[olug] Agreement for non retribution for security presentation

OBrien, Timothy (Omaha Linux Users Group - OLUG) IrishMASMS at olug.org
Tue Mar 2 02:46:42 UTC 2004 

Looking for some good examples or suggestions from you all.

The library inventory & management system (on Sun, AIX, & WinDoz
platforms) we use is produced by a commercial vendor, which has a users
group conference every year. Attendees volunteer to do presentations on
topics about the system, and they get a discount towards the attendance
fees. In past years, I had done presentations around the operation and
administration of the system. This year I decided for something different
- submitting a presentation proposal titled "Hacked? We can't be cracked!"
with a description of:

>From the overall tone of the User Group mailing list, individuals do not
seem to think that a library system has vulnerabilities that a computer
hacker or cracker can exploit. I intend to demonstrate otherwise; and give
the audience a few thinks to think about when securing their Integrated
Library System. Any system can be exploited; it is just a matter of
securing your system so that it is not one of the 'low hanging fruit'. A
few individuals have asked me at the last conference and via email to do a
presentation like this.


To my surprise, the proposal was accepted. To my bigger surprise, the
support individuals at the vendor agreed to support this as well; agreeing
to configure a spare system they have for my presentation development &
the actual presentation.


Now, my question: to have some legal standing & to CYA what sort of
agreement for non retribution / no DCMA violations / etc should I get? I
already have a verbal from the folks I am working with at the vendor, and
for anything I will send them he would agree to.

What is the entire picture I should be protecting myself for?


Your thoughts and suggestions are appreciated.




-- 
Timothy "Irish" O'Brien
Publicity & Social activities chairperson
Omaha Linux User's Group (OLUG)
----------------------------------------------
A: No.
Q: Should I include e-mail quotations after my reply?
=====================================================
An often repeated quote on news.admin.net-abuse.email:
<I>
"Spam is not about content, it is about consent".
</i>
--------------------------------
Microsoft: Where do you want to go today?
Linux: Where do you want to go tomorrow?
FreeBSD: Are you guys coming or what?

More information about the OLUG mailing list