Century City was a lawyer drama set in the future which tried to look at future legal situations (think cloning, meddling with embryos to produce the "perfect" child, etc). Only eight episodes were produced in 2004 and four were never aired (including the one I'm thinking of; though they are (were) obtainable via p2p). One episode (Without a Tracer dealt with a possible result of this sort of device.
Basically, every child has a tracer (linked to video/audio surveillance no less). The episode revolves around a teenage girl who was fed up with being watched by her parents and removed her tracer, at which point the parents panicked because she'd apparently vanished. IIRC she hired a lawyer to get a ruling to "allow" her NOT to wear the tracer.
Their point was that this sort of device, whilst well-meaning, can become intrusive. I think (and the drama hints) that the tendency will be to rely on devices, further abdicating parental responsibility. Furthermore, I wonder if anyone's considered whether this would make the wearer EASIER to target, should the ID for their device become available, e.g. to someone wishing to kidnap a child for extortion.
Exactly how far will ethernet efficiently scale? As I understand it there were problems with 1Gbp/s as first planned leading to jumbo frames, and ethernet isn't (wasn't) that efficient a protocol.
Are there any other serious contenders which could/should be examined as a replacement for ethernet?
I'd like to know how this would square up with the EU electronic waste directive which imposes on manufacturers the cost of disposing of waste electronics. Surely such a chip would increase the cost to the manufacturer thus making it less economically attractive?
It's also possible that putting chips in disposable consumables such as printer cartridges is illegal in the EU - I recall some discussion about this during the Lexmark fiasco a few years ago.
Im sorry, but this article shows nothing that isnt obvious from the economics of the CPU market.
The time a CPU spends at the top end of the market is small compared to the overall time it is available. This time is also at the lead-end of its production when availability is small. Rarity (and demand) create a premium over and above the actual worth of the CPU.
By the time other CPUs displace it, such as CPU will no longer be in as much demand and the manufacturer may have to drop prices below or close to cost to sell end stocks. Thus they take advantage of the novelty of top-end CPUs to recover their development costs in advance.
Basically, new CPUs are overpriced for what they can do, and tail-end CPUs are underpriced, which is exactly what the article shows.
Anyone reading the article should be informed that rats are particularly susceptible to tumours. Although the most common form is mammary tumours in post-menopausal females, brain tumours are also well-known problems.
I know this from experience - we used to keep rats as pets.
Who modded the parent interesting? Entering a password at boot time is not a viable solution. The computer has to be able to boot the OS to a login prompt, which will allow the user to enter their password to decrypt their personal files.
Exactly how do you think FULL DISK encryption works?
I've seen one or two of these in use (older bank-owned laptops). They prompt for a boot password before the OS loads. I imagine the disk encrypter has a driver which sits between the physical disk driver and the VFS layer (to which the boot-time key is given), though I suspect getting this key from the boot loader to the driver under windows involves some contortions. The TPM chip in ThinkPads is a better solution (here's TPM working FOR the hardware owner). First, you either have to give everyone that uses the computer the same password to boot the system, or you need to use a multi-key encryption routine, which might difficult to maintain as you add or remove new users.
As for multiple users, the mechanism for HDDVD demonstrates a principle which could be used; a disk or volume key (single key) is used for the encryption, but is stored itself encrypted on a special boot partition. Multiple copies are stored, one for each user, encrypted with a different password for each user. This also allows corporate recovery should the user forget the password. Recall that changing the underlying encryption key for a partition would require re-encrypting the entire partition contents (therefore the key is very unlikely to change). Then there's the issue of users having to enter two different passwords (for security, you wouldn't want them to be the same) just to log in.
Oh pity the poor users unable to get to grip with the concept of multiple passwords [/sarcasm]
How many passwords do you think the average user has to remember? Do you think the people who need to have encrypted hard disks are idiots? (okay don't answer that last question;)
Farouk El-baz (who discovered the above crater) was interviewed on the Horizon show. He said he could not find a crater of the required 30 million-year-old age near enough to the site of the glass (date from uranium decay in the glass itself).
That said, the date of the article you link to is march 2006. It is possible it was discovered after the Horizon show was filmed.
Needlessly abusive, and entirely misunderstanding the point.
