> Is there a real concern that someone will take you to court for that?
I think the concern is more along drawing a bright line between black hat and white hat.
Researchers have to do stuff which is borderline illegal; at least it's sometimes tricky to know if they're breaking any laws. Thus, they'll create a set of clear and easy to understand rules and work to those, which means that they reduce their risk of legal action.
"Don't fight abuse with abuse" is (at least was) very common phrase. That's pretty good idea, when some people aren't capable of knowing who the bad person is. We don't want denial of service attacks against innocent people.
Having said that, it's annoying as hell that ISPs don't do more to stop this kind of thing.
I think the concern is more along drawing a bright line between black hat and white hat.
Researchers have to do stuff which is borderline illegal; at least it's sometimes tricky to know if they're breaking any laws. Thus, they'll create a set of clear and easy to understand rules and work to those, which means that they reduce their risk of legal action.
"Don't fight abuse with abuse" is (at least was) very common phrase. That's pretty good idea, when some people aren't capable of knowing who the bad person is. We don't want denial of service attacks against innocent people.
Having said that, it's annoying as hell that ISPs don't do more to stop this kind of thing.