Re: Microsoft Hotmail

[cls () SEAWOOD ORG (Christopher Seawood)]

On Tue, 26 Jan 1999, Daniel P. Stasinski wrote:

> I contacted Microsoft/Hotmail asking them to close the account
> of that was listed in the backdoored tcp wrapper source code.
> I also forwarded the offending code.
>
> The word back from them is that they will not close it.  Theft
> of passwords and hacking does not violate thier terms of
> service.

It doesn't? I don't have a hotmail account but I ran across the following:

http://www.hotmail.com/cgi-bin/dasp/fm_shell.asp?head=Policy+and+Member+Conduct&content=nospam&back=svcs&from=svcs

"The following is extracted from the Hotmail Terms of Service Agreement to
which each Hotmail member must adhere. "

"Member agrees: ... (2) not to use the Service for illegal purposes"

"Attempts to gain unauthorized access to other computer systems are
prohibited."

It sounds like cracking (not hacking) is definitely a violation of their
service agreement.  The real question is whether the receipt of the
passwords is the same as the (illegal) use of the passwords.  A lot of
admins will want to say yes (because of the security compromise) but I
doubt the law sees it the same way.  (Wasn't there a case recently in
Norway that covered this?)

- cls