SlideShare una empresa de Scribd logo
1 de 42
Descargar para leer sin conexión
Code Plagiarism
Technical Detection and Legal Prosecution

        Marc Ruef | Luca Dal Molin




                       Security & Risk Conference
                       October 26th - 29th 2011
                       Lucerne, Switzerland
Agenda | Code Plagiarism – Detect & Prosecute         Intro
                                                        Who?
1. Intro                                                What?
                                                      ATK Case
   Introduction                              2 min
                                                        How it began
   What is Code Plagiarism                   3 min      Technical Analysis
2. ATK Case                                             Legal Problems
   How it all began                           5 min     Media Rampage
                                                        Additional Details
   Technical Analysis                        10 min
                                                      Outro
   Legal Problems                            10 min     Summary
   Media Rampage                             10 min     Questions
   Additional Details                         5 min
4. Outro
   Summary                                   2 min
   Questions                                 3 min




                             Hashdays 2011                               2/42
Introduction | Who is Marc                                          Intro
                                                                      Who?
                                                                      What?
Name              Marc Ruef
                                                                    ATK Case
Job               Co-Owner / CTO, scip AG, Zürich                     How it began
                                                                      Technical Analysis
Private Website   http://www.computec.ch                              Legal Problems
Last Book         „The Art of Penetration Testing―,                   Media Rampage

                  Computer & Literatur Böblingen,                     Additional Details
                                                                    Outro
                  ISBN 3-936546-49-5
                                                                      Summary
                                                                      Questions




                                                      Translation
                                  Hashdays 2011                                        3/42
Introduction | Who is Luca                        Intro
                                                    Who?
                                                    What?
Name            Luca Dal Molin
                                                  ATK Case
Job             Associate at Homburger AG           How it began

                Member of Practice Team ―IP|IT‖     Technical Analysis
                                                    Legal Problems
Corp. Website   http://www.homburger.ch             Media Rampage
                                                    Additional Details
                                                  Outro
                                                    Summary
                                                    Questions




                                 Hashdays 2011                       4/42
Introduction | What is Code Plagiarism                   Intro
                                                           Who?
                                                           What?
                                                         ATK Case
                                                           How it began
                                                           Technical Analysis
                                                           Legal Problems

“The practice of taking someone else’s work or ideas       Media Rampage
                                                           Additional Details
and passing them off as one’s own.”                      Outro
                                                           Summary
                                                           Questions
                            Oxford English Dictionary,
   http://oxforddictionaries.com/definition/plagiarism




                               Hashdays 2011                                5/42
ATK Case | Once upon a time ...            Intro
                                             Who?
                                             What?
                                           ATK Case
                                             How it began
                                             Technical Analysis
                                             Legal Problems
                                             Media Rampage
                                             Additional Details
                                           Outro
                                             Summary
                                             Questions




                           Hashdays 2011                      6/42
There was an idea ...




                        Intro
                          Who?
                          What?
                        ATK Case
                          How it began
                          Technical Analysis
                          Legal Problems
                          Media Rampage
                          Additional Details
                        Outro
                          Summary
                          Questions
... to help me exploit vulnerabilities.




                                          Intro
                                            Who?
                                            What?
                                          ATK Case
                                            How it began
                                            Technical Analysis
                                            Legal Problems
                                            Media Rampage
                                            Additional Details
                                          Outro
                                            Summary
                                            Questions
And the Attack Tool Kit was born!




                                    Intro
                                      Who?
                                      What?
                                    ATK Case
                                      How it began
                                      Technical Analysis
                                      Legal Problems
                                      Media Rampage
                                      Additional Details
                                    Outro
                                      Summary
                                      Questions
The ATK became pretty popular :)




                                   Intro
                                     Who?
                                     What?
                                   ATK Case
                                     How it began
                                     Technical Analysis
                                     Legal Problems
                                     Media Rampage
                                     Additional Details
                                   Outro
                                     Summary
                                     Questions
One day I received an email from a friend ...




                                                Intro
                                                  Who?
                                                  What?
                                                ATK Case
                                                  How it began
                                                  Technical Analysis
                                                  Legal Problems
                                                  Media Rampage
                                                  Additional Details
                                                Outro
                                                  Summary
                                                  Questions
So I downloaded the scanner and took a look ... wtf?!




                                                        Intro
                                                          Who?
                                                          What?
                                                        ATK Case
                                                          How it began
                                                          Technical Analysis
                                                          Legal Problems
                                                          Media Rampage
                                                          Additional Details
                                                        Outro
                                                          Summary
                                                          Questions
I have sent a letter to them to request to obey Copyright + GPL




                                                     Intro
                                                       Who?
                                                       What?
                                                     ATK Case
                                                       How it began
                                                       Technical Analysis
                                                       Legal Problems
                                                       Media Rampage
                                                       Additional Details
                                                     Outro
                                                       Summary
                                                       Questions
They said: «We can’t see your problem. Please go away!»




                                                   Intro
                                                     Who?
                                                     What?
                                                   ATK Case
                                                     How it began
                                                     Technical Analysis
                                                     Legal Problems
                                                     Media Rampage
                                                     Additional Details
                                                   Outro
                                                     Summary
                                                     Questions
I said: «No, please, be kind ...»




