My Hidden Information

Some Skeptical Science members have been publicly accusing me of criminal hacking. None of them say just what it is I did that would be considered hacking. This is strange as I’ve explained just what I did. It should be easy for them to point to the illegal aspect. Instead, one of them (Collin Maessen) recently said:

I know exactly what you did and what you didn’t share about what you did. The details that you didn’t share would make it rather obvious that it was hacking. Even though it was at the script kiddie level.


If we’re to believe Maessen, I’m not just a criminal, I’m a liar too. Of course, Maessen refused to say what I “didn’t share.” If I held back information like he claims, it would be easy to prove. Why won’t he? Why won’t anyone from Skeptical Science? They claim it is obvious I lied and hacked. They just won’t give anyone the information which shows such. They’re doing so even when it requires violating their own moderation policies:

When making any claim provide references (links if possible). Failure to do so can result in the comment not going through moderation….
When asked to clarify an argument or point please respond; this isn’t optional.
Claims that are factually incorrect will not be allowed.

I don’t get that. Maessen accused me of a criminal offense, and he refuses to provide the slightest shred of evidence or information for his accusation. He apparently expects people to just take his word for it, even while he’s being completely hypocritical. Très bizarre.

Oh well. Since the Skeptical Science crowd doesn’t care to provide any information or evidence, I will. I’ve uploaded a list of every link I collected from the Skeptical Science forum. I collected these links by using URLs in the form of: http://sksforum.org/thread.php?p=X where X was a number.

You can see the numbers I used in the list (1-18633) along with the page I was redirected to. This is a list of links posted on the secret-secret Skeptical Science forum. You could have gotten any of these links by plugging their number into the URL I gave above.

You’ll note, many of the entries are given for a domain “secretdomain.org.” This isn’t the actual domain. I’ve replaced the domain of their secret-secret-secret forum with that because of certain concerns. It doesn’t matter because you wouldn’t be able to access anything on the site anyway. If you could though, this would be the link to look for:

2929	http://secretdomain.org/tcp_results.php

If you plugged that in, you’d have direct access to a page that looked like:

5-16-tcp_page

I don’t know what information I’m supposedly hiding, but I’ll provide some more. Here are a couple links showing what sorts of things I tried to access:

3031	http://secretdomain.org/thread.php?t=6738&r=15#61211
3513	http://secretdomain.org/members.php
7280	http://secretdomain.org/docs/coming-out-of-ice-age-volcanoes.pdf
8572	http://secretdomain.org/docs/rebuttal_status/18.details.htm

The first two of those required logging in to access. The third and fourth did not. That’s hardly surprising as many sites make documents and images directories publicly accessible so the material in them can be shared. Given some things were blocked and others were not, it is reasonable for a person to try various links to see what they’re allowed to see. Apparently, the Skeptical Science crowd thinks that’s hacking.

Interestingly, two other links in the list are:

10099	http://www.skepticalscience.com/pics/tcp_raters2.gif
10100	http://www.skepticalscience.com/pics/tcp_raters3.gif

While those links no longer work, they are the images I discussed in this post. They provide the identities of 12 of the raters for the Cook et al consensus paper. In that post I said:

This one also identifies nearly a dozen individual participants. It’s true we only found out about these images because of a hack, but that hack happened nearly two years ago. Surely the authors of the paper shouldn’t leave confidential information in a publicly accessible location for two years, even if people have already seen it.

But it’s worse than that. Not only were the images publicly accessible for nearly two years after being discovered, John Cook continued to make it possible for anyone to find links to them. Plus, the links I collected only begin after the original forum was hacked. Who knows if we could have found the same links via the original forum?

Incidentally, you may have noticed one of the links I mentioned being able to access had a number in it. As you may have guessed, there were a series of pages in the form of http://secretdomain.org/docs/rebuttal_status/X.details.htm. I scraped a number of them (392?), but they didn’t contain anything interesting. It was just some proofreading information about various posts at Skeptical Science.


That’s it. There’s no more information to disclose. I don’t know what the Skeptical Science crowd thinks I’m hiding, and I suspect it doesn’t exist.

And hey, now you can see ~18,000 pages the Skeptical Science group discussed!

Advertisements

61 comments

  1. Andrew, that document has a ton of problems (some of which I’ve already discussed elsewhere, such as here). I’m afraid I don’t know what you’re referring to offhand though. Could you be more specific? I wouldn’t doubt they do that, but I’m not familiar with your name, and I don’t feel like looking through ~20 pages right now.

