[Full-Disclosure] SPAM, credit card numbers, what would you do?
lists at onryou.com
Wed Oct 15 01:15:01 BST 2003
>>A number of 'hackers' recently in the news did their 'hacking' via web
>>browsers -- just like you. It could likely be successfully argued by a
>>prosecutor that you intentionally stole this credit card data. Yes, I
>>know it was a via clickable link and the site was ridiculously
>>unsecured, but that probably wouldn't make a difference to a court.
> How is 'hacking' defined where you are? In Australia (at least in NSW),
> and some other places, an access control mechanism of some description
> has to be circumvented for it to be an offence.
In Canada, anyone who "fraudulently and without colour of right obtains,
directly or indirectly, any computer service" is guilty of Unauthorized
Use of a Computer -- note 'computer service' includes computer service
'data processing and the storage or retrieval of data'. It definitely
wouldn't be a stretch to say that accessing a server-held record of
previous orders was without colour of right.
Additionally, any number of fraud / mischief offences may be applied to
I believe the US laws are similar.
See PART IX: OFFENCES AGAINST RIGHTS OF PROPERTY -- 342.1: Unauthorized
Use of Computer
Full-Disclosure is hosted and sponsored by Secunia.