Links to Internet sites about law, ethics, and computer security


  • Farmer and Venema: Improving the Security of Your Site by Breaking Into It. We would also like to reiterate to the reader that the purpose of this paper is to show you how to test the security of your own site, not how to break into other people's systems. The intrusion techniques we illustrate here will often leave traces in your system auditing logs -- it might be constructive to examine them after trying some of these attacks out, to see what a real attack might look like. Certainly other sites and system administrators will take a very dim view of your activities if you decide to use their hosts for security testing without advance authorization; indeed, it is quite possible that legal action may be pursued against you if they perceive it as an attack.

  • Online Ethics Center for Engineering and Science

  • Association for Computing Machinery Code of Ethics. Includes the professional responsibility: ACM members must obey existing local, state, province, national, and international laws unless there is a compeling ethical basis not to do so. Policies and procedures of the organization in which one participates must also be obeyed. But compliance must be balanced with the recognition that sometimes existing laws and rules may be immoral or inappropriate and, therefore, must be challenged.

  • USENIX/SAGE Code of Ethics for System Administrators. Includes the following canon: System administrators must uphold the law and policies as established for the systems and networks they manage, and make all efforts to require the same adherence from their users. Where the law is not clear, or appears to be in conflict with their ethical standards, system administrators must exercise sound judgment, and are also obliged to take steps to have the law upgraded or corrected as is possible within their jurisdiction.

  • Bruce Fraser's computer crime research resources

  • Purdue COAST Computer Security Research Archive


  • Organizations:

  • USENIX System Administrators' Guild (SAGE)
  • Mailing list:

  • Legal Aspects of Computer Crime. Send email to: with the body of: "subscribe lacc".
        This list has been created in an attempt to mitigate the lack of
        tangible resources people involved with computer crime have at their
        disposeal. It is hoped that by bringing together knowledgeable legal
        professionals together with para-legal personnel and informed lay
        persons that information and resources relevant to the difficult
        task of analyzing, presenting in court or otherwise dealing with
        computer crime law and computer crimes may be shared and intelligent
        discussion stimulated.
  • Other Indices:

  • US NIH General Computer Security Information
  • CRIMINAL LAW LINKS @ State of Kentucky Public Defender
  • AltaVista search on computer crime
  • Who links to us?
  • (via Digital's Alta Vista)

    Your suggestions? Please email.

    Back to main page.

    Last updated April 8, 2001.