As someone who actually watched the full Horizon show last night, let me retell what the physicist (Boslough), who's field of expertise is big explosions, explained.
A small object striking the atmosphere is more likely to explode than a big object. A single big meteorite will smash into the earth and leave a big crater. A smaller object may explode before it hits the ground, leaving practically no crater. A collection of small objects together (something like Matilda, which is described as a "rubble pile" asteroid) which fragments and whose fragments then explode, creates a fireball plume extending (in the case of the shoemaker-levi event on jupiter) around 300 kilometres back into space.
Boslough computer-modelled a 120 metre meteorite exploding just above the earth's surface. The resulting fireball extended 80 kilometres back in to space. Approximately 10,000 times more powerful than the Trinity nuclear test in New Mexico.
Applying some simple physics explains the effect. Shockwaves propagate faster in denser matter. A full impact imparts the bulk of its energy into the ground, which transmit the energy away quickly. An explosion in the air imparts the bulk of its energy into the air which, being less dense, transmits the shockwaves more slowly, and less far, than the ground. Therefore the energy is confined to a smaller part of the earth's surface (and most of it above ground).
The penetrative effect is, as you noted, significantly less, but that's rather irrelevant. Big holes in the ground don't kill things; 10-mile wide fireballs at 1800 celsius on the surface do.
For a suitable analogy, consider the fuel-air bomb, usually described as the most powerful non-nuclear explosive. It explodes above the ground, but does more damage above the surface than an impact-detonated bomb of comparable (or greater?) mass.
However this is straying from the point. Willingness to negotiate indicates willingness to enter into a contract (subject to satisfactory negotiation as corrected above). I fully expect a person who either refuses to accept the offer made by a disabled person or makes a counter offer at say twice the price, whilst still accepting offers from a non-disabled person at standard price, to be caught by the quoted section of the DDA (assuming no non-disability-related difference between potential buyers).
19.(1) It is unlawful for a provider of services to discriminate against a disabled person
(a) in refusing to provide, or deliberately not providing, to the disabled person any service which he provides, or is prepared to provide, to members of the public;
The Equal Opportunity Act 1984 is not yet on OPSI.
For those thinking (correctly) that no party can be forced to enter into a contract against their will, recall that a general announcement of goods or of a service (e.g. an advertisement, a price tag) is an offer, indicating willingness to enter into a contract.
RAID in PCs has been a hot topic and I suspect a lot of marketing has gone into products which the vast majority of people have no real use for (having a RAID setup being bragging rights).
If you really do *need* a RAID setup, it seems stupid to ignore the SCSI angle on things, because SCSI RAID controllers are much more mature in features/performance/reliability and obviously aimed at a market which is less tolerant of cheap'n'nasty.
I know that SCSI is a lot more cost and, compared to SATA, not all that much more performance for the extra money. However....
More than a year ago I picked up 2x Intel SRCU32 (these are two-channel ultra160 scsi) from ebay for £50 each. I've found these to be very good cards. In addition to the usual BIOS interface they also have software consoles for both Windows AND linux (the latter written by intel), are supported natively in linux (2.4 - driver is called "GDT").
The software console means you can configure your logical drives without your PC being stuck at the BIOS/POST stage. From what I recall a sync of a 3x72GB in R-5 mode took about 4 hours.
Another nice thing about this controller is that while being 64-bit 66MHz PCI it is compatible with (and I am using it in) 32-bit 33MHz PCI. However a downside of such older controllers is memory. It requires unbuffered ECC NON-registered PC133 (also found on ebay - 4x128MB for around £20) which can be hard to find.
I'd also like to add that while I was getting these on buy-it-now, loads of other people were bidding £100+ on Adaptec 2100S auctions, which is a 32-bit 33MHz only, single-channel card!
Summary - please think before you go buying this sort of thing, and really consider all the alternatives.
Can you explain to me how the law in question in any way suggests that claim?
It establishes intent (or lack thereof) on the part of the person accused. See one of my other replies for details.
...and what part of the that makes it necessary for the website to have some kind of security feauture?
If it doesn't, you cannot show intent, as above.
A website is not "public domain" in legal terms, if I publish something on my website, I still hold copyright for it, I'm still liable for it, I still own it.