                                    Intro
                                      Who?
                                      What?
                                    ATK Case
                                      How it began
                                      Technical Analysis
                                      Legal Problems
                                      Media Rampage
                                      Additional Details
                                    Outro
                                      Summary
                                      Questions
They said: «F—k off, we really don’t care. Really!»




                                                      Intro
                                                        Who?
                                                        What?
                                                      ATK Case
                                                        How it began
                                                        Technical Analysis
                                                        Legal Problems
                                                        Media Rampage
                                                        Additional Details
                                                      Outro
                                                        Summary
                                                        Questions
Technical Analysis | Source Code Analysis                       Intro
                                                                  Who?
                                                                  What?
◦   Strings                                                     ATK Case
    ◦   Names, Title                                              How it began

    ◦   Copyright                                                 Technical Analysis
                                                                  Legal Problems
◦   Names                                                         Media Rampage
    ◦   Variables, Constants                                      Additional Details
                                                                Outro
    ◦   Functions, Methods, Classes                               Summary
    ◦   Objects, Elements                                         Questions

◦   Structures
    ◦   Programming Style (indentation, vertical alignment)
    ◦   Conditional Statements (if, for, until, switch, goto)
    ◦   Pattern, Regex
    ◦   Dataflow

                                      Hashdays 2011                              17/42
I need solid proof. Some reversing helps ...




                                               Intro
                                                 Who?
                                                 What?
                                               ATK Case
                                                 How it began
                                                 Technical Analysis
                                                 Legal Problems
                                                 Media Rampage
                                                 Additional Details
                                               Outro
                                                 Summary
                                                 Questions
Plagiarism has some pitfalls ...

◦   Some original plugins were using arbitrary strings for requests and
    pattern matching. Therefore the string «atk» was part of many plugins
    in the original software. It made it also into their product (see
    screenshot). [12 plugins affected]
◦   Some plugins were realizing outbound tests. I have used a small
                                                            Intro

    daemon on my website www.computec.ch to determine the success.
                                                              Who?
                                                              What?
    So did they. [1 plugin affected]                        ATK Case
                                                                    How it began
◦   Some plugins were using arbitrary dates/numbers too. Whenever
                                                             Technical Analysis
    possible I have used my birthday 11-02-1981. It made it also Problems
                                                             Legal into

    their product. [2 plugins affected]                      Media Rampage
                                                                    Additional Details
◦   Some plugins included typos and minor errors. Those made it also into
                                                          Outro

    their product. [5 plugins affected]                    Summary
                                                                    Questions
... so I gave them a last chance ...




                                       Intro
                                         Who?
                                         What?
                                       ATK Case
                                         How it began
                                         Technical Analysis
                                         Legal Problems
                                         Media Rampage
                                         Additional Details
                                       Outro
                                         Summary
                                         Questions
... which they ignored. But tried to cover up :)

◦   Some plugins were altered to hide the obvious – Especially within the
    new release after my technical letter.
◦   Those changes usually destroyed the purpose of the code and
    rendered the checks useless! For example:
                                                             Intro
    ◦ The exfiltration tests were always negative if their website wasn’t
                                                               Who?
      hosting my daemon (which was not part of the ATK package) [3
                                                               What?

      plugins affected]                                      ATK Case
                                                               How it began
                                                               Technical Analysis
                                                               Legal Problems
                                                               Media Rampage
                                                               Additional Details
                                                             Outro
                                                               Summary
                                                               Questions
Legal Problems | Threshold for Copyright                            Intro
                                                                      Who?
                                                                      What?
◦   Article 2 of the Swiss Copyright Act:                           ATK Case
     1. Works shall mean literary and artistic creations of the       How it began
        mind, irrespective of their value or purpose, that            Technical Analysis
        possess an individual nature.                                 Legal Problems
                                                                      Media Rampage
     2. […]                                                           Additional Details
     3. Computer programs shall also be deemed works.               Outro

     4. Protection shall also subsist in drafts, titles and parts     Summary
                                                                      Questions
        of works on condition that they are creations of the
        mind with an individual nature.
◦   Key elements of the definition:
     ◦   Creation of the mind
     ◦   Individuality


                                     Hashdays 2011                                   22/42
Legal Problems | Threshold for Copyright                      Intro
                                                                Who?
                                                                What?
◦   Software:                                                 ATK Case
    ◦   Idea | plan                                             How it began

    ◦   Object code | source code                               Technical Analysis
                                                                Legal Problems
◦   Case law (decision of the Zurich Court of Appeals,          Media Rampage
    sic! 2009, p. 230):                                         Additional Details
                                                              Outro
    ◦   Very low threshold in terms of individuality
                                                                Summary
    ◦   Exclusion of banal or trivial software                  Questions

◦   Consequence:
    ◦   As a matter of principle, software is generally
        protected by the Copyright Act
    ◦   Copyright protection is denied with regard to banal
        software


                                     Hashdays 2011                             23/42
Legal Problems | Other Possible Protection    Intro
                                                Who?
                                                What?
◦   Patent law?                               ATK Case
◦   Brand | design?                             How it began
                                                Technical Analysis
◦   Unfair Competition Act?                     Legal Problems
                                                Media Rampage
                                                Additional Details
                                              Outro
                                                Summary
                                                Questions




                              Hashdays 2011                    24/42
My options were: No. 1 – Legal Prosecution

◦   Had contact with differend lawyers from different countries
    (Switzerland, Germany, USA)
◦   Had contact with Free Software Foundation (FSF)
◦   There were multiple difficulties:                             Intro

     ◦ Such a legal case in Switzerland was «unique» until then
                                                              Who?
                                                                    What?

