|
|
BugTraq
Major hack attack on the U.S. Senate Jan 22 2004 05:25PM Richard M. Smith (rms computerbytesman com) (2 replies) Re: Major hack attack on the U.S. Senate Jan 23 2004 03:28PM Brian C. Lane (bcl brianlane com) (2 replies) Re: [work] Re: Major hack attack on the U.S. Senate Jan 24 2004 06:46PM opticfiber (opticfiber topsight net) (1 replies) Re: [work] Re: Major hack attack on the U.S. Senate Jan 24 2004 08:27PM Jonathan A. Zdziarski (jonathan nuclearelephant com) Re: Major hack attack on the U.S. Senate Jan 23 2004 08:59PM Kevin Reardon (Kevin Reardon oracle com) Re: Major hack attack on the U.S. Senate Jan 23 2004 03:29AM ~Kevin Davis³ (computerguy cfl rr com) (3 replies) Re: Major hack attack on the U.S. Senate Jan 23 2004 07:58PM Kirk Spencer (kspencer ngrl org) (1 replies) Re: Major hack attack on the U.S. Senate Jan 23 2004 06:48PM Daniel Capo tco net br (2 replies) Re: Major hack attack on the U.S. Senate Jan 29 2004 04:09PM Mariusz Woloszyn (emsi ipartners pl) (3 replies) Re: Major hack attack on the U.S. Senate Feb 03 2004 02:56PM Christian Vogel (chris obelix hedonism cx) (2 replies) Re: Major hack attack on the U.S. Senate Feb 03 2004 04:13PM Daniel Capo tco net br (1 replies) Re: Major hack attack on the U.S. Senate Feb 04 2004 04:39PM Thomas M. Payerle (payerle physics umd edu) Re: [security] Re: Major hack attack on the U.S. Senate Feb 03 2004 04:02AM rsh idirect com (1 replies) Re: [security] Re: Major hack attack on the U.S. Senate Feb 03 2004 10:08PM Bernie, CTA (cta hcsin net) (1 replies) RE: [security] Re: Major hack attack on the U.S. Senate Feb 05 2004 11:41AM Larry Seltzer (larry larryseltzer com) Re: Major hack attack on the U.S. Senate Jan 24 2004 07:11PM Dinesh Nair (dinesh alphaque com) (1 replies) |
|
Privacy Statement |
> On Fri, 23 Jan 2004 Daniel.Capo (at) tco.net (dot) br [email concealed] wrote:
> > > Which means the Democrats screwed up setting up their own
> > > share point and
> > > allowed public access to it. There was no "computer glitch" which was
> > > "exploited". This was completely a human screw-up. And there was no
> > > hacking ("exploitation of a computer glitch") done by the Republicans.
> > > Unless you wish to call clicking on a share point configured
> > > with public
> > > access and opening it up "hacking".
> > AFAIK, "hacking" is legally defined in the USA as being unauthorized
> > access to computer resources. It doesn't matter if the resource was
> > adequately protected (or protected at all) in first place or not. If you
> > were not given permission to make use of that resource, you are
> > criminally liable.
> Do you have an explicit permission to read the content of a www.cnn.com?
> What is the difference between opening a web URL and a network share?
Laws are not like computer programs. They don't have to precisely describe
a process that can be mindlessly applied to determine whether the law was
violated or not. Common sense is permitted.
You may not have "explicit permission" to read the content of www.cnn.com,
any more than you have explicit permission to eat at Burger King. This
doesn't make it impossible to tell the difference between eating at Burger
King and entering Burger King after they've closed through a door that was
left unlocked by mistake.
The fallacy in your argument is to equate lack of "explicit permission"
with "unauthorized access". They are not at all the same thing. Explicit
permission is not the only form of authorization. One can try to argue to
that publication of a share without a password could easily be mistaken for
authorization, but the instant one sees the content, it is clear that no
such authorization was intended. One cannot be "accidentally authorized" to
do something. One could mistakenly think one was authorized, but that
argument would be laughed at in this case. Nobody could make it with a
straight face.
DS
[ reply ]