"Paul B. Brown" wrote:
>
> Eric,
>
> >> I think the issue here is not the definition of access, but the
> >> phrase, "without the effective consent of the owner.". If you are
> >> connected to the Internet, then you "effectively", give consent to be
> >> "accessed" for lawful purposes. Now the issue become "lawful
> >> purposes". By what I've read in the Texas penal code, as it pertains
> >> to port scanning, only a denial of service would be considered
> >> unlawful.
> >
> > Except that the law does not require that you suffer any harm for it
> > to be a Class B misdemeanor. As I read it, the harm comes into
> > effect to determine the level of the violation, not the fact that a
> > violation occurred.
> >
> > In fact, look at Sec 33.02(b):
> > An offense under this section is a Class B misdemeanor
> > unless in committing the offense the actor knowingly obtains a
> > benefit, defrauds or harms another, or alters, damages, or
> > deletes property, in which event the offense is:
> >
> > Thus, the access itself is a Class B misdemeanor even if there is
> > no harm done. If there is harm done, then it might be a Class A
> > misdemeanor, a state jail felony, a felony of the third degree,
> > a felony of the second degree, or a felony of the first degree.
>
> Are you saying that if it does not harm or even profit the actor in any
> way other than simple knowledge that it's a Class B Misdemeanor? Can you
> say clueless lawmakers? How can there be penalty if no harm is done,
> services rendered in accessible or even slowed, no knowledge is gained
> other than what ports are open, etc? I don't understand the intent of
> this law.
How about speeding? You can get a speeding ticket even though in the
vast majority of speeding incidents there is no harm done to anyone.
> >> Port scans do not alter or destroy data so that's not an issue. If
> >> your port scan caused someone to not access something that they
> >> should be able to, this would be a class B misdemeanor.
> >
> > If the port scan was done as part of a denial of service attack,
> > it could easily be much worse depending on damages. If the damages
> > amounted to $200,000 or more, it would be a felony of the first
> > degree.
>
> How does one determine $ loss? This can be arbitrary. I think there are
> some lawmakers that need to think again about this law and it's intended
> application otherwise they might find someone can have it struck down as
> unconstitutional.
If it is inflated, then that may be one thing the defense attorney can use
in defense. It seems logical that the prosecutor will limit the level of
misdemeanor or felony to the damages he can prove relatively easily.
> What do you think of this law?
I think it would be nice if it was more explicit. But if it is too explicit,
it would probably allow serious matters to slip through. I also suspect
that most prosecutors aren't going to bother with it unless there is either
serious damages and a relatively easy case or the complainant has the right
connections to get him to do it. It might be much easier in a small town or
county where the district attorney might want something more interesting to
break out of a rut. Also, many district attorneys might not be
interesting in proceeding on such a case without someone else having already
successfully prosecuted a similar case.
I'd love to hear a district attorney's comments on this.
Eric Johnson
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
