a thoughtful web.
Good ideas and conversation. No ads, no tracking.   Login or Take a Tour!
comment by mk

    Accessing them from Uber’s protected computers requires a unique security key that is not intended to be available to anyone other than certain Uber employees, and no one outside of Uber is authorized to access the files.

"authorized" is a funny word choice here. I don't work for Uber, so AFAIK authorization doesn't apply.





user-inactivated  ·  3562 days ago  ·  link  ·    ·  

when people use the word "authorized" in the context of computer systems, especially lawyers, they're not talking about the possibility of reprimand from your boss, they're talking about the Computer Fraud and Abuse Act, which has been interpreted by courts to mean that you need explicit permission granted by the owner of a computer even to access data served unsecured on the open internet.

and no, 200 OK doesn't count as explicit permission. it doesn't matter who you are or who you work for or what set of entirely legitimate keys you may have, explicit authorization outside the system always applies if you don't want to catch a felony.

mk  ·  3562 days ago  ·  link  ·  

Interesting.

http://en.m.wikipedia.org/wiki/Protected_computer

    The definition of "protected computer" includes government computers, financial institution computers, and any computer "which is used in interstate or foreign commerce or communications."

That's some serious bullshit right there. Any computer connected to the internet is a 'protected computer'. So it seems that you all are trespassing on Hubski the moment I decide it to be so.

And look at this:

    (B) which is used in interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States.

Even if I move our servers to Amsterdam, the bullshit still applies.

Thanks for the education.

blackbootz  ·  3563 days ago  ·  link  ·  

Reminds me of the addendum at the bottom of any email from a doctor's office,

    "Information in this transmission is intended only for the person(s) to whom it is addressed and may contain privileged and/or confidential information. If you are not the intended recipient, any disclosure, copying or dissemination of the information is unauthorised and you should delete/destroy all copies and notify the sender."