Post a comment

Story: Tsunami appeal site 'hacker' found guilty

Going totally against the flow of the comments here, has anyone actually considered the ramifications of this decision? Here's a guy who has made a donation to the Tsunami appeal, and now has a criminal record.

When the judge says that the defendant changed his story, well that happens all the time. When he was initially questioned he would have been in a state of shock and once charged, can't elaborate on anything he's said. The statement given to a person at arrest "anything you do say may be used against you in a court of law" implies that it might not either. I've always thought it odd that we allow such a threat to be given to a person arrested without question.

Unfortunately I wasn't in the court so I don't know what was said, and media reports of the case are in conflict.

If it is correct that he used his browser to access the site (by requesting the page ../../../ as specified in section 5.4.2 of RFC 3986), then we are all hackers. I suggest therefore that anyone who reads this hands themselves in to the police (but at least do me the favour of reading till the end).

It has always been my opinion that you cannot have unauthorised access to a public website, unless you have defaced it, altered files on it or obtained information from it to commit another crime (eg credit card fraud). Even then, wikis and other amendable sites mean that this definition isn't accurate enough.

What would happen if a site gave an "access denied" error when you tried to access the site, due to a configuration error? Would that be illegal? By this interpretation it is, but common sense tells you that it's no such thing.

This is why organisations should separate what is public from what is private, and also why this case is a travesty and the decision must be overturned.

Full Talkback thread