Where do you sit on this?
Is it ethical for you to delve into someones source code, take the log-in and password for their email account [found within], log onto the account and delete all the messages?
What if the source code was from a program that helped you back-up your email from an on-line source and the program was [apparently - no fact to this] harvesting /your/ information and storing it in the account mentioned above?
Did your POV switch with the second paragraph? Mine didn't.
March 8th, 2008 6:31pm
> program was [apparently - no fact to this] harvesting
bugger ... guess there isn't much question to the fact that it /was/ harvesting - just no info on what was being done with the harvest :)
March 8th, 2008 6:37pm
Unethical not to.
March 8th, 2008 6:47pm
He found a trojan horse and busted it.
Not a problem.
The author of the password stealing program should DIAF.
March 8th, 2008 6:48pm
Although I agree that the program author was a moron of the first order and should die a thousand deaths of teaming and festering pustules ... the hero of the tale was not only ethically wrong but quite possibly legally to boot - he hacked an account he didn't own.
March 8th, 2008 7:04pm
He might be legally wrong in a very technical & unenforceable sense, but nothing unethical about logging into a collection of stolen passwords and destroying them.
March 8th, 2008 7:13pm
Was he also right in not bothering to inform the other 1,776 trusting souls before he nuked all the data -or- is screw you my data's gone and that's good enough for me an acceptable conclusion to the saga?
Do ya figure someone of some authority that didn't have to hack the account would've come up with something as mind numbingly brilliant?
March 8th, 2008 7:20pm
I don't follow your post. You would prefer he notified the other victims? Yes, that would be good. Try shorter sentences.
March 8th, 2008 7:23pm
>Although I agree that the program author was a moron of the
>first order and should die a thousand deaths of teaming and
>festering pustules ... the hero of the tale was not only
Ethically wrong? How? He busted the guy well and truly and put an end to his scam.
>but quite possibly legally to boot
Okay, I'm not a lawyer but I REALLY don't think that there's *anything* the author could do.
>he hacked an account he didn't own.
What legal recourse does the guy who had it have?
March 8th, 2008 7:24pm
>Was he also right in not bothering to inform the other 1,776
Yeah, he probably should have emailed them all to tell them to change their password.
March 8th, 2008 7:25pm
Was he also right.
In not bothering to inform.
The other 1,776 trusting souls.
Before he nuked.
All the data.
Is screw you.
My data's gone.
That's good enough for me.
... an acceptable conclusion to the saga?
March 8th, 2008 7:53pm
Yea, i don't thing much will happen on the hacking the account thing either ... sounded apropos :(
He hacked an email account that wasn't his. That's the part that's bugging me. I'm all for the rest of it.
March 8th, 2008 7:56pm
> He hacked an email account that wasn't his.
No harm no foul?
March 8th, 2008 8:43pm
Lucky for him :)
March 8th, 2008 8:51pm
This is pretty straightforward. The program is definitely malware and steals passwords. However, it does so legally since the author lives in a country in which doing that is legal.
However, the guy who found it was malware lives in the US and is under US jurisdiction. He reverse-engineered a program in violation of its license and is guilty of a felony under the DMCA, and can be sent to jail and get big fines.
That's our law, you don't have to like it.
March 8th, 2008 10:43pm
Oh and yes, separately he violated federal hacking laws where he logged into another person's account using a password he was not given by the author for that purpose. Those laws are more serious in terms of jail time.
So, yeah, he might be looking at 30-50 years prison time. He'll also have all his computers taken away and be prohibited from using computers or the internet for some longish time period if he is ever released.
Remember, what is ethical and what is legal are not the same unless you are at stage 4, which most people are:
March 8th, 2008 10:47pm
whoa. that link explains a whole lot.
March 9th, 2008 8:38am
Is it really "reversre engineering" or is it just looking at available code?
Is it really "hacking"?
"Oh and yes, separately he violated federal hacking laws where he logged into another person's account using a password he was not given by the author for that purpose"
The "password" was posted "publicly". He was "given" it.
You find a diamond ring on the porch unlocked house. Is it unethical to put the ring inside the house and lock the door?
"He reverse-engineered a program in violation of its license and is guilty of a felony under the DMCA, and can be sent to jail and get big fines."
March 9th, 2008 6:20pm
Except the reverse-engineering clause of most licenses has been found to be un-enforceable.
You ARE allowed to reverse engineer things. That's what Patents are for -- to publish ideas and establish ownership so that EVEN IF you reverse engineer the idea, you STILL have to pay the owner.
A Copyright only protects an Expression of an idea, not the idea itself.
A Trade Secret isn't protected from reverse engineering at all.
March 10th, 2008 9:36am