Quote:
If you hacked joe shmoe, and joe requests the logfile from a proxy that the attacker went through, would it be illegal for the proxy to give up that log?
I'd say it'd depend on how they define their privacy policy. Reality is that if the FBI comes with a warrant only an idiot wanting to get a new roommate called "Bubba" would balk. If an individual requests it, it'd be unlikely if the proxy would respond at all. Joe Shmoe has a better chance if he files a complaint with police and let them take it further with the court system.
Quote:
How can you define what the true intent of a computers use is.....all the admin has to say is that its his personal PC and no one could say other wise.
Uh. No. Companies identify what they own so as to avoid issues of ownership and to enforce security measures. Computers, networks, proprietary information are all property of the company. So an admin cannot just say "it's my personal pc" unless it really is. Intent is a hard thing to prove but it's done all the time in murder cases (Murder in the First degree versus Murder in the Second Degree: the difference? Intent) so it's not that impossible.
Quote:
According to CISSP cert info., honeypots are legal. Honepots are used for enticement, which is not illegal.
Anything used for entrapment, such as a user clicking on a link but actaully downloads illegal software is illegal.
CISSP/ISC(2) is not the law. I think scanning is perfectly legal. Courts in various states might disagree with that. Until it's tested in court, it's still grey area IMHO.
As far as the Entrapment possibility.. Let's remember that Google is so much fun. Let's be clear first what entrapment means.
Quote:
The inducement, by law enforcement officers or their agents, of another person to commit a crime for the purposes of bringing charges for the commission of that artificially-provoked crime. This technique, because it involves abetting the commission of a crime, which is itself a crime, is severely curtailed under the constitutional law of many states.
So unless you are a police officer or a member of some other law enforcement agency, or encouraged by a law enforcement agency, you are NOT committing entrapment if you setup a honeypot and the user chooses to download illegal software or what-have-you.