I'm a GNU/Linux build/release engineer and an opportunity to build a system that is essentially a honeypot came up. However, after researching this specific activity I see more red flags than I'm comfortable dealing with. Perhaps this really is a question for a lawyer with digital crime experience, or it's a response of "no, thanks"...<p>I have lots of links to information on the topic that I've gathered published since the mid-2000s and this SANS document has always been my goto:<p>http://www.sans.org/reading-room/whitepapers/legal/cyberlaw-101-primer-laws-related-honeypot-deployments-1746<p>However, I was wondering if there are more recent changes to the laws and/or a site that is more thorough in treatment of how private parties (contractors) factor into any legal issues that might arise from use of a honeypot deployment.<p>In other words, what are the references that folks experienced with the topic and/or deployment of honeypots rely of for updates and practical legal knowledge?