Hacker he aint
All he did was change the URL and get access to the report before it was officially released. Not hacking per se.
There's red faces at the office of the Data Protection Commissioner this morning after a blogger lifted an upcoming official report off its website and published it early. As a result, data from the Data Protection Commissioner's Annual Report was published on a local blog on Wednesday a day before its official release on …
It is hacking per se, but in the proper sense of the word. Unfortunately the media has tarnished the image of the hacker by calling crackers hackers.
Nice one Damien!
From examiner.ie -> Asked yesterday at the official launch of the 2007 report if he was embarrassed by the latest incident, Mr Hawkes replied: "Not exceptionally."
Gotta love that! Nice find Damien!
From what I've been hearing, the "hacker" just tried difference values of DocID in the url http://www.dataprotection.ie/viewdoc.asp?DocID=721 on the assumption that it would be uploaded some time prior to it's "release".
It's about as exciting as a journo leaking an embargoed press release.
I wouldn't be so smug yet if I was the blogger. Courts tend to be confused about what constitutes hacking and there's been cases before where surfers have been taken to court simply by modifying URLs. Take the case of the guy done for "hacking" because he did a a directory traversal;
The argument has been that if it's not officially linked then accessing it constitutes illegal access.
now the report gets loads of attention. It's worth a glance particularly the top ten privacy issues.
Extract from foreword:
"Have we not succumbed to terror and submitted to extremism when we lose the liberty to live our lives without constant intrusion by the State in the name of security? When I consider the security measures introduced in this jurisdiction, it is sometimes difficult to avoid the conclusion that Ireland must be facing some of the starkest criminal and terrorist threats across Europe."
Couldn't agree more.
as many have already said this is a hack, not a very hard one, but still a hack.
however i would consider this as illegal as entering an unlocked house, or "stealing" wifi from an open router.
this does not however excuse the victim from their responsibility to protect their own stuff.
the blogger should get a slap on the wrist, and the chief should be fired for failing to enact better policies...
Don't boost the bloggers ego or his head will explode.
It was hardly a major security breach when it was being published the next day and doesn't warrant the publicity, nor the blogger getting interviewed on Irish Morning News Radio.
Some Irish Government / Irish Regulator sites are so badly indexed you have to do this kind of guessing all the time as web pages point to a document that is older version than the printed one they have posted you.
Definitely not innovative or unusual.
Internet laws In Ireland.are you kidding! These are almost non existant, with a few loop holes (Yes, i have read the so called cyber laws).....oddly these will not be changed yet
I was reading an artical earlier today and one part has some what stuck in my head "Ireland is the Technology hub of Europe" ......that can't be right!! our cyber law's are full of more holes than swiss cheese....I recenty took a trip to a meeting hot spot for some of Irelands "hottest" hackers (i have never heard the term "hot" in the same context as script kiddies or hackers) anyway... these people gave me their opinions on Irish cyber law ... and in their own respective words " it dosnt exist... planning cyber attacks in ireland is to easy " ...... still I wouldn't be worried they're knowledge is somewhat not based on malicious attacks ... but more on security for their own systems ....
Biting the hand that feeds IT © 1998–2020