Being safe on the internet (was Re: Here we go again - ISP DPI, but is it interception?)

Wendy M. Grossman wendyg at
Sat Jul 31 14:50:48 BST 2010

Peter Tomlinson wrote:
> Mary Hawking wrote:
>> In message 
>> <mailman.0.1280559135.19741.ukcrypto at>, 
>> ukcrypto-request at writes
>>> On Fri, 30 Jul 2010, Peter Fairbrother wrote:
>>> | I don't get it.
>>> |
>>> | If I want to find out whether a site allows directory traversal - 
>>> some sites | do, some don't - how else am I going to find out other 
>>> than adding a "/.." ?
>>> And it seems the tsunami hacker didn't even add "/.."
>>> - he simply truncated the URL, to find a parent or root page.
>> I'm not sure I can get my head around the laws making this illegal - 
>> but I am sure that if truncating a URL to find a home page *is* 
>> illegal, the majority of ordinary internet users are criminals!
>> I do it all the time - and it is often the *only* way to find the home 
>> page if you have been sent the URL for a document on a website, rather 
>> than the website itself.
> I find it unbelievable that its illegal, if only because it is so easy 
> to do by mistake - so I do not even support the conditional discharge, 
> because the prosecution should never have been brought. I suppose that 
> the physical world analogue is that you are tampering with a locked door 
> if you send that message - but really you are just trying a doorknob, 
> and thus the prosecutor should have to provide evidence that you have 
> malicious intent. So you need to find an internet police person and 
> report that somebody is tampering with your internet access - fat chance.

It's not even trying a doorknob. It's more like finding two pages stuck 
together in a magazine and separating them, or finding a public street 
blocked and taking a detour to get to the street you're trying to get to.


More information about the ukcrypto mailing list