---Reply on mail from Bill Hinton about Does Ruling Give Hackers Free Rein?
> Actually that's the case in the USA as well. Although a port scan or
> attempted hack to be considered a violation of Common Law 1030 the DOJ will
> not prosecute unless the system is actually penetrated.
>
If you read 18 USC 1030 (http://law.house.gov then goto 'search the US
code' then title 18 section 1030.. It was down when I wrote this so I
cant get an exact url)..
it states many things that define unauthorized access.
Basically 'damage' has to occur for it to be a crime (or if its access to
a lifesupport system, or a government computer, or a few other things that
most people's systems dont qualify for). Damage is defined in this statue
as $5,000 or more. That means that the port scan that may have taken an
hour or at most 2 to figure out what was going on and who was behind it
etc, wouldnt qualify. The 'damage' wasnt great enough for it to be a
federal crime (although state laws may come into play)..
There are a few other silly things that the US has as part of case law..
If the only copy of illegal material (violations of 18 USC 1029 - access
devices ie password files etc) is on a online system (I dont know the
exact definition of this, but I think that anything that is up 24/7 and
allows people to login from remote qualifies) then it isnt admissable in
court.. Which means that if someone does break into your system, and it
is known who it was, as long as they dont have anything on their personal
system they cant be convicted (based on that evidence, and call detail
logs are circumstantial becuase they dont show what occured during the
session, nor do they show who was at the keyboard)...
--
Bret McDanel http://www.rehost.com
Realistic Technologies, Inc. 973-514-1144
These opinions are mine, and may not be the same as my employer
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
