On 9 Oct 2008 at 13:46, Lisi Reisz wrote: > On Thursday 09 October 2008 13:40:40 mike scott wrote: > > having seen an > > example of how legal ignorance in the UK of normal computer use > > results in reasonable actions becoming prosecutable. > > Could you send us/me (i.e. either on or off list) a reference?
I don't have any links to the specific case I'm thinking of. However (and I know this is OT for the list, but others may be interested), it ran IIRC roughly as follows. Web site notices attempted access to file system root. Turns out a computer consultant was adding /.. repeatedly to a URL in order to navigate from a deep link up to an unknown higher available level. Perfectly reasonable and easier than deleteing trailing components in the browser address bar. Unfortunately, web browser was mapping URL directly to file system, with inevitable results. Court failed to recognise distinction between (external) URL and (local) filename; consultant was convicted of attempting to gain unlawful access, rather than site operators of sheer incompetence. (Pretty poor "consultant" if you ask me, but there you go :-) ) There was too some nonsense about not having "permission" to access a web site - which would apply to virtually all attempted accesses - the court not recognising apparently that http was itself negotiating said permission. It seemed to me the court just "didn't get it", and no- one had enough technical nous to make it clear. Our problem in the UK is that the law is sometimes woolly in wording, and applied patchily (eg BT seems to get away with busting holes in RIPA and data protection procedures, yet the above can happen.) -- Permission for this mail to be processed by any third party in connection with marketing or advertising purposes is hereby explicitly denied. http://www.scottsonline.org.uk lists incoming sites blocked because of spam [EMAIL PROTECTED] Mike Scott, Harlow, Essex, England --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
