If you're a robot that's true, but you're probably not a robot.
The law leans on the word "reasonable" all the time, simply because there are plenty of situations where humans can make an obvious judgement call.
If a publicly accessible URL contains obviously priveleged information, as an adult you know that it is a "door that has been left open accidentally". That doesn't mean you're free to walk in and take what you want. If you're neighbourly, you may want to let them know their door is open. People should feel safe from litigation if they do that, but I don't see why you should feel like you can do whatever you want just because there's a 200.
> The law leans on the word "reasonable" all the time
Far too often in my estimation, and in the wrong places.
> If you're neighbourly, you may want to let them know their door is open.
Agreed. But failing to be neighbourly is not a reasonable criminal offence.
> but I don't see why you should feel like you can do whatever you want just because there's a 200.
To turn things around: Why not hold AT&T liable? Why not issue a 403?
I agree that weez was "un-neighbourly," but at the end of the day, the protocol was the only contractual arrangement in place at that moment. It's just maddening to me to imagine that this can be regarded as criminal conduct.
If the Goatse security guys had discovered the exploit, shrugged and ignored it then absolutely nothing would have happened.
They chose to write scripts, pull all the data, send it to Gawker, etc. There's no question that they knew what they were doing is wrong (because of the IRC logs) so you don't even need a judge to decide what was reasonable.
The law leans on the word "reasonable" all the time, simply because there are plenty of situations where humans can make an obvious judgement call.
If a publicly accessible URL contains obviously priveleged information, as an adult you know that it is a "door that has been left open accidentally". That doesn't mean you're free to walk in and take what you want. If you're neighbourly, you may want to let them know their door is open. People should feel safe from litigation if they do that, but I don't see why you should feel like you can do whatever you want just because there's a 200.