  2. The first two of those required logging in to access. The third and fourth did not. That’s hardly surprising as many sites make documents and images directories publicly accessible so the material in them can be shared. Given some things were blocked and others were not, it is reasonable for a person to try various links to see what they’re allowed to see. Apparently, the Skeptical Science crowd thinks that’s hacking.

    You are precisely correct and if they think otherwise, they are mistaken.

    After all:
    “http://www.spambotsecurity.com/forum/search.php?search_id=newposts&sid=898b4d2c19b8fed4d9a9c443d2a2d255” requires log in access to visit. http://www.spambotsecurity.com/forum/search.php?search_id=active_topics does not. This is a very common situation. The fact that many, many, many links at spambotsecurity.com (or any site) require login access does not imply the others are ‘private’, ‘protected’, “access restricted’ or anything of the sort.

    We could find tons of examples: Ebay, Amazon.com etc. This is a very, very common thing on the intertubes.

  3. I’m trying to understand the logic of the Skeptical Science crowd. Andy Skuce just commented on that Collin Maessen post, saying (in part):

    The truly staggering thing is that some people who applaud the publishing of the private information from the SkS hacks, also complain bitterly when public comments are quoted and analyzed, as in the Lewandowsky et al Recursive Fury paper.

    While I don’t think his comparison is valid, let’s run with it. If that is “truly staggering,” shouldn’t he also find it “truly staggering” Skeptical Science linked to and discussed documents stolen from the Heartland Institute?

  4. lucia, I agree. I just don’t feel like re-hashing that topic right now. I just find it strange people can accuse others of hypocrisy while engaging in that very hypocrisy.

    On a moderation note, the first comment on this thread was posted under the wrong account (by Andrew Montford). While I could change the name it was posted under, WordPress wouldn’t let me break the link to the account’s website. As such, I’m deleting it and copying it below:

    In the Cook et al response to Tol I am accused of falsely characterising the categories in Cook’s consensus paper. No evidence is provided of this mischaracterisation.

    I’m also editing my response to it to remove the reference to the wrong account’s name.

  5. You may have already admitted to illegal behaviour in several jurisdictions.

    It is mostly not allowed to check every entrance in a house, in their cellar, in the car on their parking space, or in the space they rent for storage, and when you find an entry that is open to go in, you go in and copy some information you find there.

    Several countries have similar laws for internet domains. That you and Lucia think that this is ridiculous doesn’t matter. Those laws do exist.

    You could have checked what Collin meant with computervredebreuk. If someone is guilty of that is decided by a judge, not by you or Lucia. Now I don’t know the exact legal jurisdiction in the US or Australia, and their cooperation in legal matters, I do however see that it might be an issue that is decided by a judge.

    You may be on thin ice.

    Note: hacking is not equal to criminal

  6. Reich.Eschhaus
    June 9, 2014 at 6:06 pm

    Please provide us a citation to one of the laws to which you refer. There are no US laws of which I am aware that criminalizes the described conduct.

  7. Will, here:

    http://de.wikipedia.org/wiki/Ausspähen_von_Daten

    “oder sonst nicht unmittelbar wahrnehmbar gespeichert sind oder übermittelt werden.”

    “Primär geht es um das Verschaffen von Daten. Dabei ist es nicht relevant, ob geschäftliche oder private Daten ausgespäht werden. §202a StGB erfasst unter anderem den Softwarediebstahl, das Ausspähen von Daten, den Wirtschaftsverrat und das Verschaffen von Unternehmensgeheimnissen.”

  8. Reich.Eschhaus, it is beyond me why you’d offer a German law as evidence that activities which wouldn’t be covered by German law could be criminal. It seems beyond silly to me given few people reading this would be able to understand German. A cynical person might take your decision to use the German language with no translation as an attempt to prevent people from checking your claim. This is especially true since that law uses the phrase, “besonders gesichert sind” to say for there to be a criminal offense, the data must be “specially protected” (roughly translated), which this data wasn’t.

    From now on, if you’re going to use another language, offer a translation while doing so. Anything else will be considered spam.

  9. A rough translation of the key part of the German (and non-germane) statue is “Whoever without authority or any other access to data that is not intended for him, and specially protected against unauthorized access, gives, overcoming the access security, shall be punished with imprisonment up to three years or a fine.”

