> doing something that obviously is and should be illegal?
I guess it depends on the intent of making something illegal. If the intent is to improve on the security of the internet, then making these kinds of acts illegal will not have any change on the actual security of the internet.
My feeling is that holding people responsible for an insecure system would be a better motivator for improving computer security: the opposite of what is happening now.
Just because a door is unlocked doesn't mean you have the right to enter someone's home.
Perhaps there's some middle ground where if someone responsibly discloses the vulnerability to the owner, doesn't acquire any more data than necessary, destroys any data they do acquire, and doesn't attempt to profit from it (aside from collecting a legitimate bounty etc) they would be immune from prosecution.
I'm not sure what that law would look like or if it's even feasible.
> Just because a door is unlocked doesn't mean you have the right to enter someone's home.
I didn't mention rights. I am simply pointing out that if you want to remove the risk of someone entering your home because the door was unlocked, then it might be better to make someone responsible to lock the door in your house than going through some legal process to remove the person from your house.
In fact, if the act of the person accidentally walking into your house, though an unlocked door, resulted in extreme embarrassment to yourself, then you may also be inclined to use/extend/take advantage of the legal system to hide that embarrassment.
I guess it depends on the intent of making something illegal. If the intent is to improve on the security of the internet, then making these kinds of acts illegal will not have any change on the actual security of the internet.
My feeling is that holding people responsible for an insecure system would be a better motivator for improving computer security: the opposite of what is happening now.