Security threats Toolkit
Story: Tsunami appeal site 'hacker' found guilty
Posted by: John Airey (Friday 14 October 2005, 12:13 PM)
Going totally against the flow of the comments here, has anyone actually considered the ramifications of this decision? Here's a guy who has made a donation to the Tsunami appeal, and now has a criminal record.
When the judge says that the defendant changed his story, well that happens all the time. When he was initially questioned he would have been in a state of shock and once charged, can't elaborate on anything he's said. The statement given to a person at arrest "anything you do say may be used against you in a court of law" implies that it might not either. I've always thought it odd that we allow such a threat to be given to a person arrested without question.
Unfortunately I wasn't in the court so I don't know what was said, and media reports of the case are in conflict.
If it is correct that he used his browser to access the site (by requesting the page ../../../ as specified in section 5.4.2 of RFC 3986), then we are all hackers. I suggest therefore that anyone who reads this hands themselves in to the police (but at least do me the favour of reading till the end).
It has always been my opinion that you cannot have unauthorised access to a public website, unless you have defaced it, altered files on it or obtained information from it to commit another crime (eg credit card fraud). Even then, wikis and other amendable sites mean that this definition isn't accurate enough.
What would happen if a site gave an "access denied" error when you tried to access the site, due to a configuration error? Would that be illegal? By this interpretation it is, but common sense tells you that it's no such thing.
This is why organisations should separate what is public from what is private, and also why this case is a travesty and the decision must be overturned.
Full Talkback thread
Story: Tsunami appeal site 'hacker' found guilty
-
Wow. Getting responses from ports on a network com... richard -
if there is a building and the front door is... spacelab10000 -
No, it's like walking around trying everyone'... Anonymous
-
"The only reason he did this is because he thought... Anonymous
-
The first person talks about connecting on co... Evil Wizard
-
As a programmer (not just another web surfer) I wo... Anonymous
-
I'm sorry if we offended the programmer -- wh... Matt Loney
-
He claims he was scared that the site was a phishi... Anonymous
-
If you'd like to tell the judge what you think of... Anonymous
-
Go to any security professional and they shou... Anonymous
-
Read the UK law, did he attempt to penet... Anonymous -
I understand that what he did broke... Anonymous
-
Going totally against the flow... John Airey -
Ok first off the analogy that... Evil Wizard
-
Evil Wizard, what you say is t... John Airey
-
John I dont believe in this ca... Evil Wizard
-
Evil Wizard, if you can't beli... John Airey
-
There is an obvious breach of the Computer Misuse... Alex Pinheiro
-
Well if this is now a crime, then come get me righ... Anonymous
