I don't get it, they're demanding computer crime law reform by doing something that obviously is and should be illegal?
EDIT: Now it's unclear to me whether Anonymous placed the spreadsheet on the .gov server, or they simply found it and exposed it. If it's the latter then it makes more sense, but I suspect it's the former.
>Now it's unclear to me whether Anonymous placed the spreadsheet on the .gov server, or they simply found it and exposed it.
Consider the ".gov" URL that this was hosted at. If Anonymous had just found and exposed this, we'd have to accept a high likelihood that the Alabama Criminal Justice Information Center (a state government agency that appears to have nothing to do with banking) not only has information from bank executives across the US, but that they hosted it on their website under the filename "oops-we-did-it-again.html."
Should it be illegal? They shared a public link to a spreadsheet exposed on a .gov address. If anything, it's the owner of that .gov address that needs to get in trouble for placing sensitive documents in a publicly accessible location.
I think I read that differently. I read it that they gathered the data, put together the spreadsheet and hosted on a .gov address. Is there an article that is more clear about that?
> doing something that obviously is and should be illegal?
I guess it depends on the intent of making something illegal. If the intent is to improve on the security of the internet, then making these kinds of acts illegal will not have any change on the actual security of the internet.
My feeling is that holding people responsible for an insecure system would be a better motivator for improving computer security: the opposite of what is happening now.
Just because a door is unlocked doesn't mean you have the right to enter someone's home.
Perhaps there's some middle ground where if someone responsibly discloses the vulnerability to the owner, doesn't acquire any more data than necessary, destroys any data they do acquire, and doesn't attempt to profit from it (aside from collecting a legitimate bounty etc) they would be immune from prosecution.
I'm not sure what that law would look like or if it's even feasible.
> Just because a door is unlocked doesn't mean you have the right to enter someone's home.
I didn't mention rights. I am simply pointing out that if you want to remove the risk of someone entering your home because the door was unlocked, then it might be better to make someone responsible to lock the door in your house than going through some legal process to remove the person from your house.
In fact, if the act of the person accidentally walking into your house, though an unlocked door, resulted in extreme embarrassment to yourself, then you may also be inclined to use/extend/take advantage of the legal system to hide that embarrassment.
I'm not arguing that this is an effective strategy, but the standard argument against radical action simply doesn't hold water. Even terrorism (or what was labelled as such) has more often then not had the long term effect of putting reforms on the agenda.
EDIT: Now it's unclear to me whether Anonymous placed the spreadsheet on the .gov server, or they simply found it and exposed it. If it's the latter then it makes more sense, but I suspect it's the former.