SecurityFocus

Major hack attack on the U.S. Senate Jan 22 2004 05:25PM
Richard M. Smith (rms computerbytesman com) (2 replies)

Re: Major hack attack on the U.S. Senate Jan 23 2004 03:28PM
Brian C. Lane (bcl brianlane com) (2 replies)

Re: [work] Re: Major hack attack on the U.S. Senate Jan 24 2004 06:46PM
opticfiber (opticfiber topsight net) (1 replies)

Re: [work] Re: Major hack attack on the U.S. Senate Jan 24 2004 08:27PM
Jonathan A. Zdziarski (jonathan nuclearelephant com)

Re: Major hack attack on the U.S. Senate Jan 23 2004 08:59PM
Kevin Reardon (Kevin Reardon oracle com)

Re: Major hack attack on the U.S. Senate Jan 23 2004 03:29AM
~Kevin Davis³ (computerguy cfl rr com) (3 replies)

Re: Major hack attack on the U.S. Senate Jan 24 2004 05:16AM
rsh idirect com

Re: Major hack attack on the U.S. Senate Jan 23 2004 07:58PM
Kirk Spencer (kspencer ngrl org) (1 replies)

Re: Major hack attack on the U.S. Senate Jan 25 2004 02:06AM
Crispin Cowan (crispin immunix com)

Re: Major hack attack on the U.S. Senate Jan 23 2004 06:48PM
Daniel Capo tco net br (2 replies)

Re: Major hack attack on the U.S. Senate Jan 29 2004 04:09PM
Mariusz Woloszyn (emsi ipartners pl) (3 replies)

RE: Major hack attack on the U.S. Senate Feb 03 2004 04:17PM
David Schwartz (davids webmaster com)

Re: Major hack attack on the U.S. Senate Feb 03 2004 02:56PM
Christian Vogel (chris obelix hedonism cx) (2 replies)

Re: Major hack attack on the U.S. Senate Feb 03 2004 08:06PM
Ron DuFresne (dufresne winternet com)

Re: Major hack attack on the U.S. Senate Feb 03 2004 04:13PM
Daniel Capo tco net br (1 replies)

Re: Major hack attack on the U.S. Senate Feb 04 2004 04:39PM
Thomas M. Payerle (payerle physics umd edu)

Re: [security] Re: Major hack attack on the U.S. Senate Feb 03 2004 04:02AM
rsh idirect com (1 replies)

Re: [security] Re: Major hack attack on the U.S. Senate Feb 03 2004 10:08PM
Bernie, CTA (cta hcsin net) (1 replies)

RE: [security] Re: Major hack attack on the U.S. Senate Feb 05 2004 11:41AM
Larry Seltzer (larry larryseltzer com)

Re: Major hack attack on the U.S. Senate Jan 24 2004 07:11PM
Dinesh Nair (dinesh alphaque com) (1 replies)

Re: Major hack attack on the U.S. Senate Jan 24 2004 08:32PM
ed the7thbeer com

> which begs the question, unless it was explicitly labelled as such, how
> would the accessor know that he was committing unauthorized access ?

Notice is not required to constitute an offense generally under the
criminal laws (there are exceptions elsewhere, but this is not one of
them) of the United States. For example, trespass does not require you
show posting of "No Trespassing" signs. Courts will generally hold one to
a reasonable person standard and consider the actus reus and
the mens rea of the defendant. In other words, a judicial shaking of the
finger coupled with a "you should know better" is sufficient. You do not
need to have a banner saying "Authorized users only" to "criminalize" the
act. Similarly, lack of a banner does not "decriminalize" the act.

> this is quite similar to sites say, accidentally exporting windows or nfs
> shares out to the internet. a query of the server will return a mount
> request legitimate.

Nothing of the sort. You may have other liability for accidentally
exporting an NFS or CIFS share to the net, but you do not negate criminal
liability for invasion of that share. Yes, there are some exceptions
about areas of the public domain, but IIRC accidental sharing does not
constitute public domain.

-ed

[ reply ]