Being safe on the internet (was Re: Here we go again - ISP DPI, but is it interception?)

Matthew Pemble matthew at
Wed Aug 4 08:57:35 BST 2010

On 4 August 2010 08:15, Francis Davey <fjmd1a at> wrote:

> However, that's all beside the point. This thread seems to be
> wandering all over the place and this is partly because there's
> confusion between:
> * what people think might or might not be morally right in general
> concerning URL truncation
> * whether URL truncation constitutes unauthorized access within the
> meaning of section 1 of the Computer Misuse Act 1990
Or is the point that people are becoming confused between URL truncation and
a "Directory Traversal Attack", using the well-known '/../' syntax (just the
same as, at the time, appending '.' to a .php URL often gave you the script
source rather than the product)? Although Peter's pdf doesn't make it clear
although other contemporaneous sources ( do mention the method.

I would agree with the general comment here that URL truncation is a
perfectly legitimate web browsing method (especially when you are following
a link that gives you an error page.)  I wouldn't agree that discussion of
URL truncation in respect of the Cuthbert case (regardless of whether his
conviction was sound either in law or in morality) is particularly relevant.


Matthew Pemble
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the ukcrypto mailing list