The article lists a number of actions that the hacker shall not do. Most are to be expected, such as not modifying the system, not bringing it down, not exposing private information. The first and last points in the list are strange though:
- Not using social engineering to gain access
- Not using brute forcing to gain access
Eh? Why are these not valid attack vectors?