[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] SPAM, credit card numbers, what would you do?
- To: full-disclosure@lists.netsys.com
- Subject: Re: [Full-Disclosure] SPAM, credit card numbers, what would you do?
- From: Cael Abal <lists@onryou.com>
- Date: Tue, 14 Oct 2003 20:15:01 -0400
A number of 'hackers' recently in the news did their 'hacking' via web
browsers -- just like you. It could likely be successfully argued by a
prosecutor that you intentionally stole this credit card data. Yes, I
know it was a via clickable link and the site was ridiculously
unsecured, but that probably wouldn't make a difference to a court.
How is 'hacking' defined where you are? In Australia (at least in NSW),
and some other places, an access control mechanism of some description
has to be circumvented for it to be an offence.
In Canada, anyone who "fraudulently and without colour of right obtains,
directly or indirectly, any computer service" is guilty of Unauthorized
Use of a Computer -- note 'computer service' includes computer service
'data processing and the storage or retrieval of data'. It definitely
wouldn't be a stretch to say that accessing a server-held record of
previous orders was without colour of right.
Additionally, any number of fraud / mischief offences may be applied to
computer-related charges.
I believe the US laws are similar.
Cheers,
Cael
---
See PART IX: OFFENCES AGAINST RIGHTS OF PROPERTY -- 342.1: Unauthorized
Use of Computer
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html