Here we go again - ISP DPI, but is it interception?

Mary Hawking maryhawking at
Sat Jul 31 09:23:50 BST 2010

In message <mailman.0.1280559135.19741.ukcrypto at>, 
ukcrypto-request at writes

>On Fri, 30 Jul 2010, Peter Fairbrother wrote:
>| I don't get it.
>| If I want to find out whether a site allows directory traversal - 
>some sites | do, some don't - how else am I going to find out other 
>than adding a "/.." ?
>And it seems the tsunami hacker didn't even add "/.."
>- he simply truncated the URL, to find a parent or root page.

I'm not sure I can get my head around the laws making this illegal - but 
I am sure that if truncating a URL to find a home page *is* illegal, the 
majority of ordinary internet users are criminals!

I do it all the time - and it is often the *only* way to find the home 
page if you have been sent the URL for a document on a website, rather 
than the website itself.
In addition, if a page URL gives an Error message, is it illegal to 
knock off bits of the URL until you reach a loadable page?

Who brought the prosecution? I.e. was it a public or police prosecution 
or a private one, and did the site owner (who does own a website for 
these legal purposes?) claim damages and if so on what grounds?

Is the identity of the organisation launching the particular appeal in 
the public domain? I would have thought that the potential reputational 
damage to their future activities would have far outweighed any desire 
to make a test case example of one individual for doing what everyone 
else does all the time ...

Mary Hawking
(I realise that this list is in the public domain...;-<)

Mary Hawking

More information about the ukcrypto mailing list