     ◦ My legal insurance wasn’t covering «copyright violations» (no legal
                                                             ATK Case
                                                               How it began
       insurance in Switzerland was/is)                        Technical Analysis

     ◦ It would cost me a not definable amount of money to prosecute
                                                            Legal Problems
                                                                    Media Rampage

     ◦ The chances were zero to gain indemnity (because I distributed
                                                              Additional Details
                                                             Outro
       the ATK for «free» and therefore had no calculable lossSummary
                                                                of income).
                                                                    Questions
     ◦ Within a trial I would have lost money anyway (that’s not my idea
       of an open-source project).
     ◦ Because I have waited a long time, I wasn’t able to enforce
       «immediate legal actions» anymore.
My options were: No. 2 – Media Rampage :)

◦   For me it wasn’t about the money. It was about law and justice ... and
    for the lulz!!1
◦   I started to prepare a broad media offensive.

                                                             Intro
                                                               Who?
                                                               What?
                                                             ATK Case
                                                               How it began
                                                               Technical Analysis
                                                               Legal Problems
                                                               Media Rampage
                                                               Additional Details
                                                             Outro
                                                               Summary
                                                               Questions
If I don’t get enough attention, then I may go public!




                                                         Intro
                                                           Who?
                                                           What?
                                                         ATK Case
                                                           How it began
                                                           Technical Analysis
                                                           Legal Problems
                                                           Media Rampage
                                                           Additional Details
                                                         Outro
                                                           Summary
                                                           Questions
But who did it?




                  Intro
                    Who?
                    What?
                  ATK Case
                    How it began
                    Technical Analysis
                    Legal Problems
                    Media Rampage
                    Additional Details
                  Outro
                    Summary
                    Questions
I tried to contact my «old friend» ... But he ignored me :(




                                                       Intro
                                                         Who?
                                                         What?
                                                       ATK Case
                                                         How it began
                                                         Technical Analysis
                                                         Legal Problems
                                                         Media Rampage
                                                         Additional Details
                                                       Outro
                                                         Summary
                                                         Questions
But wait? I know him and own his code too! :)




                                                Intro
                                                  Who?
                                                  What?
                                                ATK Case
                                                  How it began
                                                  Technical Analysis
                                                  Legal Problems
                                                  Media Rampage
                                                  Additional Details
                                                Outro
                                                  Summary
                                                  Questions
Then they claimed that I was lying. (I didn’t like that!)




                                                            Intro
                                                              Who?
                                                              What?
                                                            ATK Case
                                                              How it began
                                                              Technical Analysis
                                                              Legal Problems
                                                              Media Rampage
                                                              Additional Details
                                                            Outro
                                                              Summary
                                                              Questions
By accident I’ve got access to their «expert opinion» ...




                                                        Intro
                                                            Who?
                                                            What?
                                                        ATK Case
                                                            How it began
                                                            Technical Analysis
                                                            Legal Problems
                                                            Media Rampage
                                                            Additional Details
                                                        Outro
                                                            Summary
                                                            Questions
Evidence admitted in court                                Intro
                                                            Who?
                                                            What?
◦   How does a court establish whether a violation of a   ATK Case
    copyright has occurred?                                 How it began
    ◦   Expert opinion                                      Technical Analysis
                                                            Legal Problems
    ◦   Value of a private expert opinion?                  Media Rampage
◦   What will the expert analyze:                           Additional Details
                                                          Outro
    ◦   Description of the software | plan?
                                                            Summary
    ◦   Functionalities?                                    Questions

    ◦   Source Code?
    ◦   Object Code?




                                    Hashdays 2011                          33/42
I’m sorry, not everyone is an «expert»!

◦   There is a list of funny typos (e.g. «exploits» became «exploids»).
    (pp. 12)     He might not be a language expert (there are many
    typos).
◦   He did compare the compiled software and not the source-code. (pp.
    10)    Not a brilliant approach to comment on a «code theft
                                                            Intro

    accusation».                                              Who?
                                                                       What?

◦   His argument why «to borrow» my code is legitimate was, that I have
                                                                ATK Case
                                                                  How it began
    mentioned GPL just somewhere «hard to find». The project was Analysis
                                                                  Technical
    therefore «open-source» and I have lost all my rights. (pp.Legal Problems
                                                                    4)        This
    conclusion is just plain stupid. You don’t lose copyrights byMedia Rampage
                                                                   publishing
    the source code!                                              Additional Details
                                                                Outro

◦   On some pages he disapproved that those were the same plugins. On
                                                             Summary
                                                             Questions
    others he argued that the match might by «just by accident». (pp. 4,
    9, 12, 15)   Yeah sure, 380 plugins with the exact same 1.716
    commands are just magical coincidence!
◦   The «expert opinion» contained a copy of the WikiPedia page about
    «General Public License». (pp. 22-26)   Some say WP and Expert
    can’t be mentioned within the same sentence ;)
Details | Particularities OSS and GPL                           Intro
                                                                  Who?
                                                                  What?
◦   Copyright protection of OSS in general                      ATK Case
◦   With regard to GPL in particular:                             How it began
                                                                  Technical Analysis
    ◦   How to validly include GPL when distributing software
                                                                  Legal Problems
    ◦   Rights and obligations of the licensor                    Media Rampage
    ◦   Rights and obligations of the licensee                    Additional Details
                                                                Outro
    ◦   Copyleft                                                  Summary
    ◦   Auto-termination in case of violations                    Questions

◦   Differences Copyright Act | GPL




                                    Hashdays 2011                                35/42
Details | What should Marc have done?           Intro
                                                  Who?
                                                  What?
◦   With regard to the inclusion of GPL?        ATK Case
◦   Act quickly!                                  How it began
                                                  Technical Analysis
◦   Act decisively!                               Legal Problems
◦   Safeguard potential evidence                  Media Rampage
                                                  Additional Details
                                                Outro
                                                  Summary
                                                  Questions




                                Hashdays 2011                    36/42
One more thing ...

