Timeline for What makes it illegal to use the information learned by exploiting a bug?
Current License: CC BY-SA 3.0
6 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Apr 17, 2014 at 9:57 | history | edited | Steven Volckaert | CC BY-SA 3.0 | added 3 characters in body |
| Apr 17, 2014 at 9:52 | comment | added | TildalWave | Gotcha, I haven't yet read about that case, that's why I was limiting my comment to exploiting the heartbleed bug alone, not what illegal activities could the learned information from exploiting it be later used for. | |
| Apr 17, 2014 at 9:44 | comment | added | Steven Volckaert | In the Canadian case, the hacker did break in: He used the credentials obtained by exploiting Heartbleed to break into the system. To make the physical-world analogy: It's like copying a key, then use it to get unauthorized access. And that's also what he's charged for: "one count of unauthorized use of a computer and one count of mischief in relation to data.". Of course, the judge will have to decide whether or not he broke Canadian law. | |
| Apr 17, 2014 at 9:39 | comment | added | TildalWave | Exploiting the heartbleed bug on its own isn't really analogous to breaking and entering, it's closer to standing in front of the glass wall building and taking photos of its interior with a polarizing filter, because its architects didn't think of that and its occupants are so confident nobody can see inside from the outside, it might be rather unpleasant for them if someone did. | |
| Apr 17, 2014 at 9:04 | history | edited | Steven Volckaert | CC BY-SA 3.0 | added 199 characters in body |
| Apr 17, 2014 at 8:59 | history | answered | Steven Volckaert | CC BY-SA 3.0 |