what if the door has a sign on it that says "authorized personnel only?" if law enforcement officials hang yellow police line tape around a crime scene (which, let's say for example, is in public park), are we allowed to still access that area, just because we can walk under the tape while no one is looking? do "no trespassing" signs have any legal merit? (i'm asking--i don't really know, honestly) i believe i've heard of cases wherein using the word "welcome" in a banner (on a router or web site) makes it more difficult to prosecute an "unauthorized" user of the system, whereas explicitly stating that unauthorized access is prohibited makes it easier to prosecute. would the same hold true in this instance? justin kurynny waggener edstrom * -----Original Message----- From: SCRIMSHER,JOHN (HP-Corvallis,ex1) [mailto:john_scrimsher@private] Sent: Friday, June 21, 2002 12´36 To: 'Tom Tintera'; 'Seth Arnold'; 'Lyle Leavitt'; 'Phil Hochstetler' Cc: 'CRIME' Subject: RE: CRIME EarthLink Password Security Story This raises an interesting legality question. If a server is publicly available for use as, for instance, a web server. Can we assume then that all sites / pages on that server that are publicly available without use of an authentication mechanism imply authorization to access said system via the channel offered for access, in this instance port 80. If the authorization to access the system via port 80 to a publicly available document is implied through its availability, then would you be truly acting illegally to utilize vulnerabilities such as directory traversal to access more data, including the execution of programs on the system? My point is that some vulnerabilities require no special hacking skills, merely the ability to walk through the open door. Alteration and or destruction of data would be illegal, I believe, no matter the method of access. But merely walking in the door that is open to the public.... Would that also be illegal? John > -----Original Message----- > From: Tom Tintera [mailto:Tom_Tintera@private] > > Randal did use one of the passwords to copy a larger password > file and also installed a back door through Intel's firewall. > However, ORS 164.377 states that:4) Any person who knowingly > and without authorization uses, accesses or attempts to > access any computer, computer system, computer network, or > any computer software, program, documentation or data > contained in such computer, computer system or computer > network, commits computer crime. Class A misdemeanor. > > Caution is advised if there is no authorization.
This archive was generated by hypermail 2b30 : Fri Jun 21 2002 - 15:11:37 PDT