Full Disclosure mailing list archives

Re: Name One Web Site Compromised by Download.Ject?

From: Valdis.Kletnieks () vt edu
Date: Wed, 30 Jun 2004 17:08:32 -0400

On Wed, 30 Jun 2004 10:56:28 PDT, Morning Wood <se_cur_ity () hotmail com>  said:

As a side note, I would like to know if using a exploit on a non passworded 
site ( access restriction )
to obtain / change data is in fact illegal ( in the USA ) , as I recall it 
is a violation to bypass
an ACCESS CONTROL DEVCE. If no access control is present is there a 
violation of a law?


Note that 17 USC 1201(a)(1)(A) says: "No person shall circumvent a
technological measure that effectively controls access to a work protected
under this title".  In other words, the anti-circumvention clause is
*only* concerned with the case of you circumventing something to get at
copyrighted data.

If there's no copyright issue, or no access control, that clause doesn't
apply.

You however *may* still be in deep bovine-based fertilizer from
possible violations of 18 USC 2101, 18 USC 1030, other US Code sections,
and quite possibly any state laws that pertain to whatever you did...

Attachment: _bin
Description:

Current thread:

Name One Web Site Compromised by Download.Ject? Edge, Ronald D (Jun 30)
- Re: Name One Web Site Compromised by Download.Ject? Morning Wood (Jun 30)
  - Re: Name One Web Site Compromised by Download.Ject? Valdis . Kletnieks (Jun 30)
- Re: Name One Web Site Compromised by Download.Ject? Gregory A. Gilliss (Jun 30)
- <Possible follow-ups>
- RE: Name One Web Site Compromised by Download.Ject? Carlos Kramer (Jun 30)
- RE: Name One Web Site Compromised by Download.Ject? Edge, Ronald D (Jun 30)
  - RE: Name One Web Site Compromised by Download.Ject? Paul Schmehl (Jun 30)