◦   In version 1.8 they fragged their http engine. Because all http
    requests missed proper CRLF at the end, the http checks were
    rendered useless.     100% false-negatives!
◦   The «stresstest module» didn’t work if the http:// was missing in the
    target definition (which was no requirement and did not show a
                                                             Intro

    warning message).      100% false-negatives!               Who?
                                                                     What?

◦   The «webspider module» wasn’t able to collect file and path Case
                                                              ATK
                                                                   names
                                                                How it began
    which start with a dot. Have fun testing .htaccess files!  More false-
                                                                Technical Analysis
    negatives!                                                  Legal Problems
                                                                     Media Rampage
◦   The «lan viewer module» did freeze the whole application if you Details
                                                              Additional
    clicked onto something during discovery mode.   Denial of Service
                                                            Outro
                                                                     Summary
◦   The «port scan module» did a full-connect without a timeout to every
                                                                 Questions

    open destination port. Http services lead to denial of service. But
    chargen lead to memory corruption and code execution         Pwnd by
    your target!
Summary                                                         Intro
                                                                  Who?
                                                                  What?
◦   Legal prosecution is not easy.
                                                                ATK Case
◦   Act quickly and take a good lawyer! #lfmf                     How it began
◦   Licenses and copyrights aren’t the same. You don’t lose a     Technical Analysis

    copyright by publishing the source code.                      Legal Problems
                                                                  Media Rampage
◦   Fight for your right as long as you’re sure about it.         Additional Details
                                                                Outro
                                                                  Summary
                                                                  Questions




                                    Hashdays 2011                                38/42
Literature                                               Intro
                                                           Who?

◦   ATK vs.                                            What?
                                                         ATK Case
    ◦   ATK Project gegen     (2006),      How it began
        http://www.computec.ch/news.php?item.117           Technical Analysis
                                                           Legal Problems
    ◦   ATK gegen , Teil 2: Rückzug? (2006),
                                                           Media Rampage
        http://www.computec.ch/news.php?item.120           Additional Details
    ◦   ATK gegen , Teil 3: Siege und Niederlagen,   Outro
        http://www.computec.ch/news.php?item.126           Summary
                                                           Questions
    ◦   ATK gegen  - Technische Beweisführung
        (2007),
        http://www.computec.ch/download.php?view.889




                                Hashdays 2011                             39/42
Questions                   Intro
                              Who?
                              What?
                            ATK Case
                              How it began
                              Technical Analysis
                              Legal Problems
                              Media Rampage
                              Additional Details
                            Outro
                              Summary
                              Questions




            Hashdays 2011                    40/42
Thank you for your Attention!                   Intro
                                                  Who?
                                                  What?
Homburger AG
                                                ATK Case
Prime Tower                                       How it began
Hardstrasse 201                                   Technical Analysis
                                                  Legal Problems
CH-8005 Zurich
                                                  Media Rampage
                                                  Additional Details

Tel     +41 43 222 10 00                        Outro
                                                  Summary
Fax     +41 43 222 15 00                          Questions
Mail    luca.dalmolin@homburger.ch
Web     http://www.homburger.ch




                                Hashdays 2011                    41/42
Security is our Business!                             Intro
                                                        Who?
                                                        What?
scip AG
                                                      ATK Case
Badenerstrasse 551                                      How it began
CH-8048 Zürich                                          Technical Analysis
                                                        Legal Problems
                                                        Media Rampage
Tel       +41 44 404 13 13                              Additional Details

Fax       +41 44 404 13 14                            Outro
                                                        Summary
Mail      info@scip.ch                                  Questions
Web       http://www.scip.ch
Twitter   http://twitter.com/scipag

 Strategy      | Consulting
 Auditing      | Testing
 Forensics     | Analysis
                                      Hashdays 2011                    42/42

Más contenido relacionado

Destacado

T. Egervary Resume
T.  Egervary ResumeT.  Egervary Resume
T. Egervary Resumetegervary
 
Modulo SEO SEM. Prof. Juan Manuel Rodriguez Casal. Fecha: 19/05
Modulo SEO SEM. Prof. Juan Manuel Rodriguez Casal. Fecha: 19/05Modulo SEO SEM. Prof. Juan Manuel Rodriguez Casal. Fecha: 19/05
Modulo SEO SEM. Prof. Juan Manuel Rodriguez Casal. Fecha: 19/05emBlue Email Marketing @embluemail
 
Marrow: A Meta-Framework for Python 2.6+ and 3.1+
Marrow: A Meta-Framework for Python 2.6+ and 3.1+Marrow: A Meta-Framework for Python 2.6+ and 3.1+
Marrow: A Meta-Framework for Python 2.6+ and 3.1+ConFoo
 
