wrong?

Post by Cryptovirus on Wed Aug 25, 2010 10:19 am
([msg=44287]see Re: Justifiably evil, or just wrong?[/msg])

Modified OP to pose a clearer question.
Cryptovirus
New User
New User
 
Posts: 21
Joined: Wed Aug 25, 2010 7:37 am
Blog: View Blog (0)


Re: Justifiably evil, or just wrong?

Post by fashizzlepop on Wed Aug 25, 2010 2:40 pm
([msg=44308]see Re: Justifiably evil, or just wrong?[/msg])

They gave you a FREE license... that means (the court would see it this way) that they WANT you to test it out. I would at least make sure the developers know about the security issues before you release them publicly.
The glass is neither half-full nor half-empty; it's merely twice as big as it needs to be.
User avatar
fashizzlepop
Developer
Developer
 
Posts: 2303
Joined: Sat May 24, 2008 1:20 pm
Blog: View Blog (0)


Re: Justifiably evil, or just wrong?

Post by Szayel on Thu Aug 16, 2012 8:59 pm
([msg=68789]see Re: Justifiably evil, or just wrong?[/msg])

So what you are saying, is that is it wrong for you to fix the company's software, while showing people ways to get past the very software you fix?
I don't think it's something that's necessarily wrong, but you could go to court for it if the company felt that what you are doing is affecting their software.
"If you cannot win the game, if you cannot solve the puzzle, then you are just another loser." (Near from Death Note)
Michael:What are you doing?
Salander:I'm reading your notes.
Michael:They're encrypted.
Salander:Please. Have some coffee.
User avatar
Szayel
New User
New User
 
Posts: 31
Joined: Mon Jun 04, 2012 5:53 pm
Blog: View Blog (0)


Re: Justifiably evil, or just wrong?

Post by LoGiCaL__ on Fri Aug 17, 2012 7:17 pm
([msg=68811]see Re: Justifiably evil, or just wrong?[/msg])

I wouldn't expect any answers on this and a few of the others you posted. The last post is about 2 years ago. You can check the last post date under the post title.
User avatar
LoGiCaL__
Addict
Addict
 
Posts: 1061
Joined: Sun May 30, 2010 12:33 pm
Blog: View Blog (0)


Re: Justifiably evil, or just wrong?

Post by Szayel on Sat Aug 18, 2012 11:24 am
([msg=68825]see Re: Justifiably evil, or just wrong?[/msg])

LoGiCaL__ wrote:I wouldn't expect any answers on this and a few of the others you posted. The last post is about 2 years ago. You can check the last post date under the post title.

Oh, I didn't even notice.
"If you cannot win the game, if you cannot solve the puzzle, then you are just another loser." (Near from Death Note)
Michael:What are you doing?
Salander:I'm reading your notes.
Michael:They're encrypted.
Salander:Please. Have some coffee.
User avatar
Szayel
New User
New User
 
Posts: 31
Joined: Mon Jun 04, 2012 5:53 pm
Blog: View Blog (0)



Return to Ethics

Who is online

Users browsing this forum: No registered users and 0 guests