Being safe on the internet (was Re: Here we go again - ISP DPI, but is it interception?)
igb at batten.eu.org
Sun Aug 1 07:58:43 BST 2010
I got the impression at the time that the logic was that anything that tripped an ids was an intrusion, and the harm lay in the fact that the operators had the analyse the logs. which is total madness.
(mobile, sorry for typos)
On 31 Jul 2010, at 14:50, "Wendy M. Grossman" <wendyg at pelicancrossing.net> wrote:
> Peter Tomlinson wrote:
>> Mary Hawking wrote:
>>> In message <mailman.0.1280559135.19741.ukcrypto at chiark.greenend.org.uk>, ukcrypto-request at chiark.greenend.org.uk writes
>>>> On Fri, 30 Jul 2010, Peter Fairbrother wrote:
>>>> | I don't get it.
>>>> | If I want to find out whether a site allows directory traversal - some sites | do, some don't - how else am I going to find out other than adding a "/.." ?
>>>> And it seems the tsunami hacker didn't even add "/.."
>>>> - he simply truncated the URL, to find a parent or root page.
>>> I'm not sure I can get my head around the laws making this illegal - but I am sure that if truncating a URL to find a home page *is* illegal, the majority of ordinary internet users are criminals!
>>> I do it all the time - and it is often the *only* way to find the home page if you have been sent the URL for a document on a website, rather than the website itself.
>> I find it unbelievable that its illegal, if only because it is so easy to do by mistake - so I do not even support the conditional discharge, because the prosecution should never have been brought. I suppose that the physical world analogue is that you are tampering with a locked door if you send that message - but really you are just trying a doorknob, and thus the prosecutor should have to provide evidence that you have malicious intent. So you need to find an internet police person and report that somebody is tampering with your internet access - fat chance.
> It's not even trying a doorknob. It's more like finding two pages stuck together in a magazine and separating them, or finding a public street blocked and taking a detour to get to the street you're trying to get to.
More information about the ukcrypto