Websites and tools that have sprung up to check whether servers are vulnerable to OpenSSL's mega-vulnerability Heartbleed have thrown up anomalies in computer crime law on both sides of the Atlantic.
Both the US Computer Fraud and Abuse Act and its UK equivalent the Computer Misuse Act make it an offence to test the security of third-party websites without permission.
Full Article
Interesting but I cannot somehow see vast amounts of people dragged before the courts.
While that is a concern.... I think in this case it will be forgiven when used for the purpose of determining if safe to change password information.
Also... I am pretty sure that any company that chooses to press criminal charges against its users who are attempting to make sure that their login and other data is now secure is likely to end up with no customers. I certainly will cease dealing with any website that does that.
🙂
Also... I am pretty sure that any company that chooses to press criminal charges against its users who are attempting to make sure that their login and other data is now secure is likely to end up with no customers. I certainly will cease dealing with any website that does that.
🙂
That is it really. For a company to press charges could well end up being a huge own goal for them.
Yeah, they'd get hit by the Streisand Effect for sure.
And here we have browser plug-ins arriving to scan for vulnerable sites Free Heartbleed-Checker Released for Firefox Browser
So there could in theory be millions brought before the courts.
:@
So there could in theory be millions brought before the courts.
:@
Whether it is illegals or not this site may be of interest for those that do want to test out URLs:
http://filippo.io/Heartbleed/
Give it a try...you may find it useful.
REgards
Baldrick
http://filippo.io/Heartbleed/
Give it a try...you may find it useful.
REgards
Baldrick
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.