    Probably the statute spells out what “specially protected” means, but I doubt leaving unencrypted data files available via open access, with no confidentially statements, remotely qualifies.

    Collin is a joke, by the way.

  10. BruceC, this post was really just a clever trap to get people to click that link so I could hack them.

    Ha ha, I knew it! You’se a tricksy hackers you is!

    It’s funny because coding for years was called hacking, then as people began producing systems which could be operated without knowing how to code there developed a hacker subculture, and then as ignorance often does the ability to do something and the thing itself are often broadly linked with any negative example of said ability, such that “hacker” went from “someone who can write their own code”, to “someone who maliciously attacks others systems” with often handwaved explanations for what this “hacking” entails.

    Examining unprotected files accessible online by changing filenames is the sort of skill which I discovered as a teenage boy with internet access and the desire to see what else was on a given porn site by changing the numbers in the addresses I knew of to access other files there.

    Am I a hacker now? Is that hackturbating? Is that a thing? Did I just make it one? What have I done!?!?

  11. Reich
    If you think what was done was illegal in “several” jurisdictions, it might be enlightening if you name one and point to the actual statutes.

    You could have checked what Collin meant with computervredebreuk. If someone is guilty of that is decided by a judge, not by you or Lucia. Now I don’t know the exact legal jurisdiction in the US or Australia, and their cooperation in legal matters, I do however see that it might be an issue that is decided by a judge.

    Judges would judge– if the case even got there. The case isn’t even close under Illinois or US law. Someone on the thread at Collin’s brought up Illinois law, made a claim about Illinois law and decreed what Brando did would be illegal under Illinois law. What Brandon did is not illegal under Illinois law. The only way to make it sound like it might be illegal is to delete the portion of the law I posted at Collin’s cite along with a link showing that was Illinois law. The case is not even close in illinois: no prosecutor would bring a case given the wording in Illinois.

    As for US CFA (which is the federal law): Our courts have never ruled anything like this illegal. And this is true even if this RK mistakenly believes what happened is “like” what happened in the AT&T “weve” case. Possibly, if the AT&T case was exactly alike, RK would not edit out details the prosecutor considered important to his argument.

    As for your analogy about checking lots of doors: If doing something is absolutely legal it’s generally legal whether you do it once or a thousand times. Once can look at 1000 billboards and it’s perfectly legal to do so. If one of the billboards happens to be obscured– or even 999 happen to be obscured, it is totally legal to look at all of them. See: we can all make analogies. The question with whether something is illegal or not is whether the analogy is to something that shares a relevant property under the law. Your choices of “analogies” don’t.

    Now I don’t know the exact legal jurisdiction in the US or Australia, and their cooperation in legal matters,

    It might astonish you to learn this, but in the US it’s either (a) Illinois statutes for a state case (b) the US CFA. What brandon did is not illegal under either. If it’s in Australian, I’ve read the statute and what brandon doesn’t appear to be illegal. I guessed the server– who is puts it in the US. So: not the netherlands.

    You may be on thin ice.

    With respect to Illinois, the ice is thick enough to drive a semi-tractor with fully loaded trailer over. US: plenty think– could probably drive a snow mobile. As I said: Australia, I don’t know for sure.

  12. Carrick/
    Reich

    Whoever, without authorization or any other access to data that is not intended for him, and specially protected against unauthorized access, gives, overcoming the access security, shall be punished with imprisonment up to three years or a fine.

    “specially protected against unauthorized access” doesn’t sound remotely like “Posted on a web site with absolutely positively no access control whatsoever”. “overcoming access security” does not sound remotely like “loaded a publicly available uri and viewed the page”.

    It seems to me Reich doesn’t know any german law that suggests what Brandon did was illegal. But if he does, he can give a link to the whole page to find the sentences he doesn’t include. That is, the ones that include details like the fact that the data has to be “specially protected against unauthorized access”.

  13. ‘Trespass to chattels’ would seem relevant. I’m not a legal scholar, but web scraping can be (and has been) held to be illegal in certain cases that don’t involve ‘hacking’ per se. In the US ebay vs bidder’s edge and craigslist vs 3Taps could be relevant. As wikipedia notes :“Craigslist sent 3Taps a cease-and-desist letter and blocked their IP addresses and later sued, in Craigslist v. 3Taps. The court held that the cease-and-desist letter and IP blocking was sufficient for Craigslist to properly claim that 3Taps had violated the Computer Fraud and Abuse Act.

