* Erik Rossen (firstname.lastname@example.org) [020910 04:51]: > On Tue, Sep 10, 2002 at 03:28:42AM -0700, Vineet Kumar wrote: > > As the law is concerned, this is like telling people they've left their > > front door unlocked by inviting yourself in and taking a dump on their > > couch. It's not yours, and you have no right to enter, let alone change > > Wrong analogy. True, mine was not perfect. The sad fact is that there are no perfect analogs to the real world, and the laws struggle to grasp at them. In any case, no matter what has been done to you from that server, connecting back to that server with the intent of somehow disabling or defacing it is illegal. Even adding some 'notice' on a .html somewhere is defacing. It's totally subjective, and the bottom line is that you have no right to make any modifications to their site, not even 'helpful' ones. (Well, unless you're the RIAA, of course ... maybe we should get a lawyer in here and work on a defense saying "I thought they were infringing on my copyright, so I took 'em down.") > Imagine instead a car that is always unlocked and is used nightly by > hooligans when they go joy-riding. > > The warning message + lockup technique is more like leaving a note > behind the wind-shield of the car and locking its doors. In the real > world, such behavior might be called "being a concerned citizen". Unfortunately, in today's America, such behavior is more likely to be called "cyber-terrorism", and you may land yourself in a military tribunal! I understand that the tools exist, but I'd be very cautious before donning your white hat and becoming the next Internet vigilante. Of course the admin of the site may be grateful for your pointing out that something is wrong, but more likely they'll blame you for any damage they find (no matter how they were originally infected) and be very angry about any change you make to their site. Remember, if they had a clue, they'd already know and be working on fixing the problem (or never have been running IIS in the first place). good times, Vineet -- http://www.doorstop.net/ -- "Those who desire to give up freedom in order to gain security will not have, nor do they deserve, either one." --President Thomas Jefferson.
Description: PGP signature