What's public domain doing in this argument? Why are we talking about copyright? I said "published". Like a book. I.e. in public view.
Offtopic, but incidentally, you're also wrong. If it's covered under copyright, you do not own it. You own the copyright to it. If it's data, you can own it, but there is no copyright (raw data has no artistic expression).
Okay, you've got some good points there which I hadn't considered, particularly considering my example of pasting URLs. I was wrong on that point.
Some things I would like to take issue with, though.
You're making spurious claims entirely unsupported by the law in question. Again, to quote from the law in question;
I think you're misreading this. The intention as far as I can see is to prevent a defence of exemption. That is, to make the act of breaking in an offence (irrespective of target).
From where did you get this assertion that unless it's secured, it's freely accesible by all? If I leave my bike unlocked, am I "publishing" it? Do I have to keep a lock on it all the time to "define authorised access"?
That's absurd. Bad analogy. Physical property can't be published. Reading an essay you had written and left lying around would not deprive you of the essay. Even making a copy would not deprive you of the essay. Don't try to equate anything in the CMA with Theft, there's no parallel.
So I'll refine my claim that anything on a website is published. Anything placed on a publically-visible website and requiring no subterfuge to view (i.e. on the front page, or reachable via a link or chain of links from the front page) MUST have been placed there with the intention that other people can see it (and with no control on who those people might be). The material has therefore been made public by the actions of the owner. This is plain common sense.
The point I am trying to make is about intent and unauthorised. Reading CMA 1990 (1)(1)(b) and (c) makes this clear:
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
It is impossible for a person to know that access is unauthorised if the material is publically visible (in a public place, e.g. on a website) with no access controls (subject to my capitulation above regarding a chain of links). Ergo no intent.
This is where I make my claim that the court gets to decide based on the circumstances - the court gets to decide intent.
Just because this guy sent x amount of emails it doesn't take away the fact that he destroyed a computer network infrstructure, which can be applied as criminal damage.
The sending of emails was using the system in the manner for which it was designed. If the system cannot cope, design a better system.
If you send a 30-ton package via airmail and the plane crashed because it was overladen, that's not your fault. The package should have been refused. Similarly, the email system designer should/could have kept a count of incoming connections and/or total emails received and alerted an admin when a predetermined threshold was reached.
There is no criminal damage because the system was not "destroyed" it failed, just as a bridge will fail if there it carries load beyond its design limit.
Under this act, starting an unsecured website containing priviledged data would allow you to prosecute anyone who viewed it.
No it would not. If the owner of the priveleged data put it on an unsecured website that is their problem, just as if they printed it and left it in public view on their front desk.
The offence was committed when the website owner obtained the data without authorisation from the data owner (and assumes they used a computer to do so).
Why not set up www.you're-not-allowed-to-look-at-this.com and launch a criminal suit against anyone who has a peek? In fact, you are officially NOT AUTHORISED to read this message.
You wouldn't get very far with this argument. Anything placed on a website is published. Anything published is public, therefore access is de facto authorised.
Now obviously you can put access controls on a website. But then you've taken a step to define authorised access. If you give someone a username and password, you've granted access. If someone obtains a username or password without permission, that's unauthorised. If someone bypasses this access control (and this bypass would probably have to be non-trivial; so if for example someone could cut and paste a URL which went directly to the material without being prompted, this would not apply) then it is unauthorised.
I personally think that "computer material" was a bad choice of phrase, and that "computer system(s)" is more appropriate. I cannot think of a way in which access controls could be devised which would NOT involve the owner of a computer system defining (at least implicitly) "authorised access". I'd make the assumption that in giving permission to put computer material on a computer system the owner of the material has agreed with the owner of the system on what arrangements are made for authorised access.
If my reading is correct it means a court gets to decide what is or is not authorised based on the circumstances, which is the Right Way IMO. Putting every conceivable situation in the Act would either be draconian or prone to loopholes as previously unconsidered situations arise.
Please give post your e-mail address so I can send details of the criminal suit against you 5 million times.
You're joking, of course. I suspect you could be charged with harassment (though maybe not criminally) and I would seek an injunction to stop you. Furthermore, the fact that you have made a threat which you are capable of carrying out might be common assault (which is a criminal offence).