    Again, I’m no legal scholar, but the fact that the information was *meant* to be accessed in these cases still did not provide a legal defense for scraping them. The major difference I can see is that these companies were profiting from the data scraped.

  14. Kevin

    Again, I’m no legal scholar, but the fact that the information was *meant* to be accessed in these cases still did not provide a legal defense for scraping them. The major difference I can see is that these companies were profiting from the data scraped.

    You are getting this backwards. 3Taps had been scraping prior to Craigslist both
    (a) sending a cease and desist letter and
    (b) blocking their IP’s.

    That scraping was perfectly legal. It was only after that that Craiglist sent the C&D letter and blocked IPs that a judge considered letting any suit by Craigslist go forward. In contrast: No C&D no blocking 3Taps IP: 3Taps scraping is illegal.

    With respect to what Brandon did: SkSforum had sent on C&D letter, had no TOS, had no robots.txt file, had not blocked any IPs. They are much closer to craigslist before craigslist started blocking. And at that time, 3Taps scraping was entirely legal.

    The major difference I can see is that these companies were profiting from the data scraped.

    If you read the judge’s rulings, the major legal difference has nothing to do with profiting. It has to do with Craiglist having sent 3Taps a formal Cease and Desist letter telling them they were unauthorize to make any access whatsoever and then blocked 3Taps IPs. (3Taps then switched to proxy servers– or is alleged to have done so.)

    We know this is the major difference because Craiglist and 3TAps have been going at it hammer and tongs. Craiglist tried lots of strategies and arguments none of which got them any foothold in court early on. So we know which Craigslist arguments did not hold water with the judge. Basically: if Craigslist has a public website and does nothing to inform and block specific people they want off the site that they need to keep off, then anyone and everyone can scrape.

  15. I checked “computervredebreuk” in Dutch law: It does not cover finding things that are in the public domain, or indeed things that were accidentally put in the public domain. (It does cover hacking, impersonation etc.)

  16. Brandon, I put the German and Dutch links up to show you that it may not be generally accepted that what you did is acceptable behavior. I can’t even say for those countries because the judges decide on each case separately. You are saying that there is nothing wrong with what you did, I have given some some links that show that other countries may think differently about that (depending on what would be decided in your case, but you yourself say it is super super secret, implying that you knew you weren’t supposed to have access). It is clearly possible that it is no problem where you live.

  17. “This is especially true since that law uses the phrase, “besonders gesichert sind” to say for there to be a criminal offense, the data must be “specially protected” (roughly translated), which this data wasn’t.”

    That’s the point. It is not you who decides that, judges do.

  18. “it is beyond me why you’d offer a German law as evidence that activities which wouldn’t be covered by German law could be criminal.”

    Well, I didn’t

  19. Lucia,

    “If you think what was done was illegal in “several” jurisdictions”

    No! I think it can be found illegal

  20. @lucia

    “As for your analogy about checking lots of doors: If doing something is absolutely legal it’s generally legal whether you do it once or a thousand times”

    So you are going around someone’s house trying every window if you can get in?

    If somebody stopped you doing that you would say “freedom of speech” ?

  21. Reich.Eschhaus
    June 10, 2014 at 4:31 pm

    You say, “That’s the point. It is not you who decides that, judges do.”

    This is entirely incorrect. Judges are not Magi, superior in understanding to ordinary intelligent non-judges. Judges, at a non-jury trial, enforce the criminal laws as written, according to the plain meaning of the words used in the statute and as informed by the Rule of Lenity. To adjudicate a defendant guilty of breaking a particular law, that judge must determine that there are facts known to be true beyond a reasonable doubt which support each element of the crime as written in the statute. Judges are bound to apply the law as written, not as they wish.

    If you think for a minute, you will realize that any law which requires interpretation by a judge before an ordinary citizen can determine whether or not his conduct is criminal, is necessarily unconstitutional because it fails to warn the citizen that his conduct could be illegal. For that reason, criminal laws are always strictly construed and interpreted, and the Rule of Lenity applied, so there is fair warning of what is, and is not, a crime.

    Carrick points out what element of a crime is missing here when he states, “[the] law uses the phrase, ‘besonders gesichert sind’ to say for there to be a criminal offense, the data must be ‘specially protected’ (roughly translated), which this data wasn’t.” Therefore, Brandon is guilty of nothing under the law you cite.

