Internet Access and Computer Fraud Laws 171
DrJimbo writes "Groklaw has an explanatory article covering the Computer Fraud and Abuse Act (CFAA) in layman's terms. The article discusses legal precedents that might make it illegal to access much of the internet. The article is a response to a claim by SCO that IBM violated the CFAA by downloading GPL'ed software from SCO's public HTTP and FTP sites."
Illegal to access much of the internet? (Score:2, Funny)
Re:Illegal to access much of the internet? (Score:5, Funny)
You might want to wine and dine the football before you go for home...
Obligatory misquote (Score:2, Funny)
Re:Illegal to access much of the internet? (Score:2, Insightful)
Re:Illegal to access much of the internet? (Score:2)
Re:Illegal to access much of the internet? (Score:2)
"I think the problem here may be more of a question of getting rid of the bad Internets and keeping the good Internets. 'Cause I think we can all agree, there's just too many Internets."
Re:Illegal to access much of the internet? (Score:1)
No thank you, I'm a heterosexual. [angelfire.com]
LK
WTF? (Score:3, Insightful)
Re:WTF? (Score:2)
Actually from my limited understanding of the essay, SCO is trying to say that they weren't really allowing you to download the GPL software and that IBM's access to it was unauthorized.
Basically IBM hacked SCO.
Re:WTF? (Score:3, Insightful)
From the Article:
"The court felt the need to further explain its rationale. It wanted to be clear that the basis for the rejection of "reasonable expectations" test is not "as some have urged, that there is a "presumption" of open access to Internet information". There is not. (Some might call that astounding and disturbing news.)"
So, if they put it out there, in a publ
Re:WTF? (Score:2)
Re:WTF? (Score:2)
The problem is that the quoted text was not from SCO, it was from a judge in a spam case, which set precedent that just because something is viewable on a website doesn't mean you automatically have authority to view it, and simply viewing it can violate the CFAA.
While this may have been useful for nailing the spammer, the implication of this previous ruling is far more reaching as we are seeing now.
Re:WTF? (Score:2)
Re:WTF? (Score:2)
Re:WTF? (Score:2)
For a hypothetical example, consider the goatse.cx site, but with a link at the top of the main page to a TOS page, and a sentence saying you shouldn't look at the picture until you've agreed to the TOS. Some prosecutor decides to take them to court on an obscenity
Re:WTF? (Score:2)
As the guy wrote, it may now be illegal in America to look at most of the Web. Unless a site has given you explicit permission to read it, merely following a link to a site and looking at any page may make you a criminal.
Re:WTF? (Score:4, Insightful)
It is not Fraud because the software is GPL. It is Fraud because, as SCO has claimed in their recent court filing, IBM hacked into SCO's anonymous ftp server, in order to obtain the GPL software.
Even worse, evil IBM earlier admitted doing the dastardly deed.... In an earlier court declaration by an IBM employee, "I supervised while a member of my team..." logged into SCO's anonymous ftp server and downloaded the kernel sources, which include source code copyrighted by IBM, and which SCO is distributing in violation of the GPL.
It sounds like entrapment, or bait and switch, to me
I would be careful of making such libelous statements that could tarnish the valuable unblemished reputation of a paragon of virtue such as The SCO Group.
Don't forget to pay your $699 license fee to SCO for your Linux kernel which includes SCO's copyrighted <errno.h> file.
Re:WTF? (Score:2, Informative)
Re:WTF? (Score:2)
I know, I hate EULAs and soforth the same as most other ppl, but right now they have
Re:WTF? (Score:3, Funny)
Here is the agreement from SCO's ftp site:
Welcome to SCO's UnixWarez Site
All downloads are for BACK-UP only. If you are from a law enforcement agency then you are not allowed to log on. No kiddie pr0n. Upload to download. No leeching
Re:WTF? (Score:3, Insightful)
Re:WTF? (Score:4, Informative)
Re:WTF? (Score:4, Funny)
Did you mean it sounds like typical SCO behavior? Or am I misunderstanding you?
Re:WTF? (Score:2)
Look at the DMCA cases.
Re:WTF? (Score:2)
Any company which publicly exposes its information, under standard brick and mortar rules, loses its right to keep anyone else from using that information once it has been released to the public. Although it is true that there are reasonable expectations (such as no one person can take all of the candy which someone might put out to help attract customers) implied - the use of scrapers should not be d
Re:Enforcing American Laws in China? Good Luck. (Score:2)
Invade China. Don't think they won't.
