decoration decoration
Stories

GROKLAW
When you want to know more...
decoration
For layout only
Home
Archives
Site Map
Search
About Groklaw
Awards
Legal Research
Timelines
ApplevSamsung
ApplevSamsung p.2
ArchiveExplorer
Autozone
Bilski
Cases
Cast: Lawyers
Comes v. MS
Contracts/Documents
Courts
DRM
Gordon v MS
GPL
Grokdoc
HTML How To
IPI v RH
IV v. Google
Legal Docs
Lodsys
MS Litigations
MSvB&N
News Picks
Novell v. MS
Novell-MS Deal
ODF/OOXML
OOXML Appeals
OraclevGoogle
Patents
ProjectMonterey
Psystar
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v IBM
SCO v Novell
SCO:Soup2Nuts
SCOsource
Sean Daly
Software Patents
Switch to Linux
Transcripts
Unix Books

Gear

Groklaw Gear

Click here to send an email to the editor of this weblog.


You won't find me on Facebook


Donate

Donate Paypal


No Legal Advice

The information on Groklaw is not intended to constitute legal advice. While Mark is a lawyer and he has asked other lawyers and law students to contribute articles, all of these articles are offered to help educate, not to provide specific legal advice. They are not your lawyers.

Here's Groklaw's comments policy.


What's New

STORIES
No new stories

COMMENTS last 48 hrs
No new comments


Sponsors

Hosting:
hosted by ibiblio

On servers donated to ibiblio by AMD.

Webmaster
Guest Post: Nine Reasons why the Supreme Court Should Side with Myriad and Affirm the Patenting | 189 comments | Create New Account
Comments belong to whoever posts them. Please notify us of inappropriate comments.
How Ray Kurzweil Plans To Revolutionize Search
Authored by: Anonymous on Tuesday, April 30 2013 @ 06:51 PM EDT
Newspick

Bit of a worry that both Watson and RK have such confidence that Wikipedia is a reliable source of text data. Never mind the accuracy of the information, it's the accuracy of the language construction edited by non-native speakers in the various language versions causes me to worry about our future AI overlords ...

[ Reply to This | Parent | # ]

Bill Gates Bailed Out in Ireland
Authored by: maco on Tuesday, April 30 2013 @ 08:38 PM EDT
Who did the Ireland Bank Bailout help? Only the most deserving, like Bill Gates.

[ Reply to This | Parent | # ]

Guest Post: Nine Reasons why the Supreme Court Should Side with Myriad and Affirm the Patenting
Authored by: Anonymous on Wednesday, May 01 2013 @ 02:05 PM EDT

Article link. It is Patently O for those who prefer to know where they're going before they decide to click.

RAS

[ Reply to This | Parent | # ]

For Their Eyes Only
Authored by: Anonymous on Wednesday, May 01 2013 @ 03:31 PM EDT
Finfisher has been around for a while now. About the time that Brian Krebs was lamenting Apple took three years to fix a hole that allowed it to be installed in a fake iTunes updater, f-secure were asking for a sample. With all the rumors and speculation they hadn't yet got something clean they could identify, and they promised they would detect and reject it on clients' machines, regardless of whose government was installing it. The Register also had an interesting summary last month.

[ Reply to This | Parent | # ]

Microsoft/Forbes free wifi
Authored by: Anonymous on Thursday, May 02 2013 @ 07:59 PM EDT
No mention of what the free 15 days will cost you... in terms of
privacy/security. Even free requires an account somewhere. Knowing Microsoft's
history on tracking and data retention, I would suspect that free to you nets
them something they can sell for a profit.

[ Reply to This | Parent | # ]

  • Linux? - Authored by: Anonymous on Friday, May 03 2013 @ 08:19 AM EDT
the EU and US putting our grey matter together
Authored by: Gringo_ on Thursday, May 02 2013 @ 09:40 PM EDT

That's all we need is a collaboration between these two countries. In the UK I've heard, you are monitored by CCTV cameras from the moment you step out of your house to the moment you return home at the end of the day.

In the USA, every email you write, every banile comment you make on FaceBook, and every telephone call is surreptitiously monitored.

Now they want to collaborate to develop a chip they can plant in your brain to monitor your thoughts. George Orwell's vision was a walk in the park compared to what they are conspiring to do.

