[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] SPAM, credit card numbers, what would you do?



A number of 'hackers' recently in the news did their 'hacking' via web
browsers -- just like you.  It could likely be successfully argued by a
prosecutor that you intentionally stole this credit card data.  Yes, I
know it was a via clickable link and the site was ridiculously
unsecured, but that probably wouldn't make a difference to a court.

How is 'hacking' defined where you are? In Australia (at least in NSW), and some other places, an access control mechanism of some description has to be circumvented for it to be an offence.

In Canada, anyone who "fraudulently and without colour of right obtains, directly or indirectly, any computer service" is guilty of Unauthorized Use of a Computer -- note 'computer service' includes computer service 'data processing and the storage or retrieval of data'. It definitely wouldn't be a stretch to say that accessing a server-held record of previous orders was without colour of right.

Additionally, any number of fraud / mischief offences may be applied to
computer-related charges.

I believe the US laws are similar.

Cheers,

Cael

---

See PART IX: OFFENCES AGAINST RIGHTS OF PROPERTY -- 342.1: Unauthorized Use of Computer


_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html