Re:Enforcing American Laws in China? Good Luck. (Score:2)
No more RTFA ?? (Score:5, Funny)
Re:No more RTFA ?? (Score:1)
Re:No more RTFA ?? (Score:2)
Re:No more RTFA ?? (Score:2)
Heh (Score:5, Insightful)
And this is a perfect example of why nobody takes SCO seriously.
Re:Heh (Score:3, Informative)
Re:Heh (Score:3, Funny)
Re:Heh (Score:3, Informative)
SCO says that IBM hacked, but provides no evidence (not even a sworn deposition!) that IBM did so.
Take the SCO claim with several pounds of salt...
Re:Heh (Score:3, Informative)
Userid: anonymous
Password: Nazgul@ibm.com
Re:Heh (Score:2)
IBM has not yet said to the court how, exactly, they accessed the material on SCO's site.
Leaving the door open... (Score:2)
I think not. (unless I work for Homeland Security
I am not saying that is what IBM did, but that is something that SCO will try to make it seem like IBM did.
Re:Leaving the door open... (Score:2)
Re:Leaving the door open... (Score:2)
Heck, you have more property rights with your FTP server than your house.
If the government wants to build a freeway or a train line and your house is in the way - they can take it from you.
Re:Leaving the door open... (Score:2)
If that is the norm in your culture, then yes, it is legal, because it is commonly accepted that on the Internet any ftp site that allows an anonymous login is there to serve files to the public.
Re:Leaving the door open... (Score:2)
Incorrect analogy. Entering the house through the front door is tresspass, even if the door happened to be unlocked at the time. Besides, I've seen doors that do not lock (or open) properly - a defective lock does not mean public access.
Setting up public anonymous FTP access is a different case.
Re:Leaving the door open... (Score:2)
Is negligence a defense to trespass?
I'm playing the Devil's Advocate here, since SCO very well argue along these lines.
Re:Heh (Score:2)
Re:Heh (Score:2)
Re:Heh (Score:2)
Please. Forgetting to turn off anonymous logins to a PUBLICLY AVAILABLE http/ftp server is just stupid. Thats like me sending a link to someone... and putting secret stuff on the webpage.. then suing whoever looks at it becuase I forgot to turn on htaccess.
Who the hell would use an operating system from these people?
Re:Heh (Score:2)
What scares me though, is that some non-tecnical minded judge might actually believe the bovine excrement thats coming out of Lyndon UT.
Now thats SCARY
Cheers, Gene. Who hopes he is on duty beside Gabriel when they show up so he can really tell them where to go.
Re:Heh (Score:1)
Sublime... (Score:1)
Simple solution (Score:1, Funny)
Re:Simple solution (Score:2)
Why don't you spend some time in a jail and see how long it takes for you to be violated.
Re:Simple solution (Score:2)
If illegal, who set up the file servers...? (Score:1, Funny)
Login: anonymous
Password: sco_sucks@ibm.com
Access authorized for downloading. Have a good day!
No, no, you don't get it. (Score:4, Interesting)
In other words:
POST #11118838 CIRCUMVENTS A MECHANISM THAT EFFECTIVELY CONTROLS ACCESS TO A COPYRIGHTED WORK, MEANING SLASHDOT.ORG IS NOW AN ILLEGAL CIRCUMVENTION DEVICE UNDER THE DIGITAL MILLENIUM COPYRIGHT ACT.
Well, it's been a nice run for slashdot.org. Too bad it'll be shut down soon. Thanks for everything, everyone!
all SCO is (Score:2)
they are going to get nothing done to help their business model because they are just trying to chase other companies down
SCO needs the 4 way test (Score:1)
1. Is it the TRUTH?
2. Is it FAIR to all concerned?
3. Will it build GOODWILL and BETTER FRIENDSHIPS?
4. Will it be BENEFICIAL to all concerned?"
From Rotary International. Simple, but effective.
Too bad they fail all four tests.
That reminds me of some thread... (Score:2)
"The moment you stop speaking about yourself to speak about others, you're politically dead".
Nothing could be more true for SCO.
A bit of a strech here (Score:4, Informative)
I would suggest that you are only violating it if you are not authorized to access the computer you are accessing *by the owner/operator* of that computer, regardless of wether or not you may be authorized by a network provider to use their network.
