/About /Main /Help Us /Log /Advertise /FAQs
/Archives /BBloopers /Discussion /Contact /Archives /BBshop
Super Bowl Winner?
Top 11
Top 11 Things Geeks Would Do After Being Rescued from a Mine
How White and Nerdy Are You?
Bush Proposes Faith- Based Firewalls for Government Computers
Microsoft Purchases Evil From Satan
Slashdot Story Generator
Which OS Are You?
Teen Using MySpace to Lure Bands to Los Angeles
The BBook of Geek
Mental Floss
Geek Press
Wil Wheaton
Jonathan Coulton
Jokes Gallery
Funny Pictures
More Links

Thursday, September 30 12:00 AM ET

Senators Call for Software Exploit Waiting Period

By Robin Berger

Washington, D.C. -- A bipartisan group of U.S. senators led by Chuck Schumer (D-New York) and Dick Durbin (D-Illinois) has introduced legislation for a three to five-day waiting period for buffer overflow exploits. The legislation was conceived after hackers developed an exploit for a newly identified "JPEG Processing" buffer overflow vulnerability in Microsoft software.

Buffer OverflowDurbin and Schumer announced the legislation at a news conference where they were joined by a bipartisan group of senators, Jim and Sarah Brady, and an Illinois man whose business was attacked by a mentally ill hacker who was able to exploit a buffer overflow.

A buffer overflow occurs when a piece of software accidentally tries to store more data in a holding area than it can handle. Schumer revealed that buffer overflows are by far the leading instrument used in hacker attacks, more than all other methods combined.

"A brief waiting period allows tempers to cool and can give our law enforcement officials an opportunity to spot questionable Internet users," Schumer said. "It's hard to understand why any person, even a security expert, would need immediate access to a buffer overflow exploit."

"A waiting period isn't about more government, it's about fewer hacker crime victims," Durbin said.

The Senators modeled the legislation after an original five-day waiting period known as the Brady law. It went into effect in February 1994 and is named after Jim Brady, who attended the anti-hacker news conference.

Durbin said that without a waiting period, would-be attackers can download an exploit for a newly discovered buffer overflow in minutes, with no cooling-off period for anyone considering harming themselves or others.

Schumer added the proposal makes cybercrime officers the first points of contact for all background checks. A three to five-day waiting period will allow time to contact low-tech local officials who may know about mental health histories and domestic abuse records not available federally.

Related News

Top 11 Campaign Pledges You'll Never Hear

9/11 Panel Calls Neocons "Nation's Biggest Threat"

MacGyver Foils Airport Security

"Our bill may be the only barrier between a child and his abusive parents who denied him a high-bandwidth Internet connection and a new computer for Christmas," Schumer said. "We want to stop those troubled teens from destroying peoples' lives."

Illinois conducts its own background checks and already has a state waiting period in place. However, buffer overflows are often trafficked from states with weak computer crime laws to states with strong computer crime laws such as Illinois.

More Tech News

Recommend this Story to a Friend

Follow on Twitter Follow Us on Twitter
Facebook Fan Us on Facebook
Amazon Find the BBook


  Politics Contact FAQs

Copyright 1999-2023 by BBspot LLC
BBspot is a tech satire news and geek humor source, and meant to be funny.
If you are easily offended, gullible, or don't have a sense of humor, we suggest you go elsewhere. Those without the geek gene activated should also avoid this site.