SERVICIO DE SOPORTE TÉCNICO EN HARDWARE Y SOFTWARE DE EQUIPOS DE COMPUTO Y RE...
SERVICIO DE SOPORTE TÉCNICO EN HARDWARE Y SOFTWARE DE EQUIPOS DE COMPUTO Y RE...SERVICIO DE SOPORTE TÉCNICO EN HARDWARE Y SOFTWARE DE EQUIPOS DE COMPUTO Y RE...
SERVICIO DE SOPORTE TÉCNICO EN HARDWARE Y SOFTWARE DE EQUIPOS DE COMPUTO Y RE...DaniiCerro
 
Seguridad y Control de Acceso en una instalación Citrix
Seguridad y Control de Acceso en una instalación CitrixSeguridad y Control de Acceso en una instalación Citrix
Seguridad y Control de Acceso en una instalación CitrixJoaquin Herrero
 
cad-power-brochure
cad-power-brochurecad-power-brochure
cad-power-brochureSandy .
 
Audioclub Connect - Social Media Strategy
Audioclub Connect - Social Media StrategyAudioclub Connect - Social Media Strategy
Audioclub Connect - Social Media StrategyArmando Giorgi
 
Marketing Retail
Marketing RetailMarketing Retail
Marketing RetailUnasaMK1
 
Aplicación práctica de las normas BPPF en la farmacia oficinal
Aplicación práctica de las normas BPPF en la farmacia oficinalAplicación práctica de las normas BPPF en la farmacia oficinal
Aplicación práctica de las normas BPPF en la farmacia oficinalColfarma Para Todos
 
Tutorial Moodle Estudiantes
Tutorial Moodle EstudiantesTutorial Moodle Estudiantes
Tutorial Moodle EstudiantesRosana Torres
 
Chapter 14 solutions_to_exercises(engineering circuit analysis 7th)
Chapter 14 solutions_to_exercises(engineering circuit analysis 7th)Chapter 14 solutions_to_exercises(engineering circuit analysis 7th)
Chapter 14 solutions_to_exercises(engineering circuit analysis 7th)Maamoun Hennache
 

Destacado (19)

nc_lookbook_20pgs (2)
nc_lookbook_20pgs (2)nc_lookbook_20pgs (2)
nc_lookbook_20pgs (2)
 
T. Egervary Resume
T.  Egervary ResumeT.  Egervary Resume
T. Egervary Resume
 
Modulo SEO SEM. Prof. Juan Manuel Rodriguez Casal. Fecha: 19/05
Modulo SEO SEM. Prof. Juan Manuel Rodriguez Casal. Fecha: 19/05Modulo SEO SEM. Prof. Juan Manuel Rodriguez Casal. Fecha: 19/05
Modulo SEO SEM. Prof. Juan Manuel Rodriguez Casal. Fecha: 19/05
 
Marrow: A Meta-Framework for Python 2.6+ and 3.1+
Marrow: A Meta-Framework for Python 2.6+ and 3.1+Marrow: A Meta-Framework for Python 2.6+ and 3.1+
Marrow: A Meta-Framework for Python 2.6+ and 3.1+
 
Flickr y picasa
Flickr y picasa Flickr y picasa
Flickr y picasa
 
ANUNCIO SOBRE EL ABORTO
ANUNCIO SOBRE EL ABORTOANUNCIO SOBRE EL ABORTO
ANUNCIO SOBRE EL ABORTO
 
Plan Global de Lenguaje I - LEN 100. 2016
Plan Global de Lenguaje I - LEN 100. 2016Plan Global de Lenguaje I - LEN 100. 2016
Plan Global de Lenguaje I - LEN 100. 2016
 
SERVICIO DE SOPORTE TÉCNICO EN HARDWARE Y SOFTWARE DE EQUIPOS DE COMPUTO Y RE...
SERVICIO DE SOPORTE TÉCNICO EN HARDWARE Y SOFTWARE DE EQUIPOS DE COMPUTO Y RE...SERVICIO DE SOPORTE TÉCNICO EN HARDWARE Y SOFTWARE DE EQUIPOS DE COMPUTO Y RE...
SERVICIO DE SOPORTE TÉCNICO EN HARDWARE Y SOFTWARE DE EQUIPOS DE COMPUTO Y RE...
 
Seguridad y Control de Acceso en una instalación Citrix
Seguridad y Control de Acceso en una instalación CitrixSeguridad y Control de Acceso en una instalación Citrix
Seguridad y Control de Acceso en una instalación Citrix
 
Fregadero Teka BE LINEA R0 72.40
Fregadero Teka BE LINEA R0 72.40Fregadero Teka BE LINEA R0 72.40
Fregadero Teka BE LINEA R0 72.40
 
Revista Ruta 3
Revista Ruta 3Revista Ruta 3
Revista Ruta 3
 
cad-power-brochure
cad-power-brochurecad-power-brochure
cad-power-brochure
 
Audioclub Connect - Social Media Strategy
Audioclub Connect - Social Media StrategyAudioclub Connect - Social Media Strategy
Audioclub Connect - Social Media Strategy
 
Marketing Retail
Marketing RetailMarketing Retail
Marketing Retail
 
BFT
BFTBFT
BFT
 
Aplicación práctica de las normas BPPF en la farmacia oficinal
Aplicación práctica de las normas BPPF en la farmacia oficinalAplicación práctica de las normas BPPF en la farmacia oficinal
Aplicación práctica de las normas BPPF en la farmacia oficinal
 
