Re: Interesting conviction

[Rogan Dawes <discard () dawes za net>]

Mike Messick wrote:
> You're quite right!  ;-)
>
> Here's mine:
>
> I think the article's editorial comments about causing problems for
> security professional and penetration testing are pure crap.
[snip]

> Most laws are written with intent in mind.  That Mr. Cutbert didn't intend
> to do anything bad once he got in is really immaterial - that he *intended
> to gain entry in an unauthorized fashion* is what constituted the
> violation and his subsequent conviction.

[snip]
> Just because you don't steal the TV after you crowbar the front door open
> doesn't mean you won't go to prison for unlawful entry.  Or not get shot
> by the owner (in some states).  The fact that you don't have permission to
> be there in the first place is what matters (at least under current law).

Mr Cuthbert was simply attempting to verify the security of an 
institution that he had decided to entrust his credit card details to.

Granted, one should not try to break into the vault of a bank to check 
their security, but I think that his intent was somewhat closer to 
rattling the lock on the safety deposit box after dropping your money 
in, to make sure that someone else can't just come along and help themself.

Rogan

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------