That you may not be allowed to use your employers internet connection for personal use may get you fired by your employer, but does not constitute a violation against the websites you might have accessed.
Re:A bit of a strech here (Score:1)
Therefore you obviously hacked the network. No wonder he fired you. You deserve jail time.
Re:A bit of a strech here (Score:2)
Re:A bit of a strech here (Score:2)
Jon Stanley's scenario, on the other hand, is simply imbecilic -- it sounds like the kind of wild-ass analogy the IANALs usually post in the aforementioned
Re:A bit of a strech here (Score:2)
are you necessarily "allowed" to view or download something because you have access to it? Network administrators frequently rule that such is not the case; the CFAA has been interpreted similarly in the screen-scraping decisions.
It amazes me how convoluted and screwed up the law surrounding the net can get when there are many perfectly reasonable analogies to well understood areas of law.
How hard is it to figure out that an anonymous FTP or web server is an explicit invitation to the information it p
Re:A bit of a strech here (Score:2)
you get cases that are analogous to papers that are left out on the store counter but which are clearly not for public viewing.
There are those, and they are more complicated, but nevertheless, it's nothing new to law.
Re:A bit of a strech here (Score:2)
In your examples, the ISP and the employer could have criminal charges pressed against the user.
You are accessing every computer between yours and the final destination, inclusively, both from a technical and legal standpoint.
Making the law state otherwise would be unjustified. It would make using someone's network without their permission legal as long as you accessed only sites
Re:A bit of a strech here (Score:2)
But if you arent allowed to use the Internet at work for non-work activities, and you do so, you are only culpable to your work.
The way the article was making it sound, if you access google from work to look up something personal, then because your workplace didnt authorize you to use the Internet for personal use, then somehow you are culpable to *google*, which from the exceprts of the law itself, is not the case.
Default is unauthorized (Score:5, Interesting)
Like a .htaccess file (Score:2)
Re:Default is unauthorized (Score:2)
I think Groklaw missed the point on this one... (Score:5, Insightful)
another example... (Score:2)
Apparently there have been cases where a defendant used the 'it said welcome, please login' defense and w
What about deep linking? (Score:2)
Does this judegement have any effect on deep linking, I wonder? Maybe not for the person that posts the link, but what about the person who follows that link, which may be against the explicit rules of the website?.
That said, if I connect to a ftp server and ask to log in, that to me is an explicit request for access. If the ftp server says okay, then isn't that granting explicit permis
Re:What about deep linking? (Score:2)
When you are using FTP for example, you log in by telling the server who you are. It either allows access or denies it. Now you, as the server owner, can choose to set up an account to allow anonymous users to gain access, but that is completely up to you.
Web browsing could be arguably more similar to your example, but as others
Re:What about deep linking? (Score:2)
>> Is this a legal ruling, or just how we would want it to be?
It is how the Internet was designed, open. No, there is no legal ruling, and yes it is how we would like it to be. But it has always had open standards and open access in mind.
>> Do things like the sassar worm change this? Do they have implicit access to your computer? How about a web indexing robot? What
Re:What about deep linking? (Score:2)
Now look in an apartment building. Is it OK for you to assume that you can step inside any apartment that is not locked? Of course not.
I am not saying that a lock is not an authentication method. All I am saying is computers placed in the open on the Internet should assume they will
Re:I think Groklaw missed the point on this one... (Score:2)
Re:Part of an ongoing conversation... (Score:2)
Auto-Summarize (Score:2, Informative)
The jackhammer and the microbe (Score:3, Insightful)
3,000 words, 100 comments. Yes you destroy the microbe, but...
SCO is always good for a laugh, but I have to smile at groklaw too.
Re:The jackhammer and the microbe (Score:3, Interesting)
I disagree. In the legal world, the playing field is leveled, because both sides must be given the opportunity to prove their case (regardless of how nonsensical it may seem outside the courtroom, and assuming of course that the argument has legal grounds to be made) -- you absolutely cannot leave anything to chance or assume anything. If you leave something implied or overlooked, there's a good c
Re:The jackhammer and the microbe (Score:2)
SCO's strategy (Score:4, Interesting)
Just keep in mind that they're not here to win. Their purpose is to drag Linux through legal mud for as long as they can, allowing their overlords MS to spread even more FUD.
