Rick Welykochy <[EMAIL PROTECTED]> writes: > Daniel Pittman wrote: > >> Without that commitment you well, eventually, get to join the legions of >> poorly maintained, compromised Linux boxes out there. This hurts >> everyone, but especially you -- potentially legally, certainly in terms >> of a lot of work when your ISP (or the police) call up about all that >> SPAM you have been sending out or those warez you are distributing... > > Are you implying that a zombied box can be a legal liability for > the hapless owner?
Yep. As one example, consider the case of Julie Amero, who was convicted for exposing school age children to pornography because of a compromised PC: http://www.msnbc.msn.com/id/17134607/ Also, consider the handful of cases where people have been arrested for having child pornography on their computers and have offered a defence of their system being compromised. Couple that with the fairly well established (I think) fact that botnet infections are used for a range of illegal activity including hosting child pornography. I can't offer a firm example of a case where there was clear proof of the defence, one way or another, but I could certainly believe it after having to clean up the mess that infection makes of systems -- including Linux servers. Finally, I know of a number of people who have had, professionally, to deal with threats of legal action based on their networks being used for DDoS activity, illegal content distribution and other things that botnets or Linux compromises are abused for. > If that is the case, a heck of a lot of Winders lusers should face the > courts. But I doubt this is the case. They probably should, but this is still an area in infancy. Your legal risks are quite small, because only a tiny fraction of people who suffer (or allow) their machines to be compromised are pursued. You are much more likely to end up having your ISP cut you off -- if you are lucky, only until you clean up your act. Regards, Daniel -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
