Hacking to prove a point?

[draziw]

Defacement can easily be compared to vandalism... painting over someone else's property. It's clearly crossing over the line as far as notification goes. However, I sort of feel "at-odds" with myself on the simple demonstration of a problem is "wrong."

For example (sorry, impending house reference): if you left your window open, is it wrong for me to point you at it and say "Hey look stupid, I really /can/ open it." To me, that's probably in the grey area. Now, if I don't know you're home, is it wrong for me to open that same window and leave you a note where you can see it (and presumeably only you) telling you that it was left open (and, of course, call/mail you and tell you the note is there)? Again, serious grey area in a way...

Some people might say this is more black and white and that as soon as my hand goes in that window, I'm trespassing... and, well, I'm not sure I can adequately disagree with that idea - though I might question exactly where that line is...

[fr0z3n]

Hacking to prove a point. Is like a game of truth and dare. It's like i dare you to hack so and so.

Would I do it, no. Cause, it's not worth it.

My skill of hacking, or the way i :hack: is like this. My friend, gets hacked.. say he' gets infected with sub7 or a trojan.. I simply connect to his computer, then i remove it. Then i call him, and tell him how to finish removing it. Then, i tell him to download a trojan scanner & remover.

bam, hacking to my point!!

[Maverick811]

I happen to agree with what most of you guys are saying. I feel that entrance to any system, unless given explicit permission, is wrong. A concerned user should only go so far, that being to warn the admins of the problem. If they don't fix the problem, then it seems that it is their fault from there - I personally would not want someone to enter my networks, leave an indication that they were there simply to warn me that I didn't have a system patched or that I had a configuration error - even though their intentions were good. I know that I would appreciate a simple email message warning me of the potential problem so that I can investigate it, patch and fix if needed.

[cwk9]

One reason why web page defacements aren’t taken that seriously is because it’s only temporary and most of the time easy to fix. But I think the main reason is because most of the time the web page being defaced is some large multinational corporation homepage that no one really cares about. I bet if the main google or hotmail page was replaced with some creepy offensive dungeon porn people would start to think about web page defacement as a real crime instead of just mischief.

[smirc]

The reality is that the "Deceptive Duo" was actually doing them a favour in pointing out the security flaw. But the law was still broken. The "Deceptive Duo" acted wrongly. They are no two ways of looking at it. It's just a shame that the cracker(s) had to go to such lengths before the matter was taken seriously. If I was trying to secure a site like that, I would take all the help I could get.

[tyger_claw]

Taking the law into your hands is still breaking the law....

Why do you think protestors get peppersprayed? Because sometimes they go to far... (however sometimes the police go to far too....)

The sysadmins ignored the e-mails and paid for it....
It's like they say Ignorance Is Bliss

[CustomPUNK]

If the admin doesn't choose to fix the problems even though he knows its there, its plain ignorance. Honestly i'd say its his problem, but on the other hand if that problem tends to affect something important like national security then "Unfortunately, it takes action to get a reaction,". But there are other ways to get them to fix there problem besides defacing there site.