Confidentiality on Virus Sent Docs?

Sulka writes: "The latest Sircam outbreak has sent me a lot of documents from total strangers I've never heard of before. This led me to wonder what would happen if a trade secret doc from company X was leaked like this to me -- I guess the secret wouldn't be a secret anymore. But what's the legal standing of this? Is a virus sending a document the same as someone sending email accidentally to a wrong address? Could I send a M$ Halloween memo that popped to my address to the press?" I have now recieved 1.1 gigabytes of sircam virus email attachments. I'm just glad I don't pay for my bandwidth per k.

Check out the Trade Secret Basics FAQ

[Tim+Macinta]

There is a FAQ on Trade Secret Basics at nolo.com. In particular, look at the question titled "What rights does the owner of a trade secret have?" I am not a lawyer, but I think it would be reasonable to assume that the SirCam virus would be covered by the line that talks about "people who learn about a trade secret by accident or mistake" (these people are not allowed to divulge the trade secret). So, I am playing it safe with files sent to me as the result of SirCam and just deleting them.

1.1 gigabytes?

[rho]

I have now recieved 1.1 gigabytes of sircam virus email attachments. I'm just glad I don't pay for my bandwidth per k.

You oughta be glad you don't get paid for your procmail skills.

Re:How to open safely?

[Snowfox]

I'm interested in seeing what all these idiots are sending me (call me nosy; I also look at car wrecks when I drive by). What's the safest way to open these attachments on a Windows 98 machine that is not running Outlook?

Save the file on your harddisk, then remove the first 137216 bytes. You need a hex editor to do that.

Only in the World of Windows would adding 137kilo-bloat to a word processor document be considered "stealthy."

If you really want to get nosy

[RGRistroph]

Try searching on gnutella for "resume.doc" or "letter" or ".xls". Apparently many people use gnutella at work and set it to share C:\.

For about a weekend or so it was a sport with me. I downloaded a ton of stuff I am sure was not meant for the public -- there was a breakup letter where the writer stoped midsentence and types "aw fuckit i'll stay with her" (but then for some reason saved the letter ? don't ask me). I also found some business oriented xls files and ppt files. Most interesting was the fact that you could find what I think were people's outlook and eudora mailfiles, those inbox.dbx things. I have no idea how to view those.

Anyway, I got bored and moved on to other shit. The best thing I found was a file called either "private.txt" or "secrete.txt" which looked like the following:

SSN: #########
PIN(ATM): ####
PIN(VISA): ####
WellsFargo: user/passwd
yahoo: user/passwd
(a university student network domain): user/passwd

So I guess this guy decided to consolidate all of his sensitive info into one place, decided to put it on a computer, and then accidently shared it with the whole fucking internet.

I wanted to try the yahoo user/passwd just to see if it was real, but at that point I stopped and thought and decided that actually using the information people were inadvertendly sharing to snoop information they _weren't_ inadvertently sharing was probably where the legal/ethical boundary would be crossed. I never sent email to the yahoo address or the university one because I was afraid of being accused of being a hacker. The sad thing is that my gnutella client automatically moves completed downloads to the shared directory, so it is possible I further shared that file with others before I deleted it.

If there were some way you could filter your gnutella search results on IPs belonging to cable/DSL users in the DC area, or by those belonging to employees of a particular company, etc, then you could really do some damage.

I talked about this with other people and some of them apparently search for the names of .DLL files in various versions of windows, to find a gnutella host sharing everything, and then do the "list all files on this host" thing to look at the user's personal files.

So I guess the moral is, make sure your friends know how to configure their gnutella clients correctly.

IANAL

[Zaphod+B]

...but I *do* get to deal with this on a more-or-less daily basis these days.

According to the lawyer types I work with, it's more or less the same as if a fax went through to the wrong number. They are prohibited from disclosing the information if there is a legal blurb on the bottom of the page or wherever that says so.

I never thought I'd see the day when I'd welcome more legalese on documents... but any sensitive documents should really have that blurb, quoted (well, mostly) here:

The information contained in this document is proprietary and confidential and may not be transmitted to others in any form without the express written consent of $COMPANY. If you have received this document in error, please call $NAME at $PHONE and promptly destroy all copies.

In the case of financial documents, which is what I concern myself with, the use of them for gain is tantamount to insider trading and is a Bad Thing for He Who Gets Caught.

Zaphod B

Hotmail deleted all my mail because of this virus

[cworley]

I was out of town for a week... didn't check my hotmail account.

During that time, my hotmail Inbox filled up with these sorts of messages (large attachements with the text: "I send you this file in order to have your advice").

Once it reached the maximum size for hotmail diskspace, hotmail started automatically deleteing older messages: all the messages in all of my folders had been deleted by the time I checked my hotmail account.

All that was left was spam in my Inbox.

Thanks, Microsoft!

why do people keep doing this?

[egomaniac]

Why do people keep posing technical legal questions to a bunch of geeks, most of whom haven't even graduated from college yet? Is there some secret stash of lawyers on Slashdot that I'm not aware of yet?

Judging from the uninformed comments above, evidently not, but there are a *ton* of clueless idiots who are more than happy to spout off their opinions on a subject they know nothing about. But hey, that's what most Slashdot discussions are anyway.

