Yes, and if you gave someone who never read or wrote code before and gave them a printed sheet of Perl... they might wonder if the sheet is upright or upside down.
The correct cause of action is:
Common carriers should not be modifying the content of their service.
Good point. If someone places 200+ calls to 911 and they are not stopped, this is a failure of E911, not the NSI policies.
To add to the discussion regarding 18 U.S.C. 1030, I will note that this website does not affirmatively note anywhere that these photos are to be considered private.
Thank you, this is the discussion I hoped would come out of this article. Fact is, people on Slashdot are definitely going to stumble onto this type of stuff over and over. I'm glad to run into other people to compare scruples with.
Hackers (good word) have an instinct. If they run into an awesome API, the first thought is: how do I maximize this across all the limits and make something amazing? But with vulnerabilities, and unintended code paths, you need to step back and understand the consequences of what you are doing as well as the appearance of what you are doing. A comment from Greyfox below illustrates perfectly, "so why don't we take the dick-detection algorithm from Chat Roulette and then plug that into a batch Curl against this Artisan State, and then...". Obviously that was facetious, but you need to avoid certain lines of thinking... "well I know this thing, and I could tell everyone, but they wouldn't want that, and then they have lots of money...".
At the end of the day, you need to have clear intentions and don't inflate your ego by thinking they are more interested in fixing the problem than you are.
Obviously the photos aren't that private (the Asian girl), since I put them on Slashdot's front page. But the others ones (now seeing the lax security) it will be worth for me to invest in a good printer and print on my own.
Link to Original Source
I have come across vulnerabilities in consumer products, banks, and governments (though no airplanes). Here is a policy I use and I have not yet gone to jail, have gotten all problems fixed quickly, and usually gotten credit or some reward even if not requested.
> Hello, I have inadvertently found a security issue in your product, it allows you to do XXX which is not expected. I am publishing this on my security blog in [48 hours / 5 days / 2 weeks].
Any time I have deviated from this process even a little the results have been much worse.
Is there a way that I can download en masse apps on the app store to find which libraries they contain and perform other analysis of them?
Here's the response I gave when coworkers at the office ask if I drink coffee:
> They don't pay me enough to take performance enhancing drugs.
Speaking with experience on the receiving side of DARPA contract negotiations.
DARPA projects are not like kickstarter (BYO vision and get money) or like NIH (have reputation and get money); rather they do require actual competency and demonstrated ability to win them. The projects are managed like real engineering projects, requiring lots of documentation up front, thorough project planning, and plenty of checkpoints. However, aside from this good accountability, they do not exert direction on the projects, prescribe technical solutions or gain direct contact to your engineers for day-to-day operations.
Water scarcity in California is a political problem with a political solution.
To better understand why a pipeline is a non-starter...
From the perspective of the cashew farmer: would you rather buy cheap water from the local utility or expensive water from the Great Lakes?
From the perspective of the pipeline investor: would you invest in a project to send water to CA when the people most likely to buy it will have ever more restrictions on water use?
And now for the solution to this and many problems...
Simply remove use restrictions and let the market properly set the price of this scarce product.
Guess what, senators?
If you won't let me hire foreign workers and bring them here to work on mutually beneficial terms, then I will simply keep them offshore and pay them to work from there.
Americans are SO uncompetitive for certain types of labor. A few laws wont bridge the chasm.
I've never seen a massively large Google logo rolling down any street.
I have seen real live, taxable Google employees walking down streets.
Yes... trucks driving on empty roads at midnight