| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 30 Sep 2008 16:30:09 -0400 From: "Eliah Kagan" <degeneracypressure@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: [inbox] Re: Supporters urge halt to, hacker's, extradition to US Here's a question, relating to the PUBLIC DOMAIN issue. I don't know the answer, but it seems relevant. When a http indexing bot (like those used by Google, for instance) comes upon a hyperlink into a page that is http authenticated, does it follow the link and try a blank password, or does it not follow the link? Is there some accepted standard for that? If it is considered acceptable to assume that access is permitted to any system that doesn't have passwords set but present http authentication, it would be hard to argue that other forms of authentication are different. Of course, having gained access, making deliberate modifications, however slight, would be illegal. Here's another question...suppose someone finds that a Pentagon system is open to access and modification by anyone in the world, and then that person informs the appropriate governmental authorities rather than accessing the system. In response to that information, wouldn't the system administrators then **also have to investigate and then, regardless of the outcome, flatten and rebuild the system**? The argument that it is the system administrators who caused the *expense* to be incurred, and not McKinnon, seems to have some weight to it. -Eliah _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists