Security threats Toolkit
Story: Tsunami appeal site 'hacker' found guilty
Posted by: Evil Wizard (Friday 14 October 2005, 7:12 PM)
John I dont believe in this case you can say there is no way that you can know what pages you are authorized to view and what aren't. This guy is a supposed infosec consultant. I know that if I go to a website and then purposely start doing some SQL insertion or trying to exploit some cross-site scripting vulnerability or trying and drill down into a root directory then I am doing something illegal by trying to break into the site. Its not that he was just trying to view another webpage, he was trying to view information he knew he shouldn't be accessing through the browser. (I can post code in a forum that when submitted shows me the SAM file from the server... or whatabout a little cut and paste of source code in an online shopping cart program that changes the listed price of something to a penny?) The browser is just the medium used to execute the attack. I also dislike all the references to looking for locked doors via wriggling handles because that is not what he was doing. He was attempting to break in via a known exploit. Had he broken in who knows that kind of damage (purposeful or not) he could have caused. That is in my opinion why he was busted. Now the severity of the penalty... is arguable.
Full Talkback thread
Story: Tsunami appeal site 'hacker' found guilty
-
Wow. Getting responses from ports on a network com... richard -
if there is a building and the front door is... spacelab10000 -
No, it's like walking around trying everyone'... Anonymous
-
"The only reason he did this is because he thought... Anonymous
-
The first person talks about connecting on co... Evil Wizard
-
As a programmer (not just another web surfer) I wo... Anonymous
-
I'm sorry if we offended the programmer -- wh... Matt Loney
-
He claims he was scared that the site was a phishi... Anonymous
-
If you'd like to tell the judge what you think of... Anonymous
-
Go to any security professional and they shou... Anonymous
-
Read the UK law, did he attempt to penet... Anonymous -
I understand that what he did broke... Anonymous
-
Going totally against the flow... John Airey
-
Ok first off the analogy that... Evil Wizard
-
Evil Wizard, what you say is t... John Airey
-
John I dont believe in this ca... Evil Wizard -
Evil Wizard, if you can't beli... John Airey
-
There is an obvious breach of the Computer Misuse... Alex Pinheiro
-
Well if this is now a crime, then come get me righ... Anonymous