The Computer Misuse Act seems to have been designed to encode the electronic equivalent of breaking-and-entering (offences 1 & 2) and criminal damage (offence 3).
Denial of service is probably very difficult to encode in a similar fashion, since I do not see what *criminal* offence it would equate to.
In this particular care, there is no essential difference between sending a million emails and sending a million letters by post - both would swamp the service, but equally both are simply making use of the (e)mailing infrastructure as it was designed. (Yes I know letters cost more. That's irrelevant - they require more effort to deliver, and are priced accordingly).
Taking a different example, such as opening thousands of connections to a server with intent to deprive others' of access to it, I still can't see what equivalent physical world *criminal* offence has been committed. In this case an analogy requires many people, but what difference is it if a thousand people stand on the pavement outside a shop entrance effectively preventing other shoppers from entering, due to weight of numbers? Sure, the police can ask people to move on, which is the same as closing those open connections, no?
Since most electronic systems only enact operations which have equivalents in the physical world, I do not see how it would be right to create a law which makes the electronic equivalent illegal, when the physical original is not. This use of legislation creates the likes of the DMCA.
The Computer Misuse Act is a rare example of a really *good* law which is (1) broad enough to capture most offenders (2) easily tested for applicabilty i.e. not complicated with exceptions, extensions, etc and (3) not so vague that it is open to abuse.
I stayed off the do not call list in the UK ("telephone preference service") for a while, used to average one call per day. Im not getting any since joining, though it took a month or two to settle down.
Like the US, it's a complete ban unless they already have a business relationship with you.
If it's intellectual "property", why is it licensed? You don't licence a coffee mud, do you? (implication: anything licensed isn't property; if anyone's got a counter example i'm okay with being proved wrong).
Slashdot Mirror
Century City was a lawyer drama set in the future which tried to look at future legal situations (think cloning, meddling with embryos to produce the "perfect" child, etc). Only eight episodes were produced in 2004 and four were never aired (including the one I'm thinking of; though they are (were) obtainable via p2p). One episode (Without a Tracer dealt with a possible result of this sort of device.
Basically, every child has a tracer (linked to video/audio surveillance no less). The episode revolves around a teenage girl who was fed up with being watched by her parents and removed her tracer, at which point the parents panicked because she'd apparently vanished. IIRC she hired a lawyer to get a ruling to "allow" her NOT to wear the tracer.
Their point was that this sort of device, whilst well-meaning, can become intrusive. I think (and the drama hints) that the tendency will be to rely on devices, further abdicating parental responsibility. Furthermore, I wonder if anyone's considered whether this would make the wearer EASIER to target, should the ID for their device become available, e.g. to someone wishing to kidnap a child for extortion.
Exactly how far will ethernet efficiently scale? As I understand it there were problems with 1Gbp/s as first planned leading to jumbo frames, and ethernet isn't (wasn't) that efficient a protocol.
Are there any other serious contenders which could/should be examined as a replacement for ethernet?
- watching movies
- downloading movies
One or more content middle men industries (ie TV, DVDs) is looking at the brink of an economic revolution. There can't be any denying it now.I'd like to know how this would square up with the EU electronic waste directive which imposes on manufacturers the cost of disposing of waste electronics. Surely such a chip would increase the cost to the manufacturer thus making it less economically attractive?
It's also possible that putting chips in disposable consumables such as printer cartridges is illegal in the EU - I recall some discussion about this during the Lexmark fiasco a few years ago.
Im sorry, but this article shows nothing that isnt obvious from the economics of the CPU market.
The time a CPU spends at the top end of the market is small compared to the overall time it is available. This time is also at the lead-end of its production when availability is small. Rarity (and demand) create a premium over and above the actual worth of the CPU.
By the time other CPUs displace it, such as CPU will no longer be in as much demand and the manufacturer may have to drop prices below or close to cost to sell end stocks. Thus they take advantage of the novelty of top-end CPUs to recover their development costs in advance.
Basically, new CPUs are overpriced for what they can do, and tail-end CPUs are underpriced, which is exactly what the article shows.
