
Hacking Laws are Silly, don't click this link - tuxloper
https://breakthelaw.xyz/
======
eridius
The poll on the "What is this?" page is pretty stupid.

Legal Poll:

Is it illegal to walk into someone else's home uninvited if the door is wide
open?

No door, no locks, no guard dog, no "no trespassers" sign at all. Is walking
into someone else's house illegal?

\---

This isn't precisely the same situation, but it's pretty close. Regarding the
actual poll (accessing a completely open MongoDB database), the question I
have for you is how did you find that database? If someone posted a link to it
saying "hey here's my database, feel free to take a look" then by all means go
look at it. If you go portscanning the internet and find the database, it
probably wasn't intended for you to access it.

> _It 's important to understand where the lines are, is it illegal for a
> security researcher to stumble across a completely unsecured database? And
> then view the records in it?_

Stumbling across it is fine. Once they know it's there, why does this
"security researcher" need to go snooping through the actual data?

Even when attacking a system that has a real bug bounty and invites security
researchers to access it, the rules generally prohibit actually poking around
customer data. Once you verify that you are capable of accessing the data,
that's where you stop, you don't _actually look at it_.

~~~
shiveringking
> No door, no locks, no guard dog, no "no trespassers" sign at all. Is walking
> into someone else's house illegal?

I believe that in the UK, trespassing isn't actually illegal[0] (but
aggravated trespassing is).

0: [https://greenandblackcross.org/guides/laws/5-trespass-
aggrav...](https://greenandblackcross.org/guides/laws/5-trespass-aggravated-
trespass/)

------
exabrial
> if (counter == 34) { $("#messages").append(invite) }

You could at least made it 42

~~~
kirkules
Maybe the reference to rule 34 was more appealing?

------
bhjvghvghvghk
UK's Computer Misuse Act of 1990

