Here we go again - ISP DPI, but is it interception?

Nicholas Bohm nbohm at
Sat Jul 31 11:37:31 BST 2010

Mary Hawking wrote:
> In message
> <mailman.0.1280559135.19741.ukcrypto at>,
> ukcrypto-request at writes
>> On Fri, 30 Jul 2010, Peter Fairbrother wrote:
>> | I don't get it.
>> |
>> | If I want to find out whether a site allows directory traversal -
>> some sites | do, some don't - how else am I going to find out other
>> than adding a "/.." ?
>> And it seems the tsunami hacker didn't even add "/.."
>> - he simply truncated the URL, to find a parent or root page.
> I'm not sure I can get my head around the laws making this illegal -
> but I am sure that if truncating a URL to find a home page *is*
> illegal, the majority of ordinary internet users are criminals!
> I do it all the time - and it is often the *only* way to find the home
> page if you have been sent the URL for a document on a website, rather
> than the website itself.
> In addition, if a page URL gives an Error message, is it illegal to
> knock off bits of the URL until you reach a loadable page?
> Who brought the prosecution? I.e. was it a public or police
> prosecution or a private one, and did the site owner (who does own a
> website for these legal purposes?) claim damages and if so on what
> grounds?

It seems to have been a conventional police/CPS prosecution following a
complaint.  Nothing suggests there was any claim for compensation.

> Is the identity of the organisation launching the particular appeal in
> the public domain? 

If I follow the report, BT as the operator of the site reported the
intrusion and the police did the rest.

> I would have thought that the potential reputational damage to their
> future activities would have far outweighed any desire to make a test
> case example of one individual for doing what everyone else does all
> the time ...

Regrettably such hopes seem vain ...

Contact and PGP key here <>

More information about the ukcrypto mailing list