Anyone reading the article should be informed that rats are particularly susceptible to tumours. Although the most common form is mammary tumours in post-menopausal females, brain tumours are also well-known problems.
I know this from experience - we used to keep rats as pets.
Who modded the parent interesting?
;)
Entering a password at boot time is not a viable solution. The computer has to be able to boot the OS to a login prompt, which will allow the user to enter their password to decrypt their personal files.
Exactly how do you think FULL DISK encryption works?
I've seen one or two of these in use (older bank-owned laptops). They prompt for a boot password before the OS loads. I imagine the disk encrypter has a driver which sits between the physical disk driver and the VFS layer (to which the boot-time key is given), though I suspect getting this key from the boot loader to the driver under windows involves some contortions. The TPM chip in ThinkPads is a better solution (here's TPM working FOR the hardware owner).
First, you either have to give everyone that uses the computer the same password to boot the system, or you need to use a multi-key encryption routine, which might difficult to maintain as you add or remove new users.
As for multiple users, the mechanism for HDDVD demonstrates a principle which could be used; a disk or volume key (single key) is used for the encryption, but is stored itself encrypted on a special boot partition. Multiple copies are stored, one for each user, encrypted with a different password for each user. This also allows corporate recovery should the user forget the password. Recall that changing the underlying encryption key for a partition would require re-encrypting the entire partition contents (therefore the key is very unlikely to change).
Then there's the issue of users having to enter two different passwords (for security, you wouldn't want them to be the same) just to log in.
Oh pity the poor users unable to get to grip with the concept of multiple passwords [/sarcasm]
How many passwords do you think the average user has to remember? Do you think the people who need to have encrypted hard disks are idiots? (okay don't answer that last question
Farouk El-baz (who discovered the above crater) was interviewed on the Horizon show. He said he could not find a crater of the required 30 million-year-old age near enough to the site of the glass (date from uranium decay in the glass itself).
That said, the date of the article you link to is march 2006. It is possible it was discovered after the Horizon show was filmed.
Needlessly abusive, and entirely misunderstanding the point.
As someone who actually watched the full Horizon show last night, let me retell what the physicist (Boslough), who's field of expertise is big explosions, explained.
A small object striking the atmosphere is more likely to explode than a big object. A single big meteorite will smash into the earth and leave a big crater. A smaller object may explode before it hits the ground, leaving practically no crater. A collection of small objects together (something like Matilda, which is described as a "rubble pile" asteroid) which fragments and whose fragments then explode, creates a fireball plume extending (in the case of the shoemaker-levi event on jupiter) around 300 kilometres back into space.
Boslough computer-modelled a 120 metre meteorite exploding just above the earth's surface. The resulting fireball extended 80 kilometres back in to space. Approximately 10,000 times more powerful than the Trinity nuclear test in New Mexico.
Applying some simple physics explains the effect. Shockwaves propagate faster in denser matter. A full impact imparts the bulk of its energy into the ground, which transmit the energy away quickly. An explosion in the air imparts the bulk of its energy into the air which, being less dense, transmits the shockwaves more slowly, and less far, than the ground. Therefore the energy is confined to a smaller part of the earth's surface (and most of it above ground).
The penetrative effect is, as you noted, significantly less, but that's rather irrelevant. Big holes in the ground don't kill things; 10-mile wide fireballs at 1800 celsius on the surface do.
For a suitable analogy, consider the fuel-air bomb, usually described as the most powerful non-nuclear explosive. It explodes above the ground, but does more damage above the surface than an impact-detonated bomb of comparable (or greater?) mass.
My vocabulary was wrong, I stand corrected.
However this is straying from the point. Willingness to negotiate indicates willingness to enter into a contract (subject to satisfactory negotiation as corrected above). I fully expect a person who either refuses to accept the offer made by a disabled person or makes a counter offer at say twice the price, whilst still accepting offers from a non-disabled person at standard price, to be caught by the quoted section of the DDA (assuming no non-disability-related difference between potential buyers).
Under UK law, an employer CANNOT end your contract if they "don't like your work".
Correct, but note that the Right not to be unfairly dismissed has a qualifying period, during which any dismissal is considered fair,
Employment Rights Act 1996 (two years) reduced to one year by Statutory Instrument 1999/1436 sections 2-4.
