Being safe on the internet (was Re: Here we go again - ISP DPI,butis it interception?)

Peter Sommer peter at
Sun Aug 1 08:17:16 BST 2010

You got the wrong impression.  The judge's reasoning was that in the circumstances the directory traversal was an unauthorised access.  Cuthbert was "authorised" to type in a valid URL and to move around the website via links,  but not to re-form a URL for the purposes of exploring the contents of the web-server.

But, as I said,  what set the police and the judge against him was his initial lack of candour and the attempt to suggest that the actions recorded by the IDS were the result of proxy server activity.

And can I repeat - this case sets no precedents:  the judge decided on the day on the facts in front of him.   All the points made in this thread why he could have decided otherwise were made by counsel and in my own evidence.

Peter Sommer

>I got the impression at the time that the logic was that anything that tripped 
>an ids was an intrusion, and the harm lay in the fact that the operators had 
>the analyse the logs. which is total madness. 

More information about the ukcrypto mailing list