Terry Zink's Cyber Security Blog

Discussing Internet security in (mostly) plain English

A couple of more thoughts on the David Ritz case

A couple of more thoughts on the David Ritz case

  • Comments 2

I thought I'd post a couple of more thoughts on the David Ritz case.  There are a couple of points in the judgment that are simply bizarre:

Ritz has engaged in a variety of activities without authorization on the Internet. Those activities include port scanning, hijacking computers, and the compilation and publication of Whois lookups without authorization from Network Solutions.

I find this baffling.  The publication of Whois lookups without authorization?  If you don't know what Whois is, it is a tool that allows you to look up the contact information for a domain.  For example, you can go to GeekTools and look up the contact information who registered microsoft.com or google.com.  In my anti-spam days, I used to use it all the time.  It is an indispensable tool, that's how I first found out about Alan Ralsky (a notorious alleged spammer).  It is a public look up tool.  Why would anybody need authorization to publish information that is already public?

The information which Ritz published was not public. Moreover, much of the information was not publicly accessible.

Is it just me, or does this beg the question?  On the one hand, Ritz used commands like host -l, helo and vrfy.  These are tools within Unix, a free operating system.  In other words, publicly accessible commands.  He used these commands to get the information from Sierra, which the judge then says was not public.  If Ritz used commands available to any Unix user, how is it that the information is not publicly accessible?  Does that not seem contradictory?

Anyhow, that's my 2 cents on the Ritz case.

Leave a Comment
  • Please add 3 and 8 and type the answer here:
  • Post
Page 1 of 1 (2 items)