Re:SCO's strategy (Score:2)
So now SCO plans on competing with Excel?
-
Reading being access infringement? (Score:3, Insightful)
Now, the purpose of setting up a http server is to distribute some kind of information to the world at large. And maybe accept some information, like Slashdot and a lot of other sites do.
Similarly, if someone sets up an anonymous ftp server they would also be perceived as doing this in order to distribute and maybe also receive information, to and from the world at large. Same thing really.
Now since SCO did just that, how can they then expect to be able to come afterwards and say that IBM shouldn't have looked at their site and downloaded the stuff they had to offer?
Makes no sense to me. One would expect a minimum of "due diligence", such as maybe using a locked-down ftp server with access to only authorized users, if their information was not to be made public and available to world+dog..
But what SCO is on about looks to me like posting a notice with tear-off tabs on a wall somewhere public, where everyone and anyone go by, and then claim some kind of infringement ("unclean hands") from certain people reading this posted text and tearing off a tab.
IANAL, YMMV etc...
And the real gotcha is... (Score:2)
INTERnet VS. INTRAnet (Score:2)
staff (or contractors) MIGHT arguably have
mistakenly posted confidential information
on THE internet, as opposed to THEIR intranet.
The public, visiting this site and reading
confidential information, or perhaps D/Ling
F/OSS packages from their FTP site, would
have absolutely NO WAY to have prior knowledge
of the difference. The responsibility (IANAL)
would/should fall upon SCO for due diligence
of their(?) IP, and not upon the public at
large.
While I did not RTFA (yet), it
Re:Reading being access infringement? (Score:2)
This is the most common purpose, but certainly not the only one.
It's also quite common to use a http server to distribute information only to customers who have paid. For example, most online porn is distributed this way.
One would expect a minimum of "due diligence", such as maybe using a locked-down ftp server with access to only authorized users, if their information was not to be made publi
Re:Reading being access infringement? (Score:2)
However, that would also imply some kind of record-keeping on behalf of the code's owner, that they would need to record who did download what, and when, in order to issue correct bills for that service, or at least have some kind of idea as to how popular their software is.
To me, an empty dialog-box which lets anyone and everyone past doesn't seem to be much different than anonymous FTP where
Please tell me this is all a bad dream... (Score:3, Insightful)
Isn't that entrapment to put someone into a situation that could cause them to break the law? Don't we tell law enforcement that this is exactly the type of thing you're not allowed to do.
I sincerely hope this gets thrown out. Because I'm really wondering if I made the best choice in procreating.
Re:Please tell me this is all a bad dream... (Score:2)
I'm really wondering if I made the best choice in procreating.
Well if your kid becomes a lawyer, then you'll know the answer was "no". :)
Using programs to access information (Score:2, Interesting)
This is a fascinating area of law! (Score:2)
This is an interesting question ...
How is connecting to an FTP server, performing a valid anonymous login, and retrieiving a file, qualitatively different than r00t-kitting someone's server and slurping whatever you can find?
Sure - it seems clear as night or day to you or I, but say it in a way that will stand up to judicial review, and keep in mind that the SCOTUS takes a dim view of statutes that include "Go ask Slashdot"...
Now, run the following gray-area test-cases against that statute, and see
Re:This is a fascinating area of law! (Score:2)
Re:This is a fascinating area of law! (Score:2)
Re:This is a fascinating area of law! (Score:2)
Intent. If you intended to leave this FTP site open to the public, it's assumed that anything which is on it is fair game to download.
Let this be a lesson: Don't open an ftp site and then upload naked pictures of your girlfriend to it and then bitch about it when people log into your public site and download them.
Bait. (Score:2)
Re:Chinee Illegality outside of the USA? (Score:3, Informative)
Perhaps, but that doesn't mean that American law can not address the goings on of web surfers here in the US.
For example; a webiste containing images of 16 year olds engaging in sex may be legal in plenty of places but when you transport those images on to a PC in the US, using US based communications, you are indeed going to be held to the laws in the US.
Certainly we coul
Re:Chinee Illegality outside of the USA? (Score:2)
Re:Chinee Illegality outside of the USA? (Score:2)
Re:I'm new to slashdot... (Score:2)
Re:Don't use refresh... (Score:2)
http://hardgrok.org/blog/item/slashfix-firefox-ex