Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

That's a clear violation of the CFAA. This crime carries prison time. How come they threw teenagers in prison but not the people responsible for doing it en mass?


There are a different set of laws for me and you. Corporations and CEOs play by their own rules.


How is this a violation against the CFAA?


Unauthorized network access? Literally the whole point of the thing.


I would argue the point was the opposite. It began with a request for authorization.


I don't see how this is any different than walking into a building and telling the concierge you're a maintenance worker.


Because the IoT devices are invited, EULA and all. You aren't invited just because you walked in.


Most people I know never invited network scanning. They were surprised by a Trojan holding their new TV hostage though (if they even noticed.)


The illegal part there isn't requesting access it's lying about being a maintenance worker to gain access.


Consent is tricky. Many people are not aware of what they are giving authorization to. That would make it uninformed consent. Add dark patterns in and I think it is easy to say that some people are not only unaware of what they are authorizing, but purposefully being misled.

Let's be real, most people are tech illiterate. If someone can't read a contract and there is no one there to explain it to them, then they are not engaging in informed consent.

Of course we have to ask if this is ethical or not. But let's not boil the conversation down to "we asked, so it is right." One side is arguing that the person didn't give informed consent and the other side is arguing that consent was given simply because a button was pressed.

It's honestly an ethical discussion of if this is right or not.


> It began with a request for authorization.

Yes, by asking someone who doesn't have permission to give that authorization to do so.


What access controls are being bypassed?


Wait, so using a program like wireshark to scan a network is illegal in and of itself??

I thought you had to use the information nefariously for there to be a crime.

How can receiving broadcasts be illegal?


Wireshark is passively listening on incoming traffic, so no.

Running tools like nmap have gotten people in trouble though, and it varies by country.

https://nmap.org/book/legal-issues.html


If it's a clear violation maybe sue them for breaching your network?


I don't even have non-free mobile OSes on my network much less this.


Because people blindly accept terms of service.


It's not people's fault that terms of service are intentionally designed to be as long-winded as possible if you want any hope of using a product or service.


Team of lawyers and psychologists vs teach illiterate user. Seems like a fair fight to me.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: