Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-Disclosure] Name One Web Site Compromised by Download.Ject?

from [Valdis . Kletnieks] Network Security [Permanent Link]
Subject: Re: [Full-Disclosure] Name One Web Site Compromised by Download.Ject?
Date: Wed, 30 Jun 2004 17:08:32 -0400 
On Wed, 30 Jun 2004 10:56:28 PDT, Morning Wood <se_cur_ity@hotmail.com>  said:


As a side note, I would like to know if using a exploit on a non passworded 
site ( access restriction )
to obtain / change data is in fact illegal ( in the USA ) , as I recall it 
is a violation to bypass
an ACCESS CONTROL DEVCE. If no access control is present is there a 
violation of a law?


Note that 17 USC 1201(a)(1)(A) says: "No person shall circumvent a
technological measure that effectively controls access to a work protected
under this title".  In other words, the anti-circumvention clause is
*only* concerned with the case of you circumventing something to get at
copyrighted data.

If there's no copyright issue, or no access control, that clause doesn't
apply.

You however *may* still be in deep bovine-based fertilizer from
possible violations of 18 USC 2101, 18 USC 1030, other US Code sections,
and quite possibly any state laws that pertain to whatever you did...

Attachment: pgpgL2DcUM7Fq.pgp
Description: PGP signature

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-Disclosure] Web sites compromised by IIS attack, TIERNAN RAY, BLOOMBERG/ NEWSROOM:
Next by Date:  [Full-Disclosure] Printer-Hacking, IndianZ
Previous by Thread:  Re: [Full-Disclosure] Name One Web Site Compromised by Download.Ject?, Morning Wood
Next by Thread:  Re: [Full-Disclosure] Name One Web Site Compromised by Download.Ject?, Gregory A. Gilliss
Indexes:  [Date] [Thread] [Top] [All Lists]