Your post would have been so much more useful if you'd cited your references.
The Race Relations Act 1976 is not yet on OPSI.
The Disability Discrimination Act 1995 (III,19) says (amongst other things):
19.(1) It is unlawful for a provider of services to discriminate against a disabled person (a) in refusing to provide, or deliberately not providing, to the disabled person any service which he provides, or is prepared to provide, to members of the public;
The Equal Opportunity Act 1984 is not yet on OPSI.
For those thinking (correctly) that no party can be forced to enter into a contract against their will, recall that a general announcement of goods or of a service (e.g. an advertisement, a price tag) is an offer, indicating willingness to enter into a contract.
RAID in PCs has been a hot topic and I suspect a lot of marketing has gone into products which the vast majority of people have no real use for (having a RAID setup being bragging rights).
If you really do *need* a RAID setup, it seems stupid to ignore the SCSI angle on things, because SCSI RAID controllers are much more mature in features/performance/reliability and obviously aimed at a market which is less tolerant of cheap'n'nasty.
I know that SCSI is a lot more cost and, compared to SATA, not all that much more performance for the extra money. However....
More than a year ago I picked up 2x Intel SRCU32 (these are two-channel ultra160 scsi) from ebay for £50 each. I've found these to be very good cards. In addition to the usual BIOS interface they also have software consoles for both Windows AND linux (the latter written by intel), are supported natively in linux (2.4 - driver is called "GDT").
The software console means you can configure your logical drives without your PC being stuck at the BIOS/POST stage. From what I recall a sync of a 3x72GB in R-5 mode took about 4 hours.
Another nice thing about this controller is that while being 64-bit 66MHz PCI it is compatible with (and I am using it in) 32-bit 33MHz PCI. However a downside of such older controllers is memory. It requires unbuffered ECC NON-registered PC133 (also found on ebay - 4x128MB for around £20) which can be hard to find.
I'd also like to add that while I was getting these on buy-it-now, loads of other people were bidding £100+ on Adaptec 2100S auctions, which is a 32-bit 33MHz only, single-channel card!
Summary - please think before you go buying this sort of thing, and really consider all the alternatives.
Third option - iPod owners are liars
*ducks*
Can you explain to me how the law in question in any way suggests that claim?
It establishes intent (or lack thereof) on the part of the person accused. See one of my other replies for details.
If it doesn't, you cannot show intent, as above.
A website is not "public domain" in legal terms, if I publish something on my website, I still hold copyright for it, I'm still liable for it, I still own it.
What's public domain doing in this argument? Why are we talking about copyright? I said "published". Like a book. I.e. in public view.
Offtopic, but incidentally, you're also wrong. If it's covered under copyright, you do not own it. You own the copyright to it. If it's data, you can own it, but there is no copyright (raw data has no artistic expression).
Some things I would like to take issue with, though.
You're making spurious claims entirely unsupported by the law in question. Again, to quote from the law in question;
I think you're misreading this. The intention as far as I can see is to prevent a defence of exemption. That is, to make the act of breaking in an offence (irrespective of target).
From where did you get this assertion that unless it's secured, it's freely accesible by all? If I leave my bike unlocked, am I "publishing" it? Do I have to keep a lock on it all the time to "define authorised access"?
That's absurd. Bad analogy. Physical property can't be published. Reading an essay you had written and left lying around would not deprive you of the essay. Even making a copy would not deprive you of the essay. Don't try to equate anything in the CMA with Theft, there's no parallel.
So I'll refine my claim that anything on a website is published. Anything placed on a publically-visible website and requiring no subterfuge to view (i.e. on the front page, or reachable via a link or chain of links from the front page) MUST have been placed there with the intention that other people can see it (and with no control on who those people might be). The material has therefore been made public by the actions of the owner. This is plain common sense.
The point I am trying to make is about intent and unauthorised. Reading CMA 1990 (1)(1)(b) and (c) makes this clear:
(b) the access he intends to secure is unauthorised; and (c) he knows at the time when he causes the computer to perform the function that that is the case.
