V
V
Vladimir2012-05-19 17:38:28
Computer networks
Vladimir, 2012-05-19 17:38:28

HTTP and Law

Is it legal to receive information from an HTTP server if this information is not protected by user authentication (for example, through a cookie), but is available via a direct URL? Is it considered a hack if files, without tools to breach security (which is - exploits), are downloaded directly from the site of the affected party? That is, if all site sources can be downloaded by direct links to files in the /.svn/ directory, the site administrator is to blame for not blocking access to this directory from the outside.

Answer the question

In order to leave comments, you need to log in

5 answer(s)
V
VasiliyRylov, 2012-05-19
@avolver

According to 149 FZ ON INFORMATION, INFORMATION TECHNOLOGIES
AND ON INFORMATION PROTECTION:
Article 6:
...
4. The holder of information in exercising his rights is obliged to:
...
2) take measures to protect information;
...
Article 7. Publicly available information
1. Publicly available information includes generally known information and other information, access to which is not limited.
IMHO: Since no measures have been taken and access is not limited, everything is legal.

R
rPman, 2012-05-19
@rPman

It doesn't matter how you get the information. but this does not give you the right to use this information!
The law does not regulate personal use in great detail, I think solely because of the difficulties of control, but as soon as the use goes beyond personal - sale, use for profit, or more strictly, such as blackmail, then other laws come into force.
Most importantly, the law will not punish you for looking through an open window and seeing something there that is not for your eyes, although in the case of a window, hooliganism can roll, but not with a website.

C
codecity, 2012-05-19
@codecity

An analogy from life: someone left, forgetting to close the door behind him. A rogue took advantage of this, because everything was open and accessible, no locks or warning signs.
It is clear that the one who forgot to close the door is himself to blame - a muddler. But does this give the right to use the bungler's property? Does this count as theft?

E
egorinsk, 2012-05-19
@egorinsk

I want to add that even if you legally download, for example, the unprotected source code of someone else's site, you do not get copyright on it, and you cannot distribute it (but you can distribute a link). It seems to me.

A
ainu, 2012-05-19
@ainu

You received a link to .svn using some knowledge (for example, the path address is also knowledge), and did not see the link on the site itself.
If you do not make a difference between the POST and GET protocols (and I think there is no legal difference), then I can download any file by stupidly bruteforcing the login and password, and then legally sending them via POST (because I can), and download the file. It's the same here, but private information is available via the GET protocol (I'm talking about svn).

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question