Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Full-Disclosure Digest, Vol 83, Issue 21
From: Benjamin Kreuter <ben.kreuter () gmail com>
Date: Tue, 17 Jan 2012 14:13:00 -0500

On Tue, 17 Jan 2012 12:28:11 -0500
Valdis.Kletnieks () vt edu wrote:
Basically, you use a flaw to extract secret info from a "protected
computer", and you aren't an authorized pen tester with a signed "get
out of jail free" card from the owner of the computer, you just
bought yourself a felony rap.

Looking at that law, I am not even sure that you need to use a flaw to
extract secret info.  It looks like something as simple as transmitting
a message to each user that dictates what they are authorized to do is
enough to trigger the law.  If I tell you that you are only allowed to
access pages on my site by clicking on links from the index.html page,
and you try entering some other URL, it looks like that would be a
felony -- IANAL though, so perhaps a lawyer can weigh in on this?

-- Ben

Benjamin R Kreuter
UVA Computer Science
brk7bx () virginia edu


"If large numbers of people are interested in freedom of speech, there
will be freedom of speech, even if the law forbids it; if public
opinion is sluggish, inconvenient minorities will be persecuted, even
if laws exist to protect them." - George Orwell

Attachment: signature.asc

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]