You'll go to your doctor's office for a routine vaccination and they'll inject this microchip in your bloodstream that'll go straight to your brain and lodge itself there. Then every time you pass a reader, and they'll have these well disguised stations everywhere, it will upload all the thoughts you've had since the last upload. All this data will be analyzed by this big computer the NSA is building in Utah. We'll finally be safe from the terrorists, but who will save us from our own governments?

[ Reply to This | Parent | # ]

World Press Freedom Day
Authored by: Anonymous on Thursday, May 02 2013 @ 10:56 PM EDT
This editorial is also being published in papers around the globe.

[ Reply to This | Parent | # ]

Computer Crime Law Goes to the Casino
Authored by: Anonymous on Friday, May 03 2013 @ 03:09 PM EDT
It's easy for me to see Grimmelman's point. Sure, putting a
page online makes it public in theory, but a web page is not
a physical object. Assuming for the sake of argument that
nobody links to it, the only way anyone can find that page
is by trying lots of different URLs and getting lucky.
Whereas physical objects reflect light, so you can see them
just by wandering nearby, web pages do not radiate any
indicators of their presence. A web page with an obscure
URL is not quite like an object abandoned on a public
street, it's more like a small object (say a book) tossed
into a very large field of tall weeds, or hidden under
leaves inside a large wood, on land that is open to the
public. Nobody will find it unless they look in exactly the
right spot, and there is very little reason to expect anyone
will do that unless they are actually looking for something.

Now note that the mechanism for "looking for" a URL is the
same as the naive method for guessing a password: try every
possible legal combination of letters. So, Grimmelman
argues, isn't a secret URL just as effective as a secret
password?

Sure, if anybody shares or guesses the URL, your secrecy is
blown, but the same is true for passwords.

Grimmelman goes on to give an example URL containing
"passwd=..." This is an interesting example because it
blurs the line between a "secret URL" and a "secret
password." Let's take it further: do we care whether the
password is embedded in a POST request or embedded in the
URL itself?

The resolution of this problem has nothing to do with the
technical details. Educating people about computers is
beside the point. The solution has to do with the
definitions of "authorization" and "security device".
Authorization means permission.

If I find a cabin in the middle of the woods and I go
inside, I am guilty of trespassing (excluding defenses like
necessity). I have entered without authorization. If the
door is locked and I pick the lock or break a window, I am
guilty of breaking & entering, a far more serious crime.
Not only have I entered without authorization, I have
intentionally circumvented a security device to do so.

To secure a conviction, however, I have to have recognized
the security device as such. If the back door was unlocked
and I entered that way, I did not commit breaking &
entering, regardless of whether the front door was locked.

A security device is really just a fancy "no trespassing"
sign. (Trespass after warning is a more serious crime than
trespass, though less serious than B&E.) Unlike a sign,
though, it not only has to be noticed, but it has to do a
reasonable job of presenting an obstacle to normal methods
of access. You have to lock both doors. (Once that's done,
it doesn't matter whether the windows are open.)

Returning to the analogy of the book hidden in the weeds.
There is no trespass involved in wandering among the weeds.
There cannot be any trespass involved in reading the book.
Grimmelman would seem to be arguing that the mental state of
*searching* for possible books is a trespass. This cannot
be right, if the weedfield is indeed open to the public.

I wonder what Grimmelman would do in the case where someone
finds the "secret" page, and posts the URL somewhere, and an
unrelated third party follows the link? The third party
seems to me totally innocent.

The difference with a password is simply that a password is
a recognizable security device. If you follow a link and
are asked for a password, proceed at your peril.

Note that in the case of someone clicking a link that
includes "passwd=", I would call that person innocent too.
Accepting passwords via CGI is like leaving your front door
unlocked. Somebody walking in may be trespassing, but that
doesn't make them a felon. In fact, they would have a
perfectly good defense to a trespassing charge, if they were
innocently following somebody's directions (say, to the
bank). Once you realize that the door leads to the inside
of the bank vault, you will have opportunities to become a
felon, but any of those will require a separate act.

[ Reply to This | Parent | # ]

Groklaw © Copyright 2003-2013 Pamela Jones.
All trademarks and copyrights on this page are owned by their respective owners.
Comments are owned by the individual posters.

PJ's articles are licensed under a Creative Commons License. ( Details )