Trade secrets are covered by a myriad of laws, and you can get in serious trouble for divulging them even if you learned of them by accident. Call a lawyer to find out more details. Slashdot can't provide much help on legal questions, as we've proved over and over and over again...

--- egomaniac

Re:why do people keep doing this?

[Mike1024]

Hey,

Is there some secret stash of lawyers on Slashdot that I'm not aware of yet?

Sure!

CmdrTaco) Hmm... Got another law 'Ask Slashdot' here.
Hemos) Another? What's it about?
JonKatz) It's a case that has the ugliest implications not only for the press (online and off) but for open discussion of technology, and especially for the First Amendment.
CmdrTaco) Some guy wants to know if he can post secret documents he gets e-mailed.
Roblimo) Are you sure we want to post this? Don't you think slashdot is posting too many law-related stories, when there are no lawyers reading? We don't want the site to get boring...
JonKatz) Slashdot is at times witty, imaginative and entertaining, no small accomplishment, especially this summer. It reminds us that when it comes to ominous design and atmosphere, nobody can top CmdrTaco. Where he seems to have trouble is with storytelling.
Hemos) Well, we could just blindly post it... or we might have to break out the.... SECRET STASH OF LAWYERS!
CmdrTaco) Great idea! Where did you leave the lawyers, Cliff?
Cliff) They're in the fridge, behind the Jolt.

I think that's about how it went.

Michael

Encrypted polymorphic viruses and the DMCA

[Fencepost]

Oh my...

Consider a virus writer being caught, then going after the major antivirus software vendors for breaking the encryption on his virus...

-- fencepost

Even if it _is_ illegal...

[mikeage]

...What if some clever virus/worm writer put a click through license. Would that be legal? If so, how much "honesty" (obvious, he wouldn't write "this is a virus") is required to ensure that a victim actually agrees?

On another note... are you saying I can't post those so-called confidential emails between Slashdot and goatse.cx paying for click-throughs?

--

Re:Confidentiality clauses

[regen]

This means, that for anyone to be released from a confidentiality clause, then teh information has to be legally published.

Let us say that Alice and Bob enter into a contract, with a confidentiality clause. Bob's computer is infected with SirCam and it mails the contract to Carl. Carl then publishes the contract in a news paper. Alice may have grounds to sue Bob for breach of contract (Bob's copy was leaked) but doesn't have grounds to sue Carl for a breach since Carl was never a party to the contract.

Now for Bob or Alice to release any information may still be a breach, but Carl can do whatever he wants.

you could go on with this all day...

[kchayer]

If a document is top secret, it shouldnt be stored on a networked computer. If it is stored on a networked computer, then it should be encrypted. problem solved. encrypting important documents should be as important as backing them up.

You shouldn't set your email program to automatically execute attachments...

You shouldn't open attachments from someone you don't know...

Oh wait, you might get the virus from someone you DO know, but you shouldn't open attachments unless you know what they are and were expecting them...

Always use BCC:

Keep your virus definitions up to date...

Keep your programs/operating system/server up to date with the latest patches...

Always backup your data...

You shouldn't be superuser-equivalent unless you need it briefly to change something...

You should choose a password that is not easy to guess...

You should change your password regularly...

You shouldn't use the same password on different systems...

Do not feed the bears...

It could go on and on. Your idea is fine. It represents one of the many things that *should* be done. But who is going to do it? The fact of the matter remains, people won't follow good security practices because it's inconvenient, they don't want to, they don't know about them, or their Aunt Ruth has a beard.

The point of the question above is that when someone receives something confidental, accidentally, the ethical thing to do is to delete it. Who's responsible? Well, the virus writer, if the file was spread as a result of a virus. Sure, the user should have kept his document secure, but he didn't. Are users guilty of violating any of the above policies? Sure. Are sysadmins? Yep. We do it too.

Of course, we need to educate our users and enforce security policies. Saying "this will work; problem solved" isn't sufficient. Proactive education, policies, and enforcement are the answer. Now I've got to get back to work and do it!

"I say consider this day seized!" -Hobbes

Re:Confidentiality clauses

[KarmaBlackballed]

The lawyers out there will know the Latin word (and there is one) but there has to be something received by both parties entering into a contract for that contract to be enforceable in the USA.

You cannot forward a document to a stranger and then legally bind that stranger to behave according to the content of that document. Not in the USA.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~ the real world is much simpler ~~

So...

[cavemanf16]

What you're saying is...

I send this Ask Slashdot to you to get your advice.

Re:How to open safely?

[tlk+nnr]

I'm interested in seeing what all these idiots are sending me (call me nosy; I also look at car wrecks when I drive by). What's the safest way to open these attachments on a Windows 98 machine that is not running Outlook?

Save the file on your harddisk, then remove the first 137216 bytes. You need a hex editor to do that.

Or with Cygwin it's

$dd if=virus.doc.pif of=clean.doc bs=1 skip=137216

Rename it to the actual file type and open it.
Do not double click it, instead open it from the correct app (just in case you didn't remove the virus properly - Word doesn't open windows executables)