Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: anti-spam vs network abuse

  • From: Richard Irving
  • Date: Fri Feb 28 18:24:51 2003

Joe St Sauver wrote:
 There is NO legal advice in this post. Really!

> In Oregon, see ORS 164.377(4):
> "Any person who knowingly and without authorization uses, accesses or
> attempts to access any computer, computer system, computer network, or any
> computer software, program, documentation or data contained in such computer,
> computer system or computer network, commits computer crime."

  Define "without authorization", and also "knowingly".

  Was the port open to the public internet ?
  If so, it sounds pretty "authorized" to me,
  therefore undermining "knowingly", afaict.

  Or, otherwise, with a few exceptions, 
  almost every web site I have ever surfed has been "without authorization".

  Like I said, "intention" has to come into the
  picture.... in this case, it is in the form of "knowingly".

  Do you open your "unauthorized" ports to the public internet ?

  "Unauthorized" on wide open internet usually infers
  that there is an access scheme in place to -prevent-
  "unauthorized access", and activity that attempts 
  to undermine that security scheme -then- becomes illegal, AFAIK.

   The absence of such an access scheme, on open internet, would
  infer an "implied authorization"... as in the case of the millions
  of WWW pages we all access daily.

  After all, protocol ports do not publish themselves.....

  Now, to add a twist, did I probe you from "authorized" space,
  and gain "illegal access", undermining your (inadequate) security scheme ?

   Well, then I must have been "authorized", or you wouldn't have
  allowed me in from this "auhtorized" space, eh ?

  Oh, I was in "authorized space", but "I" wasn't authorized,
  and I didn't know  ?

  Oh, well there goes the "knowing" thing again.


While some of this information could be considered
legally valid coming from a "technical expert", it 
isn't to be construed as "legal advice".
Get a lawyer for actual legal advice.
> Regards,
> Joe

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.