  22. Reich, as has been pointed out elsewhere, the comparison between somebody’s house and a public server (that you as the provider have to take pains to make assessable) is a very poor one. This is more like information that you can’t modify, like signs on your front lawn. In the US at least, you can freely take photographs of “public-facing” property, as long as you are on a public space when you are doing so.

    Making a copy of data is more like photographing the front-facing part of somebody’s property, since you haven’t removed, damaged, defaced or otherwise modified the data you’ve accessed from a public-facing server.

    If the URL had been protected via a non-easily guessed hashing code then I would say Brandon was “on thin ice”. And simply because the files are on a webpage you can’t directly navigate to, tells you nothing about whether the author intended you to access them or not. If the pattern for the URL is obvious to work out, the data aren’t encrypted or marked in any way as confidential, then the default assumption should be “publicly assessable”.

    And since it’s so trivial to lock files up so they can’t be downloaded in such an easy fashion, one has to wonder about John Cook’s honesty that he and his associates are pointing fingers at Brandon instead of admitting error on his own part. It also tells me just what a poor quality the ethics of his supporters are that they’d rather blame other people than accept obvious statements of facts like “through gross incompetence and negligence on his part, Cook publicly released data he didn’t intend to release”,

  23. Reich

    So you are going around someone’s house trying every window if you can get in?

    Huh? So your approach is to bring up another claimed analogy? What brandon didn’t “try” every window to get “in”. What he did was more like looking at bulletin boards. Of course if you wish you can start suggesting what he did was “like” any number of illegal things it was not like. That’s not really going to turn what he did into something illegal.

    If somebody stopped you doing that you would say “freedom of speech” ?

    huh? Just “huh”?

    (Brandon needs to borrow my rule about rhetorical questions…)

  24. Reich.Eschhaus, posting six comments which each express a single thought with little time and no other comments between them is spamming. Please don’t do that again.

    As for your supposed evidence, I pointed out it doesn’t show what you claim it shows. If you want me to discuss it further, address what I said. Pretending to respond to me while not addressing anything I say, especially while spamming, means I’ll probably just ignore you.

  25. lucia, I’m fine with unanswered rhetorical questions. I’ll encourage people to point out when they’re misused, but I’m not going to ban them. There are about a hundred other rules I’d want to implement first. Especially since I like using rhetorical questions!

    On the issue at hand, one thing to remember is Collin Maessen and others at that page aren’t accusing me of hacking for what I did with the http://www.sksforum.org site. They specifically refer to my access to data I say I knew wasn’t supposed to be publicly available. That is in reference to my actions with http://www.secretdomain.org. For that site, all I did was try a list of URLs I had collected. That’s it.

    According to their position, I could have released (unsanitized version of) the list I provided in this post, and you would have been hacking had you used a URL that led to the data.

  26. Brandon,
    On the rhetoricals– yeah. I get your point. But Reich is managing to demonstrate all the negatives of rhetoricals with that one. I mean… huh? I don’t have a clue what point he was even trying to make with “the question”. I don’t think he intended for it to be answered and I don’t know what any answer would prove!

    One thing is that collin at least has clarified that whatever ‘illegal’ thing he thinks happened was at the “secretdomain.org” and not sksforum.org. That at least brings us to a level of clariity. Eli was just having it be “some site”. So: yes. whatever issue he thinks exist is not the crawling. And yes, apparantly, if someone came across those links elsewhere, their access would be “unauthorized” even though all links were totally, completely publicly accessible to anyone who clicked. If I’m groking the notion, this is because somewhere one some location, someone said they didn’t want people to look at the data on the page they posted publicly. That argument hasn’t survived in court cases using CFAA. There are cases in TX where a guy tried to prevent the police for using data his dog-walker found– and that argument didn’t pass. It’s not the law anywhere.

    The stuff was posted by the person who owed “secretdomain.org” and “secretdomain.org” was totally accessible to the public. This is not a tough call.

  27. lucia, I’m sure he could have been just incoherent without the rhetorical question 😛

    By the way, I’m pretty sure Collin Maessen’s argument is the same one the Skeptical Science group as a whole is relying on. It’s definitely the same position as the University of Queensland’s in their letter to me, which presumably originated from John Cook.

    If so, that’d seem to mean the entire Skeptical Science group is claiming accessing a page is hacking if that page has material you know they don’t want you to see.

