Full Disclosure mailing list archives
Re: Name One Web Site Compromised by Download.Ject?
From: Valdis.Kletnieks () vt edu
Date: Wed, 30 Jun 2004 17:08:32 -0400
On Wed, 30 Jun 2004 10:56:28 PDT, Morning Wood <se_cur_ity () hotmail com> said:
As a side note, I would like to know if using a exploit on a non passworded site ( access restriction ) to obtain / change data is in fact illegal ( in the USA ) , as I recall it is a violation to bypass an ACCESS CONTROL DEVCE. If no access control is present is there a violation of a law?
Note that 17 USC 1201(a)(1)(A) says: "No person shall circumvent a technological measure that effectively controls access to a work protected under this title". In other words, the anti-circumvention clause is *only* concerned with the case of you circumventing something to get at copyrighted data. If there's no copyright issue, or no access control, that clause doesn't apply. You however *may* still be in deep bovine-based fertilizer from possible violations of 18 USC 2101, 18 USC 1030, other US Code sections, and quite possibly any state laws that pertain to whatever you did...
Attachment:
_bin
Description:
Current thread:
- Name One Web Site Compromised by Download.Ject? Edge, Ronald D (Jun 30)
- Re: Name One Web Site Compromised by Download.Ject? Morning Wood (Jun 30)
- Re: Name One Web Site Compromised by Download.Ject? Valdis . Kletnieks (Jun 30)
- Re: Name One Web Site Compromised by Download.Ject? Gregory A. Gilliss (Jun 30)
- <Possible follow-ups>
- RE: Name One Web Site Compromised by Download.Ject? Carlos Kramer (Jun 30)
- RE: Name One Web Site Compromised by Download.Ject? Edge, Ronald D (Jun 30)
- RE: Name One Web Site Compromised by Download.Ject? Paul Schmehl (Jun 30)
- Re: Name One Web Site Compromised by Download.Ject? Morning Wood (Jun 30)