At what point is it hacking?
Results 1 to 8 of 8

Thread: At what point is it hacking?

  1. #1
    Senior Member
    Join Date
    Aug 2003
    Posts
    224

    At what point is it hacking?

    When exploring the net, at what point do you feel that harmless legal exploration crosses into the realm of illegal 'hacking'?
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

  2. #2
    T̙͓̞̣̯ͦͭͅͅȂͧͭͧ̏̈͏̖̖Z̿ ͆̎̄
    Join Date
    Dec 2004
    Posts
    3,171
    Personally, I think you cross the line the moment you infltrate a computer without the person's consent.

  3. #3
    Senior Member
    Join Date
    Nov 2001
    Posts
    1,255

    Re: At what point is it hacking?

    Originally posted here by fraggin
    When exploring the net, at what point do you feel that harmless legal exploration crosses into the realm of illegal 'hacking'?
    Depends, for a lot of Law Enforcement agencies, the moment you cause financial harm to someone. There's always the two lines though: legal and ethical. Hacking nowadays is much more likely to be unethical than illegal in many countries, mostly because laws are still playing catch-up.
    Chris Shepherd
    The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
    \"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
    Is your whole family retarded, or did they just catch it from you?

  4. #4
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Easy one....

    The whole crux of the question depends _not_ on your determination of the meaning of the word "harmless" but that of the person who discovers your "harmless" activity.

    That's the only issue really.... It's up to you to decide what the other person's version of "harmless" is......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #5
    Senior Member
    Join Date
    Aug 2003
    Posts
    224

    Re: Re: At what point is it hacking?

    Originally posted here by chsh
    .... Hacking nowadays is much more likely to be unethical than illegal in many countries, mostly because laws are still playing catch-up.
    I agree. I do not think there is a law against hidden cameras as long as there is no audio because currently there are only laws against eavesdropping under certain conditions. Up until recently, most people only utilized CCTV in stores, shopping centers and other misc. areas where they were provided to prevent illegal activites. Now anyone can afford cameras that are very hideable and the laws should be updated to protect the rights of individuals, however, this goes back to your quote.....
    As far as hacking a system, I would have to compare such activity to breaking and entering. If a door is wide open, (i.e. a port, or VPN tunnel with no protection) and not locked, and is on public property (i.e. an internet site, not a home PC or Network) then there would be no security devices to disable and no doors to bust open to enter the property. At this point, what more would it be than ulawful entry.. (if there is such a crime).
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Fraggin:

    One could technically argue that, in the case of the web site, port 80 is the only _public_ port. Thus, finding an open port for ftp, (21), could be considered exactly the same as going through the back door into the warehouse of your local supermarket because it was unlocked. At a minimum you can be charged with trespass. If you download a single file or cause any expense to the supermarket then you are a burglar.... Simple as that really. I believe the same applies to the internet... if my DNS points you to a web server or mail server or whatever then those are the "public" doors to my business. All others, be it by intent, misconfiguration or sheer stupidity are not your's to even "rattle the door of"... they are mine, period. The fact that you _can_ enter doesn't mean you _have_ to enter.

    Then again, even my "public" port _should_ have some reasonable expectation of "proper use". Download my web pages, fill in my forms, buy stuff from me.... whatever.... but when you start trying to exploit the system in any way you become no better than the shoplifter who entered by the front door of the supermarket... Your intent may not be criminal, (maybe you are just trying to prove that you can steal a dozen eggs), but the moment you get outside the door with those eggs you have stolen them.... Similarly, using "devious" means to enter my supermarket can be considered to be equally criminal.

    It's back to my original question..... What does the 'violated" person consider the meaning of the word "harmless".... In any case it will cost the owner money to mitigate the issue.... Thus, technically, _you_ just stole from him.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #7
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    comes back to ethics..

    You find an port 5000 open (was this by accident or were you doing a port scan.. so ethicly your off track already)
    so you decide that a VNC prog must be in use, wow, the Password is PASSWORD, now you have the users Desktop ..

    IF your "browsing" you won't accidently find that a site has an open port. If you Find an open Port, you are activly looking, that is your running a port scan.

    When you go to the bank or a supermarket, there are a number of Customer Entry points, that is the Web sites port 80, you also have service entry points, these are normaly locked, that is have a secure password, and or they are hidden from view.. they wont have a banner inviting customers in .. customers don't enter a store via the fire escape or backdoor without invitation.

    what more would it be than ulawful entry.. (if there is such a crime).
    yes there is such a crime, regardless of what a dumbass the sysadmin of the site maybe, if your where the site normally wouldn't allow, your trespassing. A fellow in Aus äccidently" found a web page with a list of customers and their creditcard details, method.. typed random url's .. the page inquestion was not linked to on the site..that is no internal links.. ok it was a dumbass webmaster that allowed this.. but this guys intent was to find access via another method.. I forget what he was charged with.
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  8. #8
    Senior Member
    Join Date
    Aug 2003
    Posts
    224
    Originally posted here by Und3ertak3r
    . A fellow in Aus äccidently" found a web page with a list of customers and their creditcard details, method.. typed random url's .. the page inquestion was not linked to on the site..that is no internal links.. ok it was a dumbass webmaster that allowed this.. but this guys intent was to find access via another method.. I forget what he was charged with.
    Ouch... That really sucks.. he must have used this info for personal reasons.

    I guess that does make a valid point.... If your rolled into your local bank branch throught the door they deliver money orders to with armored trucks, you may get some odd stares, a
    Ctrl-C of your appearance and clothing and end up answering some questions. And, going into the local supermart after hours and walking out with a dozen eggs may get you beat down by an overzealous rent-a-cop. Similar to being noticed port scanning and unethical, overzealous admin's domain.

    I guess the days of innocent network exploration (other than your own) are pretty much over with, but it seems that it hasn't slowed down the act.
    There are many rewarding oppurtunities awaiting composure from like minds and great ideas. It in my objective to interconnect great things.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides