A little corner of the Empire on the web.

12 October, 2005

I don't know what's scarier...

Just how clueless the British police are (well the Met anyway), or the fact that this could so easily have been me The Reg: Security pros savage Tsunami hacker verdict

The gist of the story: Typing "../../../" into your URL bar can now be a criminal offence punishable by a £1000 fine, even if there are no malicious motives in your actions.

I mean how clueless do you have to be to think that one simple, curious directory traversal attempt is a full-on, malicious hacking attempt? I do that sort of thing all the time, as well as looking up servers in various places like Netcraft, pulling apart URLs to get the sense out of them, then putting a specially craft version of the URL back in. And most of that is either idle curiousity, or trying to work around the bugs in other people's websites, or work around the bugs in their navigation systems.

Via: Gerv Markham: The Future For British Geeks (2).

No comments:

Post a Comment