Slashdot Mirror

← Back to Stories (view on slashdot.org)

Consultant Convicted For Non-Invasive Site Access

Posted by Zonk on from the anyone-else-thinking-greyhawk dept.

Phillip P Barnett writes "Security consultant Daniel Cuthbert worried that he'd been stung by a phishing scam when he donated to a Tsunami relief effort in London, UK. He was convicted for hacking and lost his job after running a couple of checks on the website in question." From the article: "During the trial, Cuthbert's defence argued that any unauthorised access was entirely innocent. In evidence it was shown that he had attempted to access the tsunami donations site on two occasions and the site's security systems had denied him access. The defence also pointed out that Cuthbert had not attempted to defraud the site." ZDNet also has a commentary piece on what this decision may mean for the future of cybercrime.

1 of 377 comments (clear)

  1. Liar Liar... by null+etc. · · Score: 0, Redundant
    It should be pointed out that the consultant lied to police initially, which helped influence the judge's decision to find the consultant guilty. But it's interesting that the article didn't bother to describe the methods by which the consultant "accessed" the site.

    Another interesting quote from the article:

    "Some of the tests you might instinctively want to run to see if a site is valid may fall foul of a strict interpretation."

    Well, I guess it will certainly change one's "instincts" when it comes to using penetration testing tools to determine a site's legitimacy.