Tutorial Moodle Estudiantes
Tutorial Moodle EstudiantesTutorial Moodle Estudiantes
Tutorial Moodle Estudiantes
 
IGV
IGVIGV
IGV
 
Chapter 14 solutions_to_exercises(engineering circuit analysis 7th)
Chapter 14 solutions_to_exercises(engineering circuit analysis 7th)Chapter 14 solutions_to_exercises(engineering circuit analysis 7th)
Chapter 14 solutions_to_exercises(engineering circuit analysis 7th)
 

Más de Marc Ruef

Source Code Analyse - Ein praktikabler Ansatz
Source Code Analyse - Ein praktikabler AnsatzSource Code Analyse - Ein praktikabler Ansatz
Source Code Analyse - Ein praktikabler AnsatzMarc Ruef
 
Adventures in a Decade of Tracking and Consolidating Security Vulnerabilities
Adventures in a Decade of Tracking and Consolidating Security VulnerabilitiesAdventures in a Decade of Tracking and Consolidating Security Vulnerabilities
Adventures in a Decade of Tracking and Consolidating Security VulnerabilitiesMarc Ruef
 
Firewall Rule Review and Modelling
Firewall Rule Review and ModellingFirewall Rule Review and Modelling
Firewall Rule Review and ModellingMarc Ruef
 
Cloud Computing - Risiken und Massnahmen
Cloud Computing - Risiken und MassnahmenCloud Computing - Risiken und Massnahmen
Cloud Computing - Risiken und MassnahmenMarc Ruef
 
Einführung POLYCOM
Einführung POLYCOMEinführung POLYCOM
Einführung POLYCOMMarc Ruef
 
Lehrgang Computersicherheit
Lehrgang ComputersicherheitLehrgang Computersicherheit
Lehrgang ComputersicherheitMarc Ruef
 
Security Scanner Design am Beispiel von httprecon
Security Scanner Design am Beispiel von httpreconSecurity Scanner Design am Beispiel von httprecon
Security Scanner Design am Beispiel von httpreconMarc Ruef
 

Más de Marc Ruef (7)

Source Code Analyse - Ein praktikabler Ansatz
Source Code Analyse - Ein praktikabler AnsatzSource Code Analyse - Ein praktikabler Ansatz
Source Code Analyse - Ein praktikabler Ansatz
 
Adventures in a Decade of Tracking and Consolidating Security Vulnerabilities
Adventures in a Decade of Tracking and Consolidating Security VulnerabilitiesAdventures in a Decade of Tracking and Consolidating Security Vulnerabilities
Adventures in a Decade of Tracking and Consolidating Security Vulnerabilities
 
Firewall Rule Review and Modelling
Firewall Rule Review and ModellingFirewall Rule Review and Modelling
Firewall Rule Review and Modelling
 
Cloud Computing - Risiken und Massnahmen
Cloud Computing - Risiken und MassnahmenCloud Computing - Risiken und Massnahmen
Cloud Computing - Risiken und Massnahmen
 
Einführung POLYCOM
Einführung POLYCOMEinführung POLYCOM
Einführung POLYCOM
 
Lehrgang Computersicherheit
Lehrgang ComputersicherheitLehrgang Computersicherheit
Lehrgang Computersicherheit
 
Security Scanner Design am Beispiel von httprecon
Security Scanner Design am Beispiel von httpreconSecurity Scanner Design am Beispiel von httprecon
Security Scanner Design am Beispiel von httprecon
 

Último

20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 

Último (20)