  28. That ‘theory’ has been tried in court! A company who didn’t ‘want’ their competitor to crawl and see their prices wanted to sue under CFAA and the judge told them to pound sand. And that judge said he knew perfectly well that “crawler company” would “know” “crawled” company didn’t ‘want’ t be crawled. The Craigslist/3Taps experience is similar. So are all the scads of companies trying to get people for TOS violations. Unless there is a “barrier” (password, atm card, fingerprint reader etc.), the uri is clearly an attack pattern, or someone actually deletes, destroys, uploads viruses or some such, the courts see things as ‘authorized’.

    Of course, maybe they could get lucky and find a friendly judge and the case could drag out. That happens– and it’s a risk. But their theory is not the one the courts have been following in the US and I haven’t read courts elsewhere following it either. These things are reported. Plus, they can’t find cases that show their theory! All they do is find someone who crawled or accessed, and then ignore other key things the person did!

    The Illinois case someone over there brought up…. Did they notice the ex-wife entered her ex-husbands user name/ password combo? That matters. She didn’t just find a public facing web page where he had stupidly ‘archived’ his email. Of course if she’d found such a thing and recognized it was his email she’d still “know” that her ex-hubby who she was arguing about child support with would not want her to read that. But doing so would not be a violation of Illinois’s statue because he posted it in public. (There have been similar cases in divorce courts. There have been 4th amendment cases. If someone puts data on a computer or network someone else has access too… then access to that data is authorized. These things generally don’t make it very far upstream because the person with that theory is blocked at the *summary judgement* level before even getting to court!)

    Even in Weeve, there was a “barrier” — user agent blockage. The question is whether that ‘barrier’ is sufficient to even be access control. But no one brought a case with no “barrier”.

  29. Brandon:

    It’s definitely the same position as the University of Queensland’s in their letter to me, which presumably originated from John Cook.

    It’s amazing that anybody there trusts his judgement, especially on legal issues.

    the entire Skeptical Science group is claiming accessing a page is hacking if that page has material you know they don’t want you to see.

    …and without any indication from them you don’t want them to see the page. That’s just brilliant.

  30. Carrick, I still want to know what forensic investigation they carried out. They specifically said they, the University of Queensland, carried one out. Based upon that, it was determined I hacked the server.

    I don’t know how that could possibly be true unless they just took John Cook’s “investigation” as their own.

  31. Brandon–

    I don’t know how that could possibly be true

    Maybe Cook sent them all the apache logs from that server in Texas and they saw that requests were submitted to ‘secretdomain.com’ which resulted in some http 403 responses and some http 200 responses. Voila: hacking! 🙂

  32. lucia, I forgot to comment on the best part. Most of the links on the page I came across don’t contain any sensitive information. There were nearly 40 links, and off the top of my head, I think four directed you to sensitive information.

    So if even ~10% of the links on a page go to data you’re supposed to know people don’t want you to see, it is apparently hacking to go to that page…?

  33. Brandon,
    Even though they might now what is on the page, you don’t know what’s on a particular page until after you’ve seen it. Their ‘legal’ theory seems to involve your knowing which pages contain data that you will somehow “recognize” as ‘not public’ before you’ve even loaded those pages.

  34. “This is entirely incorrect. Judges are not Magi, superior in understanding to ordinary intelligent non-judges. Judges, at a non-jury trial, enforce the criminal laws as written, according to the plain meaning of the words used in the statute and as informed by the Rule of Lenity. To adjudicate a defendant guilty of breaking a particular law, that judge must determine that there are facts known to be true beyond a reasonable doubt which support each element of the crime as written in the statute. Judges are bound to apply the law as written, not as they wish.”

    Yes and no. Judges have to decide according to the law. However, when the law says that taking data is illegal when the one taking the data knew that he/she was not supposed to have access to the data, then it is up to the judges to decide when that is the case and when that is not the case. After several judgements a pattern will appear that people can use for knowing if they are on the safe side or not.

  35. “If the URL had been protected via a non-easily guessed hashing code then I would say Brandon was “on thin ice”. And simply because the files are on a webpage you can’t directly navigate to, tells you nothing about whether the author intended you to access them or not. If the pattern for the URL is obvious to work out, the data aren’t encrypted or marked in any way as confidential, then the default assumption should be “publicly assessable”.”

    That’s the point. Several laws says that if the one that manages to access the data knows that the data were not meant for him/her to access, then he/she is behaving against the law.

  36. “If doing something is absolutely legal it’s generally legal whether you do it once or a thousand times.”

