Advertisement
Promo

Security threats Toolkit

Story: Tsunami 'hacker' conviction worries experts

  • Previous comment

Posted by: Praveen Dalal (Monday 10 October 2005, 7:29 PM)

  • Reply

The situation has arisen due to the wordings of the statute. Section 1 of the Computer Misuse Act, 1990, considers an unauthorised access to a computer site as a crime if the person accessing the system “knows” that he is not authorised to access the site. The mens rea aspect has been incorporated in the form of “knowledge” aspect and that makes the concerned provision a “strict liability offence” unless the same is justified by law. For example, if an organisation or person is “legally entitled” to adopt “penetration test” as a mode of ethical hacking, then there seems to be no problem. The problem arises only when the person penetrating is not entitled to do so. In that case the provisions of section 1 apply harshly and there seems to be no justification for cursing the same. If the security aspects have to be tested or if the veracity of a site has to be checked, let the authorised person handle the same. If the person performing the penetration test is authorised, then there is no problem. If he is not, then the prosecution is the natural outcome.

Now coming to the conviction aspect, if the offender is a “first time offender” with no malicious intention (as in the present case), then the court must be liberal in his release either on probation or after due admonition. The offending act in this case is due to the language of the statute and whether a different provision must be made is a matter of policy decision by the Government that has to be decided by it in public interest. Till then the provision does not deserve to be criticised as the consequences were foreseeable.

  • Previous comment

  • Reply to this comment
  • Return to story
  • Report this as offensive


Full Talkback thread

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

Newsletters