Re: The law is fine and doesn't need changing
If a "security person" wants to "test" the vulnerabilities of someone's computer, then they should ask permission from the owner of the computer before conducting such testing. Otherwise anyone could claim after being caught that he was a "white hat" merely "testing security".
Agreed. All the times I've been involved with security testing, there's been paperwork agreed between the client and the testers with words to the effect of "you're going to do something naughty, but it's OK because we've asked you to (so that we know how to detect/stop other people from being naughty)" and that makes common sense. Therefore there is no "unauthorised" activity.
I've always been a bit mystified as to why people who, without any solicitation, try to break into networks and snoop around are in some way considered to be heroic in their actions because they are highlighting weaknesses in someone's security. Outside of cyberspace, it's the equivalent of going down the street trying to pick doorlocks to get into peoples' houses, just so you can tell someone that they need to replace their aging Yale....something which feels both wrong and creepy in equal measure.