Advertisement
Promo

Security threats Toolkit

Story: Tsunami appeal site 'hacker' found guilty

  • Previous comment

Posted by: John Airey (Friday 14 October 2005, 10:52 PM)

  • Reply

Evil Wizard, if you can't believe what I'm saying, have you tried reading RFC3986?

This isn't at all a case of someone attempting to break in. The query he sent is allowable under agreed international standards.

Also, like I said, you can't know if you are allowed to access a page before you send a query, since you can't know for sure that you will get a "200" response from the server. I've visited hundreds of sites that have an "access denied" error at the top level (I've been accessing web sites for thirteen years). By this reasoning I am a criminal. If I mistype a URL and get an "access denied" page, or (as I did recently) edit a URL to get a more up to date software program from a companies server (as they had forgotten to update the link to the newer software) does that make me a criminal?

Also, I need to correct what I said in an earlier post (see, even I can't get it right first time, and I'm not under arrest!). What I meant was a threat when you are arrested are the words "it may harm your defence when questioned if you do not mention evidence that you later rely on in court". Leaving aside the fact that the police shouldn't be giving legal advice, this statement flies completely in the face of article 6 of the European Convention on Human Rights. It is saying (and the judge in this case appears to agree) that you must present everything in your defence right there and then.

Has anyone actually noticed that it was three weeks between the "offence" and arrest? How many of you can remember exactly what you were doing around 15:00 three weeks ago, and can give a full legal defence of it within a few hours of being arrested? None of you? I thought so.

Of course, now that the link that he has followed is on public web sites, Google and MSN search (to name two) will now attempt to access those pages. Does that mean that Eric Schmidt and Bill Gates are going to be arrested?

There is plenty of law to cover web sites being attacked, but section 1 of the Computer Misuse Act isn't part of it. For several years now I have managed the sites I look after on the basis that everything on the public sites is in the public domain, and everything else is secured in some way. That I've done with section 1 of the Computer Misuse Act in mind.

  • Previous comment

  • Reply to this comment
  • Return to story
  • Report this as offensive


Full Talkback thread

Sentry Posts Blog

Motorola Droid Drops Today: Happy Droi...

Motorola Droid Drops Today: Happy Droid Day America! Author: Eric Everson, Mobile Security Expert If you’re wondering what all of the buzz is about with words like Droid and Android... More

Post a comment

Mobile Security Profile: BlackBerry St...

Mobile Security Profile: BlackBerry Storm2 Author: Eric Everson BlackBerry handsets are a staple of office culture; from syncing calendars to sharing business-related data,... More

Post a comment

South Korea plans to fingerprint visit...

The South Korean authorities could fingerprint and photograph foreign visitors from 2012, the Korea Times reported on Tuesday. Barring diplomats and government operatives, all visitors... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

Newsletters