    Try checking 1000s of windows if you can get in. See what happens. The rest you said above is irrelevant to what I am trying to say. I don’t need your sophistry.

  37. Brandon, I hope answering comments to me one after another does not equal spamming in your definition.

  38. Reich.Eschhaus, you can respond to more than one comment in a given comment. There is no reason to spread your thoughts so much. Doing so is spamming.

    If you want to break up comments because they’re getting too long, that’s fine. If you want to break them up because they address entirely different issues, that’s fine too. What isn’t fine is consistently posting multiple short and related thoughts in individual comments one after another.

    If you insist on posting comments in that style, take a break between them. Otherwise, combine related thoughts into single comments.

  39. “On the issue at hand, one thing to remember is Collin Maessen and others at that page aren’t accusing me of hacking for what I did with the http://www.sksforum.org site. They specifically refer to my access to data I say I knew wasn’t supposed to be publicly available. ”

    Yes, that’s the point. Good you see the point. If it is not meant for you don’t access it and don’t spread it (makes it a worse offense). Some countries have legislation against that. Where you live may not have that, in that case don’t worry about legal consequences.

    However, do consider why some western democracies have laws in place to forbid behavior what can be argued that you have done. Is it only a legal question or also an ethical question?

    I think I have made my point enough by now.

  40. “you can respond to more than one comment in a given comment. There is no reason to spread your thoughts so much. Doing so is spamming.”

    Agreed. Guilty again by this one…

  41. Reich.Eschhaus, you may have made your point in the sense people know what you’re claiming, but you haven’t made a case. You haven’t offered a single source which supports what you say. The only sources you have offered fail to support your argument in any way.

    If you want to leave it at that, you can. It’ll just mean nobody will believe what you’ve said.

  42. “Reich.Eschhaus, you may have made your point in the sense people know what you’re claiming, but you haven’t made a case. You haven’t offered a single source which supports what you say. The only sources you have offered fail to support your argument in any way.”

    What? I argued things, and I supplied links that show what I claimed is true. Did you actually follow the argument and the thread?

  43. Reich:

    I supplied links that show what I claimed is true.

    More like you supplied links that showed what you claimed was either false or unsubstantiated. That’s “sophistry” btw.

  44. Reich.Eschhaus
    June 11, 2014 at 7:05 pm
    You said, ”What? I argued things, and I supplied links that show what I claimed is true. Did you actually follow the argument and the thread?”

    You have not supplied links to any law that states it is a crime to look at, or copy from, a website which is not protected in anyway from casual browsers, or for that matter Google’s spiders.. The data which Brandon found was wide open to anyone on the web.

    Here is an example. I have just posted this comment on the web, but I forbid you to read it or copy it.

  45. “You have not supplied links to any law that states it is a crime to look at, or copy from, a website which is not protected in anyway from casual browsers, or for that matter Google’s spiders.. The data which Brandon found was wide open to anyone on the web.”

    No, I didn’t. It was not my point. What’s your’s?

  46. “More like you supplied links that showed what you claimed was either false or unsubstantiated. That’s “sophistry” btw.”

    You clearly do not know what sophistry means. I am happy to help you.

  47. Reich.Eschhaus
    June 11, 2014 at 7:22 pm

    I guess I am too dim to understand your point. I thought you were making the point that it is your opinion that Brandon committed a crime when copying the date because, “If it is not meant for you don’t access it and don’t spread it (makes it a worse offense)” and then asserted that “Some countries have legislation against that.” But the only law to which you linked does not say that and therefore does not apply to the circumstances pertinent to Brandon’s conduct. Perhaps if you use smaller words and shorter sentences I could understand.

  48. One definition of sophistry is “the use of reasoning or arguments that sound correct but are actually false”. Reich provided links to law that purported supported his arguments. But as we all have noticed, these links at best do not substantiate what Reich claims.

    I would personally call this use of links to falsely prop up ones arguments “sophistry.”

  49. Reich: You may as well say, ‘driving on the wrong side of the road is illegal’ because what you are saying has the same merit.

    Accessing information that is accidentally, unintentionally, intentionally or any other way in the public domain is not illegal. if you think it is then fair enough – by the way I did not intend for you to read this, therefore you have broken the law.

  50. I see the same names on many of these blogs. I wonder if the entire population of people interested in global warming, for or against the “consensus”, could be numbered in the dozens? Meanwhile for 7 billion people life goes on not really caring either way.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s