My Authors
Read all threads
Attorneys won't provide legal advice for free or for a small fee, doctors won't look at your kid's rash, and really, cybersecurity professionals shouldn't be looking at people's computers.
One reason is the risk of being sued when there's a mistake -- you are asking them to accept a considerable financial risk for free.

The second reason is the a high chance of a mistake.
Let's ask a lawyer "Is port scanning legal?". What I don't tell them is that I'm running nmap with a script that also automatically logs onto the system, so when I get arrested for CFAA violations, I sue the lawyer who told me it was legal for legal malpractice.
Lawyers don't know the answer offhand whether port scanning is legal. They'd have to spend time researching it, and even after that research, the answer isn't going to be yes/no, but a set of risks.
It's like the Lauri Drew case. Is it illegal to create a fake Facebook account violating their Terms of Service. The answer is "no" until your daughter uses that account to bully another 14 year old student into committing suicide, at which point the answer is "yes, illegal".
Can you quickly look at my kids rash and tell me if it's serious? Well, your family physician with all the kids records may have a very different answer than your neighbor who glances at it for 5 minutes. The correct answer is "you should really talk to your own doctor".
Part of the problem is that we browbeat lawyers into delivering the answer we want. I want to portscan, when I ask you whether it's legal, I'm going to continue arguing with you why it should be legal until you agree with me.
And it's all very tedious because outsiders don't understand how the law works. Sure, portscan ought (or ought not) be legal -- but that's for politicians to fix by change what it law says. What the law ought to say doesn't change what it actually says.
So you asking the professional to do what's (1) annoying for them, (2) a lot more work, (3) an answer that will likely be wrong because of lack of information, and (4) a legal/financial risk to them when their answer is wrong.
This is an excellent additional reasons:
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Rob ☃️ Graham (not at Shmoocon this year)

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!