[cap-talk] bundling designation and authority
iang at systemics.com
Tue Oct 11 22:51:10 EDT 2005
Toby Murray wrote:
> [more of a somewhat interesting aside]
> this article from The Register (
> http://www.theregister.co.uk/2005/10/11/tsunami_hacker_followup/ ) on a
> recent conviction under the UK's Computer Misuse act for (apparently)
> making a credit card purchase and then altering the URL in his browser,
> appending "../../..".
> It got me thinking, specifically, if instead he actually DID have
> permission to access the directory 3 levels up (if it was available to
> the public, for example), then he (presumably) wouldn't have been
AFAICS, the guy was doing due diligence on a site.
He sent it a message to see how it would respond.
There ain't no logic beyond that, it's either trust
us because we're an internet site, or don't talk to
us because we're an internet site.
More information about the cap-talk