20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 

Code Plagiarism - Technical Detection and Legal Prosecution

  • 1. Code Plagiarism Technical Detection and Legal Prosecution Marc Ruef | Luca Dal Molin Security & Risk Conference October 26th - 29th 2011 Lucerne, Switzerland
  • 2. Agenda | Code Plagiarism – Detect & Prosecute Intro Who? 1. Intro What? ATK Case Introduction 2 min How it began What is Code Plagiarism 3 min Technical Analysis 2. ATK Case Legal Problems How it all began 5 min Media Rampage Additional Details Technical Analysis 10 min Outro Legal Problems 10 min Summary Media Rampage 10 min Questions Additional Details 5 min 4. Outro Summary 2 min Questions 3 min Hashdays 2011 2/42
  • 3. Introduction | Who is Marc Intro Who? What? Name Marc Ruef ATK Case Job Co-Owner / CTO, scip AG, Zürich How it began Technical Analysis Private Website http://www.computec.ch Legal Problems Last Book „The Art of Penetration Testing―, Media Rampage Computer & Literatur Böblingen, Additional Details Outro ISBN 3-936546-49-5 Summary Questions Translation Hashdays 2011 3/42
  • 4. Introduction | Who is Luca Intro Who? What? Name Luca Dal Molin ATK Case Job Associate at Homburger AG How it began Member of Practice Team ―IP|IT‖ Technical Analysis Legal Problems Corp. Website http://www.homburger.ch Media Rampage Additional Details Outro Summary Questions Hashdays 2011 4/42
  • 5. Introduction | What is Code Plagiarism Intro Who? What? ATK Case How it began Technical Analysis Legal Problems “The practice of taking someone else’s work or ideas Media Rampage Additional Details and passing them off as one’s own.” Outro Summary Questions Oxford English Dictionary, http://oxforddictionaries.com/definition/plagiarism Hashdays 2011 5/42
  • 6. ATK Case | Once upon a time ... Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions Hashdays 2011 6/42
  • 7. There was an idea ... Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 8. ... to help me exploit vulnerabilities. Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 9. And the Attack Tool Kit was born! Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 10. The ATK became pretty popular :) Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 11. One day I received an email from a friend ... Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 12. So I downloaded the scanner and took a look ... wtf?! Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 13. I have sent a letter to them to request to obey Copyright + GPL Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 14. They said: «We can’t see your problem. Please go away!» Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 15. I said: «No, please, be kind ...» Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 16. They said: «F—k off, we really don’t care. Really!» Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 17. Technical Analysis | Source Code Analysis Intro Who? What? ◦ Strings ATK Case ◦ Names, Title How it began ◦ Copyright Technical Analysis Legal Problems ◦ Names Media Rampage ◦ Variables, Constants Additional Details Outro ◦ Functions, Methods, Classes Summary ◦ Objects, Elements Questions ◦ Structures ◦ Programming Style (indentation, vertical alignment) ◦ Conditional Statements (if, for, until, switch, goto) ◦ Pattern, Regex ◦ Dataflow Hashdays 2011 17/42
  • 18. I need solid proof. Some reversing helps ... Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 19. Plagiarism has some pitfalls ... ◦ Some original plugins were using arbitrary strings for requests and pattern matching. Therefore the string «atk» was part of many plugins in the original software. It made it also into their product (see screenshot). [12 plugins affected] ◦ Some plugins were realizing outbound tests. I have used a small Intro daemon on my website www.computec.ch to determine the success. Who? What? So did they. [1 plugin affected] ATK Case How it began ◦ Some plugins were using arbitrary dates/numbers too. Whenever Technical Analysis possible I have used my birthday 11-02-1981. It made it also Problems Legal into their product. [2 plugins affected] Media Rampage Additional Details ◦ Some plugins included typos and minor errors. Those made it also into Outro their product. [5 plugins affected] Summary Questions
  • 20. ... so I gave them a last chance ... Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 21. ... which they ignored. But tried to cover up :) ◦ Some plugins were altered to hide the obvious – Especially within the new release after my technical letter. ◦ Those changes usually destroyed the purpose of the code and rendered the checks useless! For example: Intro ◦ The exfiltration tests were always negative if their website wasn’t Who? hosting my daemon (which was not part of the ATK package) [3 What? plugins affected] ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 22. Legal Problems | Threshold for Copyright Intro Who? What? ◦ Article 2 of the Swiss Copyright Act: ATK Case 1. Works shall mean literary and artistic creations of the How it began mind, irrespective of their value or purpose, that Technical Analysis possess an individual nature. Legal Problems Media Rampage 2. […] Additional Details 3. Computer programs shall also be deemed works. Outro 4. Protection shall also subsist in drafts, titles and parts Summary Questions of works on condition that they are creations of the mind with an individual nature. ◦ Key elements of the definition: ◦ Creation of the mind ◦ Individuality Hashdays 2011 22/42
  • 23. Legal Problems | Threshold for Copyright Intro Who? What? ◦ Software: ATK Case ◦ Idea | plan How it began ◦ Object code | source code Technical Analysis Legal Problems ◦ Case law (decision of the Zurich Court of Appeals, Media Rampage sic! 2009, p. 230): Additional Details Outro ◦ Very low threshold in terms of individuality Summary ◦ Exclusion of banal or trivial software Questions ◦ Consequence: ◦ As a matter of principle, software is generally protected by the Copyright Act ◦ Copyright protection is denied with regard to banal software Hashdays 2011 23/42
  • 24. Legal Problems | Other Possible Protection Intro Who? What? ◦ Patent law? ATK Case ◦ Brand | design? How it began Technical Analysis ◦ Unfair Competition Act? Legal Problems Media Rampage Additional Details Outro Summary Questions Hashdays 2011 24/42
