Being safe on the internet (was Re: Here we go again - ISP DPI, but is it interception?)

Peter Tomlinson pwt at
Wed Aug 4 07:13:12 BST 2010

Tom Thomson wrote:
>>> Yes, but if Cuthbert just moved up the tree to look at directory
>>> roots as in my example than that isn't obviously non-authorised.
>>> Some website owners want you to do that and provide a helpful menu
>>> or index for you. Some website owners don't want you to do that. The
>>> way to tell which is which is by trying.
>> Peter Sommer said that rather than say what he'd done, he instead
>> presented some story about proxy activity.  That does rather
>> complicate the story.
> I wonder if the dialogue went like this:
> 	Plod: But you attempted an unauthorised directory transfer.
> 	C: No - if anything like that happened it must have been something done by a 	proxy server, I didn't do it.
> 	Plod: But we can clearly see from the log on your PC that you were at and the typed
> 	C: Yes, of course I did that.  That's the natural thing to do.
> Or something pretty close to that, adapted by Plod to look a little more incriminating (that sort of adaptation is what used to be known as a "verbal" - and for it to have a commonly used name it probably had to be a commonly occurring thing; and far worse things happen even today).
> M.
I take the same line with this "unauthorised access" argument as I do 
with the problem of restrictions on the validity of off peak tickets on 
UK trains: if the restriction is not declared to me at the time of 
purchase of the ticket (and done so in writing in a form that I can 
conveniently carry with me), then the restriction is not valid.

(No, I have not been caught out on a train, but was recently on a train 
at 0945 when the Train Manager accepted my valid after 0900 ticket but 
told a lady sitting two seats ahead of me that her ticket was not valid 
until after 1000 - and he made her pay a surcharge.)


More information about the ukcrypto mailing list