WingNews logo WingNews
top | item 41623840

(no title)

mainframed | 1 year ago

Adding to this, in some countries he is already past the gray-area to what constitutes as computer fraud.

Pissing off the company, whose systems you accessed without authorization, is one way of getting to experience the full force of the justice system.

discuss

order

moralestapia|1 year ago

Curious.

How is this, specifically, fraud?

nkrisc|1 year ago

The gist of some various laws around the world is that simply obtaining credentials does not authorize you to access the system, and accessing it without authorization is the illegal part.

cornel_io|1 year ago

People have been convicted of hacking for merely editing URL strings, under the theory that were knowingly accessing systems in ways that they were not supposed to. This would be similar.

Whether or not that seems reasonable to us is a different matter, but basically it boils down to the fact that "they left the door unlocked" doesn't make it legal to walk in.

rvnx|1 year ago

He is in India:

If any person without permission of the owner or any other person who is incharge of a computer, computer system or computer network

- (a) accesses or secures access to such computer, computer system or computer network or computer resource;

- (b) downloads, copies or extracts any data, computer data base or information from such computer, computer system or computer network including information or data held or stored in any removable storage medium;

[...]

- (e) disrupts or causes disruption of any computer, computer system or computer network;

[...]

- (g) provides any assistance to any person to facilitate access to a computer, computer system or computer network in contravention of the provisions of this Act, rules or regulations made thereunder;

If any person, dishonestly or fraudulently, does any act referred, he shall be punishable with imprisonment for a term which may extend to three years or with fine which may extend to five lakh rupees or with both.

====

Though, I prefer a lot the poster of the blog post than the company...

ceejayoz|1 year ago

By the sensible definition, it isn’t.

By the definition that killed Aaron Swartz, it probably is.

mainframed|1 year ago

I don't know Indian laws. But this wikipedia page [1] gives a list of types of computer fraud in the US under the CFAA:

Types of computer fraud include: * [...] * Accessing unauthorized computers * [...]

He accessed their computers to access purchase information of other people (e.g. his friend) and business data. I guess making it public, thereby damaging the companies reputation and potentially getting sued by their lawyers is one way to find out, whether he was "unauthorized" to do so.

[1] https://en.wikipedia.org/wiki/Computer_fraud