It is impossible for a person to know that access is unauthorised if the material is publically visible (in a public place, e.g. on a website) with no access controls (subject to my capitulation above regarding a chain of links). Ergo no intent.
This is where I make my claim that the court gets to decide based on the circumstances - the court gets to decide intent.
The sending of emails was using the system in the manner for which it was designed. If the system cannot cope, design a better system.
If you send a 30-ton package via airmail and the plane crashed because it was overladen, that's not your fault. The package should have been refused. Similarly, the email system designer should/could have kept a count of incoming connections and/or total emails received and alerted an admin when a predetermined threshold was reached.
There is no criminal damage because the system was not "destroyed" it failed, just as a bridge will fail if there it carries load beyond its design limit.
No it would not. If the owner of the priveleged data put it on an unsecured website that is their problem, just as if they printed it and left it in public view on their front desk.
The offence was committed when the website owner obtained the data without authorisation from the data owner (and assumes they used a computer to do so).
You wouldn't get very far with this argument. Anything placed on a website is published. Anything published is public, therefore access is de facto authorised.
Now obviously you can put access controls on a website. But then you've taken a step to define authorised access. If you give someone a username and password, you've granted access. If someone obtains a username or password without permission, that's unauthorised. If someone bypasses this access control (and this bypass would probably have to be non-trivial; so if for example someone could cut and paste a URL which went directly to the material without being prompted, this would not apply) then it is unauthorised.
I personally think that "computer material" was a bad choice of phrase, and that "computer system(s)" is more appropriate. I cannot think of a way in which access controls could be devised which would NOT involve the owner of a computer system defining (at least implicitly) "authorised access". I'd make the assumption that in giving permission to put computer material on a computer system the owner of the material has agreed with the owner of the system on what arrangements are made for authorised access.
If my reading is correct it means a court gets to decide what is or is not authorised based on the circumstances, which is the Right Way IMO. Putting every conceivable situation in the Act would either be draconian or prone to loopholes as previously unconsidered situations arise.
Please give post your e-mail address so I can send details of the criminal suit against you 5 million times.
You're joking, of course. I suspect you could be charged with harassment (though maybe not criminally) and I would seek an injunction to stop you. Furthermore, the fact that you have made a threat which you are capable of carrying out might be common assault (which is a criminal offence).
Hmm, thinking about it, does anyone know if there is a charge of criminal harassment?
The Computer Misuse Act seems to have been designed to encode the electronic equivalent of breaking-and-entering (offences 1 & 2) and criminal damage (offence 3).
Denial of service is probably very difficult to encode in a similar fashion, since I do not see what *criminal* offence it would equate to.
In this particular care, there is no essential difference between sending a million emails and sending a million letters by post - both would swamp the service, but equally both are simply making use of the (e)mailing infrastructure as it was designed. (Yes I know letters cost more. That's irrelevant - they require more effort to deliver, and are priced accordingly).
Taking a different example, such as opening thousands of connections to a server with intent to deprive others' of access to it, I still can't see what equivalent physical world *criminal* offence has been committed. In this case an analogy requires many people, but what difference is it if a thousand people stand on the pavement outside a shop entrance effectively preventing other shoppers from entering, due to weight of numbers? Sure, the police can ask people to move on, which is the same as closing those open connections, no?
Since most electronic systems only enact operations which have equivalents in the physical world, I do not see how it would be right to create a law which makes the electronic equivalent illegal, when the physical original is not. This use of legislation creates the likes of the DMCA.
The Computer Misuse Act is a rare example of a really *good* law which is (1) broad enough to capture most offenders (2) easily tested for applicabilty i.e. not complicated with exceptions, extensions, etc and (3) not so vague that it is open to abuse.
therefore, if the rootkit opens back doors, or makes it possible to hide programs, charge #2 applies.
It's called the telephone preference service
Nobody asked, but...
I stayed off the do not call list in the UK ("telephone preference service") for a while, used to average one call per day. Im not getting any since joining, though it took a month or two to settle down.
Like the US, it's a complete ban unless they already have a business relationship with you.
Another musing about meanings of words:
If it's intellectual "property", why is it licensed? You don't licence a coffee mud, do you? (implication: anything licensed isn't property; if anyone's got a counter example i'm okay with being proved wrong).