  • 25. My options were: No. 1 – Legal Prosecution ◦ Had contact with differend lawyers from different countries (Switzerland, Germany, USA) ◦ Had contact with Free Software Foundation (FSF) ◦ There were multiple difficulties: Intro ◦ Such a legal case in Switzerland was «unique» until then Who? What? ◦ My legal insurance wasn’t covering «copyright violations» (no legal ATK Case How it began insurance in Switzerland was/is) Technical Analysis ◦ It would cost me a not definable amount of money to prosecute Legal Problems Media Rampage ◦ The chances were zero to gain indemnity (because I distributed Additional Details Outro the ATK for «free» and therefore had no calculable lossSummary of income). Questions ◦ Within a trial I would have lost money anyway (that’s not my idea of an open-source project). ◦ Because I have waited a long time, I wasn’t able to enforce «immediate legal actions» anymore.
  • 26. My options were: No. 2 – Media Rampage :) ◦ For me it wasn’t about the money. It was about law and justice ... and for the lulz!!1 ◦ I started to prepare a broad media offensive. Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 27. If I don’t get enough attention, then I may go public! Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 28. But who did it? Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 29. I tried to contact my «old friend» ... But he ignored me :( Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 30. But wait? I know him and own his code too! :) Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 31. Then they claimed that I was lying. (I didn’t like that!) Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 32. By accident I’ve got access to their «expert opinion» ... Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions
  • 33. Evidence admitted in court Intro Who? What? ◦ How does a court establish whether a violation of a ATK Case copyright has occurred? How it began ◦ Expert opinion Technical Analysis Legal Problems ◦ Value of a private expert opinion? Media Rampage ◦ What will the expert analyze: Additional Details Outro ◦ Description of the software | plan? Summary ◦ Functionalities? Questions ◦ Source Code? ◦ Object Code? Hashdays 2011 33/42
  • 34. I’m sorry, not everyone is an «expert»! ◦ There is a list of funny typos (e.g. «exploits» became «exploids»). (pp. 12) He might not be a language expert (there are many typos). ◦ He did compare the compiled software and not the source-code. (pp. 10) Not a brilliant approach to comment on a «code theft Intro accusation». Who? What? ◦ His argument why «to borrow» my code is legitimate was, that I have ATK Case How it began mentioned GPL just somewhere «hard to find». The project was Analysis Technical therefore «open-source» and I have lost all my rights. (pp.Legal Problems 4) This conclusion is just plain stupid. You don’t lose copyrights byMedia Rampage publishing the source code! Additional Details Outro ◦ On some pages he disapproved that those were the same plugins. On Summary Questions others he argued that the match might by «just by accident». (pp. 4, 9, 12, 15) Yeah sure, 380 plugins with the exact same 1.716 commands are just magical coincidence! ◦ The «expert opinion» contained a copy of the WikiPedia page about «General Public License». (pp. 22-26) Some say WP and Expert can’t be mentioned within the same sentence ;)
  • 35. Details | Particularities OSS and GPL Intro Who? What? ◦ Copyright protection of OSS in general ATK Case ◦ With regard to GPL in particular: How it began Technical Analysis ◦ How to validly include GPL when distributing software Legal Problems ◦ Rights and obligations of the licensor Media Rampage ◦ Rights and obligations of the licensee Additional Details Outro ◦ Copyleft Summary ◦ Auto-termination in case of violations Questions ◦ Differences Copyright Act | GPL Hashdays 2011 35/42
  • 36. Details | What should Marc have done? Intro Who? What? ◦ With regard to the inclusion of GPL? ATK Case ◦ Act quickly! How it began Technical Analysis ◦ Act decisively! Legal Problems ◦ Safeguard potential evidence Media Rampage Additional Details Outro Summary Questions Hashdays 2011 36/42
  • 37. One more thing ... ◦ In version 1.8 they fragged their http engine. Because all http requests missed proper CRLF at the end, the http checks were rendered useless. 100% false-negatives! ◦ The «stresstest module» didn’t work if the http:// was missing in the target definition (which was no requirement and did not show a Intro warning message). 100% false-negatives! Who? What? ◦ The «webspider module» wasn’t able to collect file and path Case ATK names How it began which start with a dot. Have fun testing .htaccess files! More false- Technical Analysis negatives! Legal Problems Media Rampage ◦ The «lan viewer module» did freeze the whole application if you Details Additional clicked onto something during discovery mode. Denial of Service Outro Summary ◦ The «port scan module» did a full-connect without a timeout to every Questions open destination port. Http services lead to denial of service. But chargen lead to memory corruption and code execution Pwnd by your target!
  • 38. Summary Intro Who? What? ◦ Legal prosecution is not easy. ATK Case ◦ Act quickly and take a good lawyer! #lfmf How it began ◦ Licenses and copyrights aren’t the same. You don’t lose a Technical Analysis copyright by publishing the source code. Legal Problems Media Rampage ◦ Fight for your right as long as you’re sure about it. Additional Details Outro Summary Questions Hashdays 2011 38/42
  • 39. Literature Intro Who? ◦ ATK vs.  What? ATK Case ◦ ATK Project gegen     (2006), How it began http://www.computec.ch/news.php?item.117 Technical Analysis Legal Problems ◦ ATK gegen , Teil 2: Rückzug? (2006), Media Rampage http://www.computec.ch/news.php?item.120 Additional Details ◦ ATK gegen , Teil 3: Siege und Niederlagen, Outro http://www.computec.ch/news.php?item.126 Summary Questions ◦ ATK gegen  - Technische Beweisführung (2007), http://www.computec.ch/download.php?view.889 Hashdays 2011 39/42
  • 40. Questions Intro Who? What? ATK Case How it began Technical Analysis Legal Problems Media Rampage Additional Details Outro Summary Questions Hashdays 2011 40/42
  • 41. Thank you for your Attention! Intro Who? What? Homburger AG ATK Case Prime Tower How it began Hardstrasse 201 Technical Analysis Legal Problems CH-8005 Zurich Media Rampage Additional Details Tel +41 43 222 10 00 Outro Summary Fax +41 43 222 15 00 Questions Mail luca.dalmolin@homburger.ch Web http://www.homburger.ch Hashdays 2011 41/42
  • 42. Security is our Business! Intro Who? What? scip AG ATK Case Badenerstrasse 551 How it began CH-8048 Zürich Technical Analysis Legal Problems Media Rampage Tel +41 44 404 13 13 Additional Details Fax +41 44 404 13 14 Outro Summary Mail info@scip.ch Questions Web http://www.scip.ch Twitter http://twitter.com/scipag  Strategy | Consulting  Auditing | Testing  Forensics | Analysis Hashdays 2011 42/42