mailing list archives
Re: anti-spam vs network abuse
From: Richard Irving <rirving () onecall net>
Date: Fri, 28 Feb 2003 18:15:31 -0500
Joe St Sauver wrote:
There is NO legal advice in this post. Really!
In Oregon, see ORS 164.377(4):
"Any person who knowingly and without authorization uses, accesses or
attempts to access any computer, computer system, computer network, or any
computer software, program, documentation or data contained in such computer,
computer system or computer network, commits computer crime."
Define "without authorization", and also "knowingly".
Was the port open to the public internet ?
If so, it sounds pretty "authorized" to me,
therefore undermining "knowingly", afaict.
Or, otherwise, with a few exceptions,
almost every web site I have ever surfed has been "without authorization".
Like I said, "intention" has to come into the
picture.... in this case, it is in the form of "knowingly".
Do you open your "unauthorized" ports to the public internet ?
"Unauthorized" on wide open internet usually infers
that there is an access scheme in place to -prevent-
"unauthorized access", and activity that attempts
to undermine that security scheme -then- becomes illegal, AFAIK.
The absence of such an access scheme, on open internet, would
infer an "implied authorization"... as in the case of the millions
of WWW pages we all access daily.
After all, protocol ports do not publish themselves.....
Now, to add a twist, did I probe you from "authorized" space,
and gain "illegal access", undermining your (inadequate) security scheme ?
Well, then I must have been "authorized", or you wouldn't have
allowed me in from this "auhtorized" space, eh ?
Oh, I was in "authorized space", but "I" wasn't authorized,
and I didn't know ?
Oh, well there goes the "knowing" thing again.
While some of this information could be considered
legally valid coming from a "technical expert", it
isn't to be construed as "legal advice".
Get a lawyer for actual legal advice.