[Infowarrior] - myspace, godaddy and the ongoing trend

Tue Jan 30 11:57:24 EST 2007

---------- Forwarded message ----------
From: security curmudgeon <jericho at attrition.org>
To: Declan McCullagh <declan at well.com>
Cc: Fyodor <fyodor at insecure.org>
Date: Tue, 30 Jan 2007 03:05:47 -0500 (EST)
Subject: myspace, godaddy and the ongoing trend

Declan, feel free to post this to Politech if you wish. Late night ramblings
from a curmudgeon, nothing more.

--

One thing that many people seem to be missing with this entire story is,
"why seclists.org?" The full-disclosure mail list [0] is archived on
*hundreds* of web servers around the world [1] and even has corporate
sponsorship [2]. Was the official archive of the mail list [3] threatened?
Or was Fyodor and seclists.org threatned because that site is the first hit
on Google if you search for "full disclosure mail list archive"? Did MySpace
bother to contact the registrar of the second hit (neohapsis.com) over their
archive [4]?

I bring this up because once again I am in the middle of a legal threat to
remove content off a domain I help manage [5]. At the moment, the full
content of the legal threat and my reply have not been published like
previous threats [6] but they will in the near future. Like
Fyodor/seclists.org, the law firm and company threatening to sue us over
publishing material hasn't contacted any other site hosting the same
information currently (yes, we've asked). We do know they have sent legal
threats in the past to two other sites who run the same type of resource
[7], both of which instantly caved in and removed the content without
considering the implications (to the integrity of their resource, or the
validity of the legal threat).

I'm definitely not a lawyer, but if a company wants to protect its
interests, doesn't it have to make a marginal effort to contact the
people/sites allegedly infringing upon their rights? Or is that how these
law firms are operating these days? Threaten the first hit on Google, get
them to cave in and then use that action as a basis for claiming your
argument has merit in subsequent legal threats. That is certainly what the
lawyer who contacted us is doing. In his second mail he cites that other
sites have removed the material and so should we. This seems like a vicious
snowball effect that allows a legal firm to systematically threaten and
stifle free speech, regardless of any legal or ethical merit.

jericho
attrition.org

[0] https://lists.grok.org.uk/mailman/listinfo/full-disclosure
[1] 
http://www.google.com/search?q=full+disclosure+mail+list+archive&start=0&ie=
utf-8&oe=utf-8&client=firefox-a&rls=org.mozilla:en-US:official
[2] http://secunia.com/
[3] http://lists.grok.org.uk/pipermail/full-disclosure/
[4] http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0282.html
[5] http://attrition.org/
[6] http://attrition.org/postal/legal.html
[7] http://attrition.org/dataloss/

------ End of Forwarded Message