My brain just hurts right now.
From SpamSuite.com:
I’ve (ed. Mickey) been watching Sierra Corporate Design, Inc., v. David Ritz, for a long time. You haven’t seen it here because the documents are not kept online and are, therefore, not accessible. However, a decision has been reached in that case and the clerk of court in Fargo was kind enough to fax me a copy of the findings of fact, conclusions of law, and order for judgment.
In 12 pages of bad law, a North Dakota District Court judge has declared that using the “host” command with the “-l” option constitutes computer hacking. The “-l” option, which effects a DNS zone transfer, is only available to computers and maybe administrators, with the prior written consent of Major League Baseball. That means that pages mentioning the potential for use by non-administrators like this one should probably go away since it’s teaching people how to “hack”. And, of course, this also means that the manual pages on all Linux, *nix, and *BSD machines include hacking instructions thanks to the inclusion of a man page for host which mentions the -l option
I should point out that David Ritz is facing criminal charges in this case. My (insert deity), I think that we have fully discovered where the real crime lies. And to add a little more info for the non-*nix readers here is an excerpt from a linux man page for the “host” command:
List mode is selected by the -l option. This makes host perform a zone transfer for zone name. The argument is provided for compatibility with older implementations. This option is equivalent to making a query of type AXFR.
I had to grab a new keyboard. I busted my old one with my forehead.
[tags]Illegal DNS Requests, Bad Law, David Ritz, Sierra Corporate Design[/tags]
If you read the supporting articles in this case, you would see that the defendant was barred from interacting with the company before this incident. Meaning, he has been harassing them. The rules here are applied to a single individual (much like a restraining order), and not the general population.
@Marcin
Fair enough. It was the point specific to the DNS ruling that could have potentially damaging effects in the judicial system as a new precedent. That’s the part that concerns me.
Thanks for the comment.
@Dave
1. Civil suits can’t set precedent. (A criminal case is pending).
2. I read the findings, according to the judge there’s a lot more Ritz did than a few zone transfers.
3. Hopefully, the other activities and not the Zone Transfer get focus in the criminal case.
And what the heck is up with people ignoring judges orders! Has there been a rash of stupid-stick beatings?
@ DAG
Thanks for filling in the blank spaces. When I wrote that I was somewhat hot under the collar.
🙂
@Dave
I don’t blame you. I saw the Reg headline and thought something went off the rails.
For me to actually read a legal finding of fact is unusual (actualy parts of it are almost funny).
The whole Zone Transfer thing is just overblown. The case almost obsesses over it. And as others have pointed out the interpretation of who has legitimate uses for dns queries is very narrow. Consequently, the people portraying this as just a zone transfer are spinning it.
The list of other activities the judge found Ritz engaged in included: portscanning, email bombing, canceling usenet posts, using other systems as (unauthorized) proxies for this activity.
It’s findings 13, 14, 15, 16, and 23 that are troubling and for which he could be criminally convicted.
http://www.spamsuite.com/webfm_send/258
For the record,
I omitted 24 from the list above.
Findings 6, 8, 9, 10, 21, and 22 are arguable. Unfortunately, there was “available literature” describing unauthorized the use of Zone Transfers. (Even my very dusty old copy of “DNS and BIND” refers to “Unauthorized Zone Transfers” – lesson careful what you write).
Also, according to other findings he lied about his activities in addition to ignoring the injunctions. Others have speculated that this could have led the judge to take much of the defense evidence as suspect.
Dave,
I wrote a small piece on this that really is me pretending to be a lawyer, but the meaning of a zone transfer really hands on what constitutes authorized access.
http://securityretentive.blogspot.com/2008/01/armchair-legal-analysis-of-sierra-v.html