Slashdot Mirror

← Back to Stories (view on slashdot.org)

Use a Honeypot, Go to Prison?

Posted by CmdrTaco on from the sticky-situations dept.

scubacuda writes "Using a honeypot to detect and surveil computer intruders might put you on the working end of federal wiretapping beef, or even get you sued by the next hacker that sticks his nose in the trap, according this (old) Security Focus article. Honeypots could be federal criminal law calls "interception of communications", a felony that carries up to five years in prison. Because the Federal Wiretap Act has civil provisions, as well as criminal, there's even a chance that a hacker could file a lawsuit against a honeypot operator that doesn't have their legal ducks in a row. "It would take chutzpah," said Richard Salgado, senior counsel for the Department of Justice's computer crime unit, "But there's a case where an accused kidnapper who was using a cloned cell phone sued for the interception of the cell phone conversations... And he won.""

7 of 298 comments (clear)

  1. Err... by .com+b4+.storm · · Score: 5, Insightful

    If it's YOUR system, then how are you "intercepting" anything? If someone tries to crack into a system that is yours, then who cares if it is a honeypot or not? This is like a burglar suing a homeowner because he cut himself on a knife he was stealing along with the rest of their silverware...

    --
    "Wow, you're like some kind of superhero able to ward off happiness and success at every turn."
    -- Ryan Stiles
    1. Re:Err... by antis0c · · Score: 4, Insightful

      Lets not forget the man who successfully sued a car owner for driving over his hand as he was trying to steal his hub caps.

      I think it's fucked up myself too. Sure if someone is entering my house, I can shoot them. But by God if they cut themselves on a steak knife I left out I might be liable for thousands.

      Oh well, in the larger scheme of things our legal system is still new. It will take a while for stuff like this to get sorted out.

      --

      ..There's a-dooin's a-transpirin'
  2. It looks to me... by zutroy · · Score: 4, Insightful

    ...like the article is actually saying that you could be sued if a hacker used your honeypot machine to hack into another machine that's not on your network. The argument is that you set up a machine to be hacked, and it got hacked, and was then used to hack others...kind of like saying that you've become an accomplice in hacking. So the lesson is to secure your honeypot machine, so it can't be used for evil.

  3. Re:oh no! by I8TheWorm · · Score: 5, Insightful

    Does this mean I'll have to turn off my server logging, since it could quite possibly "monitor" an intruder?

    --
    Saying Android is a family of phones is akin to saying Linux is a family of PCs.
  4. Honey pots by Nonillion · · Score: 4, Insightful

    This just goes to show just how low spamers are willing to sink. I have been hosting my own mail server for several years now because it's the ONLY way for me to combat unwanted e-mail. If some worthless spamer is going to wine about a honey pot or my server rejecting his/her e-mail I say TOUGH FUCKING SHIT! It's MY machine, MY bandwidth, MY rules... period. If I want viagra, penis/breast enlargements, debt consolidation, loans re-financed or hot asian chicks I'll seek you out myself..

    >SELECT * FROM spamers WHERE clue > 0
    >0 rows returned

    --
    "I bow to no man" - Riddick
  5. A Modest Proposal by dolbywan_kenobi · · Score: 5, Insightful

    Perhaps this is a wake-up call for us computer users here in the USA. Who really speaks for computer users here? What we need IMO is an NRA equivalent to represent the interests of computer users, of people who are interested in fair-use issues, reasonable intellectual property laws and accountability of elected representatives. Interest groups like the NRA and AARP have shown that Congress-people do listen when people organize.

  6. This is silly... by anubis · · Score: 4, Insightful

    This is just silly. An illegal wiretap is intercepting a communication between two computer/people/objects without either 1.) the permission of one party, 2.) a court order. If you are a party to the communication (i.e. the honeypot) you are intercepting communications to and from your own machine. Seems like there are bigger things to be worried about.